Amazon RDS Snapshots Expose Sensitive Data

By

Researchers have found leaks in the form of publicly shared Amazon RDS snapshots.

Amazon RDS, a cloud-based backup service, can leak personally identifiable information (PII) to the public Internet, reports Elizabeth Montalbano.

The vulnerability was found by the Mitiga Research Team, which discovered numerous Amazon RDS snapshots being shared publicly, Montalbano says. “Some of the exposures last for months, and some for just a short period of time, in both cases potentially allowing threat actors to take advantage,” the researchers noted in a recent blog post.

"These snapshots can be shared across different [Amazon Web Services] accounts – in or out of the on-premises organization, as well as AWS accounts that make the RDS snapshots publicly available," the researchers said. "With that, one might unintentionally leak sensitive data to the world, even if you use highly secure network configuration."

Read more at Dark Reading.

11/28/2022

Related content

  • Nearly 1 Million Misconfigured Kubernetes Instances Found Vulnerable
    more »
  • Lead Image © meepiangraphic, 123RF.com
    Snapshot management for Azure VMs
    Microsoft recommends the use of snapshots both locally and for Azure VMs. We describe how to create snapshots in the Azure GUI and with PowerShell and how to protect your snapshots against unauthorized access.
    more »
  • © Zarko Cvijovic, 123RF.com
    Moving HPC to the cloud
    HPC has a unique set of requirements that might not fit into standard clouds. However, plenty of commercial options, including cloud-like services, provide the advantages of real HPC without the capital expense of buying hardware.
    more »
  • Moving HPC to the Cloud

    HPC has a unique set of requirements that might not fit into standard clouds. However, plenty of commercial options, including cloud-like services, provide the advantages of real HPC without the capital expense of buying hardware.

    more »
  • News for Admins
    Microsoft Starts Using AI for Enterprise Security, New Zero-Day Vulnerability Affects All Windows Systems, British Airways Breach Affects 380,000 Customers
    more »
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Most Popular

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”> </a> <hr> </div> </div> <div class=