Security researchers have disclosed a critical vulnerability in Amazon Elastic Container Service (ECS) that allows malicious containers to steal AWS credentials from other tasks running on the same EC2 instance. The attack, dubbed “ECScape,” exploits an undocumented internal protocol to impersonate the ECS agent and harvest privileged credentials without requiring container breakout. Vulnerability Overview The […]

The post Amazon ECS Internal Protocol Exploited to Steal AWS Credentials from Other Tasks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/amazon-ecs-internal-protocol-exploited/