|
|
|
|
|
|
by equinumerous
98 days ago
|
|
|
That was an amazing talk, thanks for sharing! I could see the writing on the wall as soon as I saw the bucket names were predictable. Bucket squatting + public buckets + time of check/time of use in the CloudFormation service = deploying resources in any AWS account with enough persistence. I'm surprised this existed in AWS for so long without being flagged by AWS Security. |
|
|