CSOonline

AWS’ Inspector offers vulnerability management for Lambda serverless functions

Amazon Web Services has announced AWS Lambda serverless function support for its automated vulnerability management service, Amazon Inspector, and a new automated sensitive data discovery capability ...
Hosted on MSN

Critical AWS supply chain vulnerability could have let hackers take over key GitHub repositories

Wiz discovered AWS CodeBuild misconfiguration enabling unauthorized privileged builds, dubbed “CodeBreach.” Flaw risked exposing GitHub tokens and enabling supply chain attacks across AWS projects AWS ...
Diginomica

AWS outage, Log4j vulnerability provides harsh lessons in unknown dependencies

The recent AWS outage(s) and Log4j security holes should lead to enterprises drawing some broader lessons about dealing with complexity and dependencies in modern IT environments. In what is becoming ...
Dark Reading

Session Takeover Bug in AWS Apache Airflow Reveals Larger Cloud Risk

A vulnerability in Amazon Web Services' (AWS) Managed Workflows for Apache Airflow (MWAA) could have allowed hackers to access users' sessions, perform remote code execution (RCE), move laterally ...