{"id":974,"date":"2024-08-23T09:48:18","date_gmt":"2024-08-23T08:48:18","guid":{"rendered":"https:\/\/edwardsnet.org\/?p=974"},"modified":"2024-08-23T09:48:21","modified_gmt":"2024-08-23T08:48:21","slug":"aws","status":"publish","type":"post","link":"https:\/\/edwardsnet.org\/index.php\/aws\/","title":{"rendered":"AWS Configuration Issue Could Expose Thousands of Web Apps"},"content":{"rendered":"\n<p><strong>A VULNERABILITY RELATED<\/strong>\u00a0to Amazon Web Service&#8217;s traffic-routing service known as Application Load Balancer could have been exploited by an attacker to bypass access controls and compromise web applications, according to new research. The flaw stems from a customer implementation issue, meaning it isn&#8217;t caused by a software bug. Instead, the exposure was introduced by the way AWS users set up authentication with Application Load Balancer.<\/p>\n\n\n\n<p>Implementation issues are a crucial component of cloud security in the same way that the contents of an armoured safe aren&#8217;t protected if the door is left ajar. Researchers from the security firm Miggo\u00a0found\u00a0that, depending on how Application Load Balancer authentication was set up, an attacker could potentially manipulate its handoff to a third-party corporate authentication service to access the target web application and view or exfiltrate data.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.wired.com\/story\/aws-application-load-balancer-implementation-compromise\/\">>> More<\/a><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A VULNERABILITY RELATED\u00a0to Amazon Web Service&#8217;s traffic-routing service known as Application Load Balancer could have been exploited by an attacker to bypass access controls and compromise web applications, according to new research. The flaw stems from a customer implementation issue, meaning it isn&#8217;t caused by a software bug. Instead, the exposure was introduced by the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":938,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,4],"tags":[15,20],"class_list":["post-974","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-business-news","category-computer-news","tag-business","tag-computer"],"aioseo_notices":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>AWS Configuration Issue Could Expose Thousands of Web Apps - Kevin Edwards<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/edwardsnet.org\/index.php\/aws\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"AWS Configuration Issue Could Expose Thousands of Web Apps - Kevin Edwards\" \/>\n<meta property=\"og:description\" content=\"A VULNERABILITY RELATED\u00a0to Amazon Web Service&#8217;s traffic-routing service known as Application Load Balancer could have been exploited by an attacker to bypass access controls and compromise web applications, according to new research. The flaw stems from a customer implementation issue, meaning it isn&#8217;t caused by a software bug. Instead, the exposure was introduced by the [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/edwardsnet.org\/index.php\/aws\/\" \/>\n<meta property=\"og:site_name\" content=\"Kevin Edwards\" \/>\n<meta property=\"article:published_time\" content=\"2024-08-23T08:48:18+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-23T08:48:21+00:00\" \/>\n<meta name=\"author\" content=\"Content Administrator\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@titanatlascouk\" \/>\n<meta name=\"twitter:site\" content=\"@titanatlascouk\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Content Administrator\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/aws\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/aws\\\/\"},\"author\":{\"name\":\"Content Administrator\",\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/#\\\/schema\\\/person\\\/9a6dceb8410d87c7aa7ab921f11b323c\"},\"headline\":\"AWS Configuration Issue Could Expose Thousands of Web Apps\",\"datePublished\":\"2024-08-23T08:48:18+00:00\",\"dateModified\":\"2024-08-23T08:48:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/aws\\\/\"},\"wordCount\":149,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/#\\\/schema\\\/person\\\/9a6dceb8410d87c7aa7ab921f11b323c\"},\"image\":{\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/aws\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/edwardsnet.org\\\/wp-content\\\/uploads\\\/image-6.png\",\"keywords\":[\"business\",\"computer\"],\"articleSection\":[\"Business News\",\"Computer News\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/aws\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/aws\\\/\",\"url\":\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/aws\\\/\",\"name\":\"AWS Configuration Issue Could Expose Thousands of Web Apps - Kevin Edwards\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/aws\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/aws\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/edwardsnet.org\\\/wp-content\\\/uploads\\\/image-6.png\",\"datePublished\":\"2024-08-23T08:48:18+00:00\",\"dateModified\":\"2024-08-23T08:48:21+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/aws\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/aws\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/aws\\\/#primaryimage\",\"url\":\"https:\\\/\\\/edwardsnet.org\\\/wp-content\\\/uploads\\\/image-6.png\",\"contentUrl\":\"https:\\\/\\\/edwardsnet.org\\\/wp-content\\\/uploads\\\/image-6.png\",\"width\":976,\"height\":549},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/aws\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/edwardsnet.org\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AWS Configuration Issue Could Expose Thousands of Web Apps\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/#website\",\"url\":\"https:\\\/\\\/edwardsnet.org\\\/\",\"name\":\"Kevin Edwards\",\"description\":\"Technology &amp; Business Consultant\",\"publisher\":{\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/#\\\/schema\\\/person\\\/9a6dceb8410d87c7aa7ab921f11b323c\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/edwardsnet.org\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/edwardsnet.org\\\/#\\\/schema\\\/person\\\/9a6dceb8410d87c7aa7ab921f11b323c\",\"name\":\"Content Administrator\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c709a4f3f25e4233689d2827510cfc3c7eea39bc3b35ef86a48b8f98945a2589?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c709a4f3f25e4233689d2827510cfc3c7eea39bc3b35ef86a48b8f98945a2589?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c709a4f3f25e4233689d2827510cfc3c7eea39bc3b35ef86a48b8f98945a2589?s=96&d=identicon&r=g\",\"caption\":\"Content Administrator\"},\"logo\":{\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c709a4f3f25e4233689d2827510cfc3c7eea39bc3b35ef86a48b8f98945a2589?s=96&d=identicon&r=g\"},\"description\":\"Kevin Edwards - Corby, Kettering, Northamptonshire, Freelance IT Consultant and Business Consultant available for contract hire. 30 Years corporate experience of IT and Business scenarios.\",\"sameAs\":[\"https:\\\/\\\/edwardsnet.org\"],\"url\":\"https:\\\/\\\/edwardsnet.org\\\/index.php\\\/author\\\/sysadmin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"AWS Configuration Issue Could Expose Thousands of Web Apps - Kevin Edwards","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/edwardsnet.org\/index.php\/aws\/","og_locale":"en_GB","og_type":"article","og_title":"AWS Configuration Issue Could Expose Thousands of Web Apps - Kevin Edwards","og_description":"A VULNERABILITY RELATED\u00a0to Amazon Web Service&#8217;s traffic-routing service known as Application Load Balancer could have been exploited by an attacker to bypass access controls and compromise web applications, according to new research. The flaw stems from a customer implementation issue, meaning it isn&#8217;t caused by a software bug. Instead, the exposure was introduced by the [&hellip;]","og_url":"https:\/\/edwardsnet.org\/index.php\/aws\/","og_site_name":"Kevin Edwards","article_published_time":"2024-08-23T08:48:18+00:00","article_modified_time":"2024-08-23T08:48:21+00:00","author":"Content Administrator","twitter_card":"summary_large_image","twitter_creator":"@titanatlascouk","twitter_site":"@titanatlascouk","twitter_misc":{"Written by":"Content Administrator","Estimated reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/edwardsnet.org\/index.php\/aws\/#article","isPartOf":{"@id":"https:\/\/edwardsnet.org\/index.php\/aws\/"},"author":{"name":"Content Administrator","@id":"https:\/\/edwardsnet.org\/#\/schema\/person\/9a6dceb8410d87c7aa7ab921f11b323c"},"headline":"AWS Configuration Issue Could Expose Thousands of Web Apps","datePublished":"2024-08-23T08:48:18+00:00","dateModified":"2024-08-23T08:48:21+00:00","mainEntityOfPage":{"@id":"https:\/\/edwardsnet.org\/index.php\/aws\/"},"wordCount":149,"commentCount":0,"publisher":{"@id":"https:\/\/edwardsnet.org\/#\/schema\/person\/9a6dceb8410d87c7aa7ab921f11b323c"},"image":{"@id":"https:\/\/edwardsnet.org\/index.php\/aws\/#primaryimage"},"thumbnailUrl":"https:\/\/edwardsnet.org\/wp-content\/uploads\/image-6.png","keywords":["business","computer"],"articleSection":["Business News","Computer News"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/edwardsnet.org\/index.php\/aws\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/edwardsnet.org\/index.php\/aws\/","url":"https:\/\/edwardsnet.org\/index.php\/aws\/","name":"AWS Configuration Issue Could Expose Thousands of Web Apps - Kevin Edwards","isPartOf":{"@id":"https:\/\/edwardsnet.org\/#website"},"primaryImageOfPage":{"@id":"https:\/\/edwardsnet.org\/index.php\/aws\/#primaryimage"},"image":{"@id":"https:\/\/edwardsnet.org\/index.php\/aws\/#primaryimage"},"thumbnailUrl":"https:\/\/edwardsnet.org\/wp-content\/uploads\/image-6.png","datePublished":"2024-08-23T08:48:18+00:00","dateModified":"2024-08-23T08:48:21+00:00","breadcrumb":{"@id":"https:\/\/edwardsnet.org\/index.php\/aws\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/edwardsnet.org\/index.php\/aws\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/edwardsnet.org\/index.php\/aws\/#primaryimage","url":"https:\/\/edwardsnet.org\/wp-content\/uploads\/image-6.png","contentUrl":"https:\/\/edwardsnet.org\/wp-content\/uploads\/image-6.png","width":976,"height":549},{"@type":"BreadcrumbList","@id":"https:\/\/edwardsnet.org\/index.php\/aws\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/edwardsnet.org\/"},{"@type":"ListItem","position":2,"name":"AWS Configuration Issue Could Expose Thousands of Web Apps"}]},{"@type":"WebSite","@id":"https:\/\/edwardsnet.org\/#website","url":"https:\/\/edwardsnet.org\/","name":"Kevin Edwards","description":"Technology &amp; Business Consultant","publisher":{"@id":"https:\/\/edwardsnet.org\/#\/schema\/person\/9a6dceb8410d87c7aa7ab921f11b323c"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/edwardsnet.org\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":["Person","Organization"],"@id":"https:\/\/edwardsnet.org\/#\/schema\/person\/9a6dceb8410d87c7aa7ab921f11b323c","name":"Content Administrator","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/c709a4f3f25e4233689d2827510cfc3c7eea39bc3b35ef86a48b8f98945a2589?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/c709a4f3f25e4233689d2827510cfc3c7eea39bc3b35ef86a48b8f98945a2589?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c709a4f3f25e4233689d2827510cfc3c7eea39bc3b35ef86a48b8f98945a2589?s=96&d=identicon&r=g","caption":"Content Administrator"},"logo":{"@id":"https:\/\/secure.gravatar.com\/avatar\/c709a4f3f25e4233689d2827510cfc3c7eea39bc3b35ef86a48b8f98945a2589?s=96&d=identicon&r=g"},"description":"Kevin Edwards - Corby, Kettering, Northamptonshire, Freelance IT Consultant and Business Consultant available for contract hire. 30 Years corporate experience of IT and Business scenarios.","sameAs":["https:\/\/edwardsnet.org"],"url":"https:\/\/edwardsnet.org\/index.php\/author\/sysadmin\/"}]}},"_links":{"self":[{"href":"https:\/\/edwardsnet.org\/index.php\/wp-json\/wp\/v2\/posts\/974","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/edwardsnet.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/edwardsnet.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/edwardsnet.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/edwardsnet.org\/index.php\/wp-json\/wp\/v2\/comments?post=974"}],"version-history":[{"count":2,"href":"https:\/\/edwardsnet.org\/index.php\/wp-json\/wp\/v2\/posts\/974\/revisions"}],"predecessor-version":[{"id":976,"href":"https:\/\/edwardsnet.org\/index.php\/wp-json\/wp\/v2\/posts\/974\/revisions\/976"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/edwardsnet.org\/index.php\/wp-json\/wp\/v2\/media\/938"}],"wp:attachment":[{"href":"https:\/\/edwardsnet.org\/index.php\/wp-json\/wp\/v2\/media?parent=974"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/edwardsnet.org\/index.php\/wp-json\/wp\/v2\/categories?post=974"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/edwardsnet.org\/index.php\/wp-json\/wp\/v2\/tags?post=974"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}