Potential CloudFront/S3 takeover risks

December 23, 2021
by
Erkang Zheng

We recently helped a customer identify some potential CloudFront/S3 takeover risks. You can find the details of the risk described in the article, "Simple Route53/Cloudfront/s3 subdomain takeover".

Here are the 3 relevant questions/queries added to the library. You may want to try these questions/queries in your environment and set up alerts accordingly. 

image (4)

The questions are already added in-app. Simply type "cloudfront origin" in the search bar to run them.

image (5)

You can then create an alert for each one. We are adding them to the alert rule packs, too.

To be clear, when you run the questions/queries highlighted, the best result is no results

image (6)

 

Erkang Zheng
Erkang Zheng

I founded JupiterOne because I envision a world where decisions are made on facts, not fear; teams are fulfilled, not frustrated; breaches are improbable, not inevitable. Security is a basic right.

We are building a cloud-native software platform at JupiterOne to deliver knowledge, transparency and confidence to every digital operation in every organization, large or small.

I am the Founder and CEO of JupiterOne, and also a cybersecurity practitioner  with 20+ years experience across IAM, pen testing, IR, data, app, and cloud security. An engineer by trade, entrepreneur at heart, I am passionate about technology and solving real-world challenges. Former CISO, security leader at IBM and Fidelity Investments, I hold five patents and multiple industry certifications.

More blog posts by
Erkang Zheng

SUBSCRIBE TO OUR NEWSLETTER

Stay up-to-date on emerging threats and security news

  • Checkmark
    Day-zero vulnerabilities & solutions
  • Checkmark
    Best practices for asset management
  • Checkmark
    Streamlining compliance and audit
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Keep Reading

5 Cybersecurity risk assessments to secure digital assets | JupiterOne
March 20, 2025
Blog
5 Cybersecurity risk assessment frameworks to secure digital assets

Discover 5 essential cybersecurity risk assessment frameworks to protect your digital assets. Learn their benefits, key features, and how to choose the right one

Redesigning the Widget Editor: A Faster, More Intuitive Way to Visualize Insights | JupiterOne
March 5, 2025
Blog
Redesigning the Widget Editor: A Faster, More Intuitive Way to Visualize Insights

The new Widget Editor delivers a more intuitive experience. Edit widgets in place, declutter your workspace, and get insights faster.

Streamlining Workflows with JupiterOne and Jira Cloud | JupiterOne
February 27, 2025
Blog
Streamlining Workflows with JupiterOne and Jira Cloud

Streamline security with JupiterOne and Jira. Automate issues, enhance collaboration, and track risks to boost efficiency and response times.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.