@[email protected] to [email protected]English • 7 months agoHow an empty S3 bucket can make your AWS bill explodemedium.comexternal-linkmessage-square22fedilinkarrow-up11arrow-down10cross-posted to: programmingblueteamsechackernewscybersecurityprogrammingnetsec
arrow-up11arrow-down1external-linkHow an empty S3 bucket can make your AWS bill explodemedium.com@[email protected] to [email protected]English • 7 months agomessage-square22fedilinkcross-posted to: programmingblueteamsechackernewscybersecurityprogrammingnetsec
minus-square@[email protected]linkfedilink0•7 months ago“By design” AWS bills project owners for unauthorized calls to the public S3 API. So what I’m reading from this is you can do a billing attack on anything hosted in AWS so long as you know one of their bucket names.
minus-square@[email protected]linkfedilinkEnglish0•7 months agoSeriously, now that this is more widely known, it’ll for sure be taken advantage of a lot, to the point AWS will begrudgingly protect their customers once the damage is done.
“By design” AWS bills project owners for unauthorized calls to the public S3 API.
So what I’m reading from this is you can do a billing attack on anything hosted in AWS so long as you know one of their bucket names.
Seriously, now that this is more widely known, it’ll for sure be taken advantage of a lot, to the point AWS will begrudgingly protect their customers once the damage is done.