Tools Resources
AWS_Blog

AWS ECR Public Vulnerability

Gafnit Amiga<
By: Gafnit Amiga
Dec 13, 2022

Executive Summary I discovered a critical AWS Elastic Container Registry Public (ECR Public) vulnerability that allowed external actors to delete, update, and create ECR Public images, layers, and tags in registries and repositories that belong to other AWS Accounts, by abusing undocumented internal ECR Public API actions. Prior to mitigation, this vulnerability could have potentially led to denial of service, data exfiltration, lateral movement, privilege…

AWS RDS Vulnerability

AWS RDS Vulnerability Leads to AWS Internal Service Credentials

Gafnit Amiga<
By: Gafnit Amiga
Apr 11, 2022

TL; DR Panoptica's Research Team obtained credentials to an internal AWS service by exploiting a local file read vulnerability on the RDS EC2 instance using the log_fdw extension. The internal AWS service was connected to AWS internal account, related to the RDS service. The vulnerability was reported to AWS Security team, who right after applied an initial patch limited only to the recent RDS and…

Amazon Redshift

Amazon Redshift – COPY The Risk

Dana Tsymberg<
By: Dana Tsymberg
Mar 30, 2022

TL;DR Amazon Redshift is a fully managed petabyte-scale data warehouse service in the cloud, designed specifically for online analytics processing (OLAP) and business intelligence (BI) applications, which require complex queries against large datasets. Redshift is a powerful service, integrated with many data sources where some of them might include sensitive information. Therefore, it is important to understand the connections between the services and the potential…

bucketimage

What Is S3 Bucket and How to Access It (Part 1)

Noga Yam Amitai<
By: Noga Yam Amitai
May 12, 2021

S3 bucket misconfigurations account for 16% of all cloud security breaches. While some of this can be chalked up to inexperience or human error, that’s not the only problem going on behind the scenes. This two-part series will look in-depth at what is an s3 bucket, how AWS handles access rights and permissions, and a new Panoptica Python tool that will provide some visibility and…