Techly NewsGet the app

Get the latest tech news

An AWS Configuration Issue Could Expose Thousands of Web Apps


Amazon has updated its instructions for how customers should more securely implement AWS’s traffic-routing service known as Application Load Balancer, but it’s not clear everyone will get the memo.

Amazon Web Services says that the company does not view token forging as a vulnerability in Application Load Balancer because it is essentially an expected outcome of choosing to configure authentication in a particular way. But after the Miggo researchers first disclosed their findings to AWS at the beginning of April, the company made two documentation changes geared at updating their implementation recommendations for Application Load Balancer authentication. And on July 19, the company also added an explicit recommendation that users set their systems to receive traffic from only their own Application Load Balancer using a feature called “security groups.”

Get the Android app

Or read this on Wired

Read more on:

Photo of Thousands

Thousands

Photo of web apps

web apps

Related news:

News photo

Thousands of Corporate Secrets Were Left Exposed. This Guy Found Them All

News photo

PlaysOut will take thousands of Web3 mini-games to Telegram via TON blockchain

News photo

Cisco Slashes Thousands of Workers As It Announces Yearly Profit of $10.3 Billion

« Google has to face a class action lawsuit over Chrome’s data collection
Google Classroom comes back from summer break with a better approach to group projects »