ECScape: Understanding IAM Privilege Boundaries in Amazon ECS
A new ECS security mess—ECScape—lets low-privileged tasks on EC2 act like the ECS agent. That’s bad. Real bad. Why? Because it opens the door to stealing IAM credentials from other ECS tasks sharing the same host. Here’s the trick: The attacker hits the instance metadata service (IMDS) and fakes a ..
 Posts from @stefanwuthrich..
Posts from @stefanwuthrich..






