Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

AWS Default Roles Expose Cloud to Attacks

April 30, 2025
Reading Time: 2 mins read
in Alerts
Apple AirPlay Bugs Expose Devices to Attacks

Security researchers uncovered major flaws in default IAM roles used by AWS services like SageMaker, Glue, EMR, and Ray. These roles often grant excessive permissions such as AmazonS3FullAccess, exposing services to privilege escalation and full account takeover. Designed for ease of setup, these configurations unintentionally create hidden attack paths. These attack paths allow lateral movement and manipulation of other services across AWS environments.

Many AWS services rely on S3 to store important files like templates and scripts with predictable names.

Attackers can use full S3 access to read, write, and manipulate these critical files. In one example, a malicious Hugging Face model was used to deploy code that searched for Glue buckets. The code planted backdoors to steal credentials and enable further exploitation.

Another scenario showed how modifying CloudFormation templates allowed escalation to administrator privileges. Ray, an open-source project, also includes full S3 access in its default role. Compromising a Ray EC2 instance could expose all S3-based services within an account.

Similar risks are present in infrastructure-as-code tools like Terraform and Python libraries that use insecure default roles.

AWS reacted by limiting permissions in default roles for SageMaker, Glue, and EMR and updated documentation. Ray has not addressed these concerns yet. Security teams must audit IAM roles and restrict permissions to only what is necessary. Regular monitoring and avoiding broad access policies are key to securing AWS environments.

Reference:
  • AWS Default Roles Exposed Critical Flaws Allowing Full Account Compromise
Tags: April 2025Cyber AlertsCyber Alerts 2025CyberattackCybersecurity
ADVERTISEMENT

Related Posts

Hackers Revive SEO Poisoning

Hackers Revive SEO Poisoning

July 10, 2025
Hackers Revive SEO Poisoning

RondoDox Botnet Exploits Router Flaws

July 10, 2025
Hackers Revive SEO Poisoning

ServiceNow Data Exposure via ACLs

July 10, 2025
Hackers Use Leaked Shellter License Malware

Windows BitLocker Vulnerability Flaw

July 9, 2025
Hackers Use Leaked Shellter License Malware

Hackers Use Leaked Shellter License Malware

July 9, 2025
Hackers Use Leaked Shellter License Malware

Anatsa Android Trojan Targets 90K Users

July 9, 2025

Latest Alerts

RondoDox Botnet Exploits Router Flaws

ServiceNow Data Exposure via ACLs

Hackers Revive SEO Poisoning

Windows BitLocker Vulnerability Flaw

Anatsa Android Trojan Targets 90K Users

Hackers Use Leaked Shellter License Malware

Subscribe to our newsletter

    Latest Incidents

    Bitcoin Depot Breach Exposes Data

    McDonald’s AI Hiring Bot Exposes Data

    Nippon Steel Solutions Data Breach

    Norwegian Municipalities Hit by Data Breach

    Credit Reports Breached And Sold On Dark Web

    Recruiting Software Exposed 26M Resumes

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial