Massive Security Flaws In Amazon Cloud

A security flaw has been found in Amazon’s Cloud service allowing hackers to potentially take control of the administrative rights of several customers hosted by Amazon.

“Using different kinds of XML signature wrapping attacks, we succeeded in completely taking over the administrative rights of cloud customers,” said RUB researcher Juraj Somorovsky in a statement. “This allowed us to create new instances in the victim’s cloud, add or delete images.”



4 thoughts on “Massive Security Flaws In Amazon Cloud

    • Most of them don’t. The general rule of thumb is to contact the developer with the flaw first. And if they don’t fix it in a reasonable time frame, release it publicly. It’s usually fixed shortly after going public.

    • Cloud storage needs just as much security as a physical data store. However security is only as strong as the customer will allow it to be.

Comments are closed.