#AWS - muenchen.social - Die erste Mastodon Instanz für München

The New OilHackers target <a href="https://mastodon.thenewoil.org/tags/SSRF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSRF</a> bugs in <a href="https://mastodon.thenewoil.org/tags/EC2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EC2</a>-hosted sites to steal <a href="https://mastodon.thenewoil.org/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> credentials<a href="https://www.bleepingcomputer.com/news/security/hackers-target-ssrf-bugs-in-ec2-hosted-sites-to-steal-aws-credentials/" rel="nofollow noopener noreferrer" target="_blank">https://www.bleepingcomputer.com/news/security/hackers-target-ssrf-bugs-in-ec2-hosted-sites-to-steal-aws-credentials/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

lud<a href="https://social.tchncs.de/@Marcel_Gehlen" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Marcel_Gehlen</a> dann wollen wir, Deinen Hinweis einen groesseren Kreis kundtun. Wie das so geht, kennst Du sicher. Macht den <a href="https://social.tchncs.de/tags/eXit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#eXit</a> und den <a href="https://social.tchncs.de/tags/UnplugTrump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UnplugTrump</a> , d.h. u.a. verlasst die <a href="https://social.tchncs.de/tags/usServer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#usServer</a> der <a href="https://social.tchncs.de/tags/TechMillardaere" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechMillardaere</a> , wie z.B. <a href="https://social.tchncs.de/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> , <a href="https://social.tchncs.de/tags/apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apple</a> <a href="https://social.tchncs.de/tags/icloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#icloud</a> , <a href="https://social.tchncs.de/tags/MicroSoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MicroSoft</a> <a href="https://social.tchncs.de/tags/azure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#azure</a> , <a href="https://social.tchncs.de/tags/akamai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#akamai</a> , <a href="https://social.tchncs.de/tags/googleCloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#googleCloud</a> . Es gibt viele gute <a href="https://social.tchncs.de/tags/europeanAlternatives" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#europeanAlternatives</a> und einige bedenkliche <a href="https://social.tchncs.de/tags/euServer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#euServer</a> wie solche die AfD-Inhalte hosten : <a href="https://social.tchncs.de/tags/hetzner" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hetzner</a> wurde da genannt. Wer dort ist, sollte vielleicht mal nachdenken und -fragen.

Kal Feherprice reductions are good. but the drop in AUD to USD means this isnt a reduction for me at all. Also note that S3 E1Z is not found in many AWS regions.<a href="https://aws.amazon.com/blogs/aws/up-to-85-price-reductions-for-amazon-s3-express-one-zone/" rel="nofollow noopener noreferrer" target="_blank">https://aws.amazon.com/blogs/aws/up-to-85-price-reductions-for-amazon-s3-express-one-zone/</a> <a href="https://infosec.exchange/tags/aus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#aus</a> <a href="https://infosec.exchange/tags/aws" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#aws</a> <a href="https://infosec.exchange/tags/s3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#s3</a>

The New Oil<a href="https://mastodon.thenewoil.org/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> rolls out <a href="https://mastodon.thenewoil.org/tags/MLKEM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MLKEM</a> to secure <a href="https://mastodon.thenewoil.org/tags/TLS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TLS</a> from <a href="https://mastodon.thenewoil.org/tags/quantum" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#quantum</a> threats<a href="https://www.bleepingcomputer.com/news/security/aws-rolls-out-ml-kem-to-secure-tls-from-quantum-threats/" rel="nofollow noopener noreferrer" target="_blank">https://www.bleepingcomputer.com/news/security/aws-rolls-out-ml-kem-to-secure-tls-from-quantum-threats/</a><a href="https://mastodon.thenewoil.org/tags/cybesecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybesecurity</a> <a href="https://mastodon.thenewoil.org/tags/Amazon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Amazon</a>

UK<a href="https://www.europesays.com/uk/6968/" rel="nofollow noopener noreferrer" target="_blank">https://www.europesays.com/uk/6968/</a> QCon London: Mistakes People Make Building SaaS Software <a href="https://pubeurope.com/tags/Arts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Arts</a> <a href="https://pubeurope.com/tags/ArtsAndDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ArtsAndDesign</a> <a href="https://pubeurope.com/tags/AutomatedDeployment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AutomatedDeployment</a> <a href="https://pubeurope.com/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> <a href="https://pubeurope.com/tags/Culture" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Culture</a>&Methods <a href="https://pubeurope.com/tags/Design" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Design</a> <a href="https://pubeurope.com/tags/Entertainment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Entertainment</a> <a href="https://pubeurope.com/tags/QConLondon2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#QConLondon2025</a> <a href="https://pubeurope.com/tags/QconSaasSoftwareMistakes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#QconSaasSoftwareMistakes</a> <a href="https://pubeurope.com/tags/SaaS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SaaS</a> <a href="https://pubeurope.com/tags/UK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UK</a> <a href="https://pubeurope.com/tags/UnitedKingdom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UnitedKingdom</a>

Kal Fehersitting through a <a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> well architected session can be a real chore. But the advice is generally a good place to start. Esp in domains where your team might have low proficiency. so the updated advice is def worth a read. <a href="https://aws.amazon.com/about-aws/whats-new/2025/04/new-guidance-well-architected-tool" rel="nofollow noopener noreferrer" target="_blank">https://aws.amazon.com/about-aws/whats-new/2025/04/new-guidance-well-architected-tool</a>

Shaun HillsSay what you want about <a href="https://mastodon.nz/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> but the knowledge & communication skills of their support staff are top notch. Most of the rest of the industry could learn a thing or two.

LavX NewsExploiting SSRF Vulnerabilities: A New Threat to AWS EC2 InstancesA recent surge in targeted attacks has revealed a critical vulnerability in AWS EC2 instances, allowing hackers to exploit Server-Side Request Forgery (SSRF) flaws. This campaign not only highlights t...<a href="https://news.lavx.hu/article/exploiting-ssrf-vulnerabilities-a-new-threat-to-aws-ec2-instances" rel="nofollow noopener noreferrer" target="_blank">https://news.lavx.hu/article/exploiting-ssrf-vulnerabilities-a-new-threat-to-aws-ec2-instances</a><a href="https://mastodon.cloud/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://mastodon.cloud/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a> <a href="https://mastodon.cloud/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> <a href="https://mastodon.cloud/tags/SSRF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSRF</a> <a href="https://mastodon.cloud/tags/IMDSv2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IMDSv2</a>

WalkerSigh. Amazon AWS Glacier is great for long term storage. I just wish there was an easier way to delete old vaults. I understand the process, but it is still a pain to log into AWS, retrieve the inventory list, select the files to delete, then able to delete the old vault. A large vault will take a while to retrieve the inventory. Not a quick process. Not a simple or quick process. I wish there was a nuke vault button that would take care of this.<a href="https://infosec.exchange/tags/aws" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#aws</a> <a href="https://infosec.exchange/tags/glacier" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#glacier</a> <a href="https://infosec.exchange/tags/amazon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#amazon</a>

Kacper Bak<a href="https://mastodon.social/@Erklaerbaer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Erklaerbaer</a> <a href="https://social.tchncs.de/@kuketzblog" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@kuketzblog</a> Danke für den Artikel, dieser fasst die Herausforderungen im <a href="https://fosstodon.org/tags/SovereignCloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SovereignCloud</a> Bereich wirklich gut und belegt zusammen. <a href="https://fosstodon.org/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> will bis Ende 2025 eine vollständig autonome Region in Deutschland anbieten. Ich bin gespannt auf das Ergebnis, ist nicht der erste Hyperscaler der so etwas in DE versucht. Die Service-Auswahl sieht schon mal gut aus: <a href="https://aws.amazon.com/blogs/security/announcing-initial-services-available-in-the-aws-european-sovereign-cloud-backed-by-the-full-power-of-aws/" rel="nofollow noopener noreferrer" target="_blank">https://aws.amazon.com/blogs/security/announcing-initial-services-available-in-the-aws-european-sovereign-cloud-backed-by-the-full-power-of-aws/</a>

MijndertWouldn't it be nice to be able to go "I'll have the same RDS reserved instances again please" in <a href="https://fosstodon.org/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a>? Such a massive time sink to figure out 1. what you need and 2. what the discount will be per purchase option.

Merle MeyerdierksBesser gleich zu Threema! Der Traffic von <a class="hashtag" href="https://bsky.app/search?q=%23Signal" rel="nofollow noopener noreferrer" target="_blank">#Signal</a> geht über die US Clouds v. <a class="hashtag" href="https://bsky.app/search?q=%23Google" rel="nofollow noopener noreferrer" target="_blank">#Google</a>, <a class="hashtag" href="https://bsky.app/search?q=%23Amazon" rel="nofollow noopener noreferrer" target="_blank">#Amazon</a> <a class="hashtag" href="https://bsky.app/search?q=%23AWS" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> <a class="hashtag" href="https://bsky.app/search?q=%23Microsoft" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a class="hashtag" href="https://bsky.app/search?q=%23Azure" rel="nofollow noopener noreferrer" target="_blank">#Azure</a> & <a class="hashtag" href="https://bsky.app/search?q=%23Cloudflare" rel="nofollow noopener noreferrer" target="_blank">#Cloudflare</a> = alles absolute No-Go´s Und US Dienste können über den US CloudAct direkt darauf zugreifen! <a href="https://de.wikipedia.org/wiki/CLOUD_Act" rel="nofollow noopener noreferrer" target="_blank">de.wikipedia.org/wiki/CLOUD_Act</a> <a class="hashtag" href="https://bsky.app/search?q=%23SignalApp" rel="nofollow noopener noreferrer" target="_blank">#SignalApp</a> ist nicht anonym = <a class="hashtag" href="https://bsky.app/search?q=%23Threema" rel="nofollow noopener noreferrer" target="_blank">#Threema</a> ja <a href="https://de.wikipedia.org/wiki/CLOUD_Act" rel="nofollow noopener noreferrer" target="_blank">CLOUD Act – Wikipedia</a>

Victor GrenuJoke aside, what kind of guardrails are you using to prevent Denial of Wallet (DoW) and lack of visibility on billed cloud assets?<a href="https://infosec.exchange/tags/AWSSummit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWSSummit</a> <a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a>

diesUndDasMitTassen 🇺🇦Nach langer Suche habe ich endlich S3 cloudstorage Client Software gefunden, die macht, was ich brauche.Für Linux ist es <a href="https://mastodon.social/tags/rclone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rclone</a> mit dem rclone browser und für grapheneOS ist es <a href="https://mastodon.social/tags/exfilac" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exfilac</a>.Hauptproblem mit anderer Software war die Konfiguration des Zugriffs auf alternative storage Anbieter (statt <a href="https://mastodon.social/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a>). Bei den beiden Tools funktioniert es. Für Linux würde ich mir wünschen, daß <a href="https://mastodon.social/tags/beyondcompare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#beyondcompare</a> endlich alternative S3 storage Anbieter unterstützt 🤨<a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://mastodon.social/tags/android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#android</a> <a href="https://mastodon.social/tags/s3storage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#s3storage</a> <a href="https://mastodon.social/tags/cloudstorage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloudstorage</a> <a href="https://mastodon.social/tags/foss" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#foss</a>

Tim BrayIf you care about <a href="https://cosocial.ca/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a>, this from <a href="https://awscommunity.social/@Quinnypig" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Quinnypig</a> is a big deal: <a href="https://www.duckbillgroup.com/blog/ec2-reserved-instances-are-being-deprecated/" rel="nofollow noopener noreferrer" target="_blank">https://www.duckbillgroup.com/blog/ec2-reserved-instances-are-being-deprecated/</a>Tl;dr: Reserved Instances are being quietly deprecated .

0x40kWhoa, just caught wind of this nasty Amazon EC2 SSM Agent vulnerability... seriously concerning stuff! We're talking Privilege Escalation and even Remote Code Execution just by manipulating Plugin IDs? Sounds like a *major* headache for admins. 😬You know how the SSM Agent is pretty much the command center for your EC2 instances? Well, if *that* gets compromised, it's basically game over. 🙈 Turns out, the issue stems from faulty validation of those Plugin IDs – a classic vulnerability pattern, really. Attackers can actually manipulate paths using '../', something we pentesters unfortunately see pop up more often than you'd think.It's the kind of sneaky flaw that automated vulnerability scanners frequently miss, which really highlights why manual testing is still invaluable! ✨So, the bottom line? Updating to version **3.3.1957.0** isn't just recommended, it's pretty much essential right now. Also, definitely take a good look through your SSM docs for any fishy-looking Plugin IDs, just to be safe.Speaking of keeping things locked down, what are your go-to tools or strategies for hardening your AWS environment? Always curious to hear what others are doing! 🤔<a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentesting</a> <a href="https://infosec.exchange/tags/CloudSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudSecurity</a>

Chum1ng0 - Security Research :verified:Documents revealing personal data were exposed. This was reported to the Finnish entity, but I never received a response from them.As a result, I had to contact the National Cyber Security Centre of Finland (NCSC-FI) twice to get them to close the case.<a href="https://infosec.exchange/tags/dataprotection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dataprotection</a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a href="https://infosec.exchange/tags/leak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#leak</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/aws" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#aws</a> <a href="https://infosec.exchange/tags/bucket" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bucket</a>

Kyler Middleton🚀 Part 9 of Building a Slack Bot with AI is live!We wrap the series by solving a big problem: Slack needs fast responses, but our AI Lambda takes time. The fix? A Receiver Lambda that immediately replies to Slack, then hands off the work.Clean, async, and cost-effective.Catch the final post here: <a href="https://www.letsdodevops.com/p/building-a-slack-bot-receiver" rel="nofollow noopener noreferrer" target="_blank">https://www.letsdodevops.com/p/building-a-slack-bot-receiver</a><a href="https://infosec.exchange/tags/Serverless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Serverless</a> <a href="https://infosec.exchange/tags/Slack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Slack</a> <a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> <a href="https://infosec.exchange/tags/GenAI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GenAI</a> <a href="https://infosec.exchange/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a> <a href="https://infosec.exchange/tags/LetsDoDevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LetsDoDevOps</a>

Chum1ng0 - Security Research :verified:🇫🇮 Finland: 105,000 Satula.com Records Exposed in Unsecured AWS.🔗 <a href="https://medium.com/@newschu.substack.com/finland-105-000-satula-com-records-exposed-in-unsecured-aws-be7318ca5523" rel="nofollow noopener noreferrer" target="_blank">https://medium.com/@newschu.substack.com/finland-105-000-satula-com-records-exposed-in-unsecured-aws-be7318ca5523</a> <a href="https://infosec.exchange/tags/dataprotection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dataprotection</a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a href="https://infosec.exchange/tags/leak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#leak</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/aws" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#aws</a> <a href="https://infosec.exchange/tags/bucket" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bucket</a>

Verwaltet von:

Serverstatistiken:

Aktuelle Trends

Verwaltet von:

Serverstatistiken:

AWSZurück

Aktuelle Trends