whoAMI name confusion attacks can expose AWS accounts to malicious code execution

1 min read

Amazon Web Services

whoAMI name confusion attacks can expose AWS accounts to malicious code execution

February 14, 2025

vm_admin

If the “owners” attribute is omitted when searching for an AMI, the researchers noted, AWS may return results that include public community AMIs from any account. Attackers can exploit this by publishing a malicious AMI with a matching…

Article Source
https://www.csoonline.com/article/3825098/whoami-name-confusion-attacks-can-hack-into-aws-accounts-for-code-execution.html

whoAMI name confusion attacks can expose AWS accounts to malicious code execution

More From Author

Weekly news roundup: Semiconductor business like DeepSeek may emerge in China; Intel Japan chair defends Gelsinger strategies

How DeepSeek erased Silicon Valley’s AI lead and wiped $1 trillion from U.S. markets

CoreWeave: An AI Play With Too Many Questions (NASDAQ:CRWV)

TikTok app returns to Apple and Google stores

Honoring Cisco Networking Academy Partners Around the Globe – StreetInsider.com

Listen to the Podcast Overview

Watch the Keynote

Share this:

Listen to the Podcast Overview

Watch the Keynote