Security researchers have disclosed a critical vulnerability in Amazon Elastic Container Service (ECS) that allows malicious containers to steal AWS credentials from other tasks running on the same EC2 instance. The attack, dubbed >>ECScape,<< exploits an undocumented internal protocol to impersonate the ECS agent and harvest privileged credentials without requiring container breakout. Vulnerability Overview The [...] The post Amazon ECS Internal Protocol Exploited to Steal AWS Credentials from Other Tasks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. First seen on gbhackers.com Jump to article: gbhackers.com/amazon-ecs-internal-protocol-exploited/
