The Hacker News

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery ...
Security Boulevard

Privileged AWS Permissions You Should Restrict Immediately (Top 25 + Bonus)

Drumroll, please… 🥁 After five weeks of countdowns, breakdowns, and some very lively conversations, we’ve finally reached the end of the Top 25 Most Risky AWS Privileged Permissions, plus a special ...
InfoQ

AWS Launches Amazon S3 Dual-Layer Server-Side Encryption with Keys Stored in AWS KMS

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Computer Weekly

Warning: AWS IAM behaves differently to directory services

Researchers from Israeli security firm Lightspin have identified an issue with configuring identity and access control services on Amazon Web Services (AWS) that could leave many organisations ...
Business Wire

YouAttest Unifies, Automates, and Simplifies Cloud IAM Audits for Hybrid AWS Enterprises

IRVINE, Calif.--(BUSINESS WIRE)--SYouAttest®, a leading provider of Identity Audit and Compliance tools, introduced a new solution that creates a “single source of truth” for security and risk ...
Infosecurity-magazine.com

A 10-Step Best Practice IAM Guide for Azure and AWS

Identity and access management (IAM) is the process of identifying and controlling the access granted to users, devices and services. It is one of the oldest concepts in security, tracing back to the ...