Cyber Daily Report

News

Home News

Jan Recap: New AWS Privileged Permissions and Services

  • None--securityboulevard.com
  • published date: 2026-02-03 00:00:00 UTC

None

<p>As January 2026 comes to a close, Sonrai’s latest review of newly released AWS permissions highlights a sharp expansion of privilege concentrated in networking, traffic control, and collaboration services. This month’s updates focus heavily on AWS Network Firewall, Route 53 Global Resolver, EC2 networking controls, and cross-account data collaboration, introducing new ways to reroute traffic, weaken filtering, expand network reach, and expose shared data.</p><p>Taken together, these permissions reinforce a critical cloud security reality: privilege increasingly lives in routing decisions and configuration layers, not just identity policies. From bypassing DNS and proxy-based protections to expanding access across VPCs and external accounts, each change subtly reshapes trust boundaries and increases the blast radius of misuse. Security teams must stay vigilant, as these non-obvious privileges continue to redefine the cloud attack surface through the very controls meant to secure it.</p><h2 class="wp-block-heading">Existing Services with New Privileged Permissions</h2><h3 class="wp-block-heading">AWS Clean Rooms</h3><p><strong>Service Type: Data and Analytics</strong></p><h4 class="wp-block-heading">Permission: cleanrooms:UpdateCollaborationChangeRequest</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to update a change request in a collaboration</li> <li><strong>Mitre Tactic:</strong> Exfiltration</li> <li><strong>Why it’s privileged: </strong>Allows approving or modifying change requests that expand what external AWS accounts can do within a collaboration, potentially granting access to additional data through analysis templates.</li> </ul><h3 class="wp-block-heading">AWS Network Firewall</h3><p><strong>Service Type: Security Services</strong></p><h4 class="wp-block-heading">Permission: network-firewall:UpdateProxyRule</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to update an existing proxy rule on a proxy rule group</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows modification of proxy rules designed to block malicious or unauthorized traffic, potentially permitting traffic that would otherwise be filtered.</li> </ul><h4 class="wp-block-heading">Permission: network-firewall:AttachRuleGroupsToProxyConfiguration</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to attach proxy rule groups to a proxy configuration</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows attaching rule groups with broad allow rules early in a proxy configuration, potentially permitting malicious traffic to bypass filtering.</li> </ul><h4 class="wp-block-heading">Permission: network-firewall:UpdateProxyConfiguration</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to modify a proxy configuration</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows changing proxy behavior from default-deny to default-allow, significantly weakening network traffic filtering.</li> </ul><h4 class="wp-block-heading">Permission: network-firewall:UpdateProxyRuleGroupPriorities</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to modify rule group priorities on a proxy configuration</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows reordering rule groups so broad allow rules are evaluated first, enabling traffic to bypass filtering and permitting otherwise blocked connections.</li> </ul><h4 class="wp-block-heading">Permission: network-firewall:CreateProxyRules</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to add proxy rules to a proxy rule group</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows inserting explicit allow or deny rules ahead of existing filters, potentially preempting protections and permitting unauthorized traffic.</li> </ul><h4 class="wp-block-heading">Permission: network-firewall:DetachRuleGroupsFromProxyConfiguration</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to detach proxy rule group from a proxy configuration</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows removal of rule groups designed to filter malicious or unauthorized traffic, weakening proxy-based network protections.</li> </ul><h4 class="wp-block-heading">Permission: network-firewall:DeleteProxy</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to delete a proxy</li> <li><strong>Mitre Tactic:</strong> Impact</li> <li><strong>Why it’s privileged: </strong>Allows deletion of a network proxy, disrupting connectivity for resources that rely on it and causing traffic to fail.</li> </ul><h4 class="wp-block-heading">Permission: network-firewall:UpdateProxyRulePriorities</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to update proxy rule priorities within a proxy rule group</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows reordering proxy rules so broad allow rules are evaluated first, enabling traffic to bypass existing filtering controls.</li> </ul><h4 class="wp-block-heading">Permission: network-firewall:DeleteProxyRules</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to remove proxy rules from a proxy rule group</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows removal of proxy rules designed to filter malicious or unauthorized traffic, weakening network security controls.</li> </ul><h4 class="wp-block-heading">Permission: network-firewall:UpdateProxy</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to modify a proxy</li> <li><strong>Mitre Tactic:</strong> Impact</li> <li><strong>Why it’s privileged: </strong>Allows removing or altering proxy listeners, causing network traffic to fail and preventing clients from establishing connections.</li> </ul><h3 class="wp-block-heading">Amazon EC2</h3><p><strong>Service Type: Compute Services</strong></p><h4 class="wp-block-heading">Permission: ec2:ModifyVpcEncryptionControl</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to modify an existing VPC Encryption Control</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows weakening or disabling enforcement of VPC traffic encryption by switching controls to monitor mode, reducing protection of network traffic and potentially disrupting encryption guarantees.</li> </ul><h4 class="wp-block-heading">Permission: ec2:ModifyIpamPrefixListResolver</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to modify an IPAM prefix list resolver</li> <li><strong>Mitre Tactic:</strong> Lateral Movement</li> <li><strong>Why it’s privileged: </strong>Allows expanding the CIDR ranges resolved by a prefix list, potentially broadening network access to sensitive resources protected by security group rules.</li> </ul><h4 class="wp-block-heading">Permission: ec2:DeleteVpcEncryptionControl</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to delete a VPC Encryption Control</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Removes controls that enforce VPC traffic encryption, eliminating safeguards that protect network traffic confidentiality.</li> </ul><h4 class="wp-block-heading">Permission: ec2:CreateIpamPrefixListResolverTarget</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to create an IPAM prefix list resolver target that links a resolver to a managed prefix list</li> <li><strong>Mitre Tactic:</strong> Lateral Movement</li> <li><strong>Why it’s privileged: </strong>Allows forcing a prefix list to sync with an empty or permissive resolver, effectively wiping enforced network restrictions and expanding communication between resources or VPCs.</li> </ul><h3 class="wp-block-heading">AWS CloudWatch Logs</h3><p><strong>Service Type: Observability and Monitoring</strong></p><h4 class="wp-block-heading">Permission: logs:CreateImportTask</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to start an asynchronous process to import data from a CloudTrail Lake event data store into a managed log group in CloudWatch </li> <li><strong>Mitre Tactic:</strong> Collection</li> <li><strong>Why it’s privileged: </strong>Allows importing CloudTrail data into CloudWatch using a passed role, enabling collection of log data that the caller may not otherwise have direct access to.</li> </ul><h3 class="wp-block-heading">Amazon API Gateway</h3><p><strong>Service Type: Compute Services</strong></p><h4 class="wp-block-heading">Permission: apigateway:UpdatePortal</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to update a portal</li> <li><strong>Mitre Tactic:</strong> Persistence</li> <li><strong>Why it’s privileged: </strong>Allows disabling authorization controls on the portal, exposing internal API documentation to the public and enabling persistent unauthorized access.</li> </ul><h4 class="wp-block-heading">Permission: apigateway:PutPortalProductSharingPolicy</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to put a portal product sharing policy</li> <li><strong>Mitre Tactic:</strong> Persistence</li> <li><strong>Why it’s privileged: </strong>Allows making an API Gateway portal accessible from another AWS account, enabling persistent external access to potentially internal API documentation.</li> </ul><h3 class="wp-block-heading">Amazon Connect</h3><p><strong>Service Type: Customer Engagement</strong></p><h4 class="wp-block-heading">Permission: connect:DisassociateEmailAddressAlias</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to disassociate an alias from an email address resource in an Amazon Connect instance</li> <li><strong>Mitre Tactic:</strong> Impact</li> <li><strong>Why it’s privileged: </strong>Allows removal of email address aliases used for routing or identification, disrupting email-based contact handling and potentially impacting business communications or workflows.</li> </ul><h4 class="wp-block-heading">Permission: connect:AssociateEmailAddressAlias</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to associate an alias with an email address resource in an Amazon Connect instance</li> <li><strong>Mitre Tactic:</strong> Exfiltration</li> <li><strong>Why it’s privileged: </strong>Allows routing or duplicating email communications through additional aliases, potentially enabling interception or unauthorized exposure of sensitive customer messages.</li> </ul><h3 class="wp-block-heading">Amazon CloudFront</h3><p><strong>Service Type: Networking and Content Delivery</strong></p><h4 class="wp-block-heading">Permission: cloudfront:DeleteResourcePolicy</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to delete a resource’s policy document</li> <li><strong>Mitre Tactic:</strong> Impact</li> <li><strong>Why it’s privileged: </strong>Allows removal of resource-based access controls for CloudFront resources, causing severe disruption to content delivery and access enforcement.</li> </ul><h4 class="wp-block-heading">Permission: cloudfront:PutResourcePolicy</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to update or create a resource’s policy document</li> <li><strong>Mitre Tactic:</strong> Persistence</li> <li><strong>Why it’s privileged: </strong>Allows adding or modifying resource-based policies to grant or maintain access to CloudFront resources, enabling persistent control over content delivery access.</li> </ul><h3 class="wp-block-heading">Amazon Bedrock</h3><p><strong>Service Type: Artificial Intelligence &amp; Machine Learning</strong></p><h4 class="wp-block-heading">Permission: bedrock:PutEnforcedGuardrailConfiguration</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to set account-level enforced guardrail configuration</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows replacing or weakening enforced account-level guardrails, enabling models or agents to bypass safety and policy controls.</li> </ul><h4 class="wp-block-heading">Permission: bedrock:DeleteEnforcedGuardrailConfiguration</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to delete account-level enforced guardrail configuration</li> <li><strong>Mitre Tactic:</strong> Impact</li> <li><strong>Why it’s privileged: </strong>Allows removal of enforced guardrails across the account, eliminating safety and policy controls and potentially disrupting or exposing downstream AI workloads.</li> </ul><h3 class="wp-block-heading">AWS Network Manager</h3><p><strong>Service Type: Networking and Content Delivery</strong></p><h4 class="wp-block-heading">Permission: networkmanager:PutAttachmentRoutingPolicyLabel</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to put an attachment routing policy label</li> <li><strong>Mitre Tactic:</strong> Lateral Movement</li> <li><strong>Why it’s privileged: </strong>Allows associating routing policies that enable broader prefix propagation, granting compromised attachments access to network segments or prefixes that were previously unreachable.</li> </ul><h4 class="wp-block-heading">Permission: networkmanager:RemoveAttachmentRoutingPolicyLabel</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to remove an attachment </li> <li><strong>Mitre Tactic:</strong> Lateral Movement</li> <li><strong>Why it’s privileged: </strong>Allows removal of labels that enforce strict routing policies, potentially eliminating network segmentation controls and enabling movement between previously isolated environments.</li> </ul><h3 class="wp-block-heading">AWS Launch Wizard</h3><p><strong>Service Type: Infrastructure Management</strong></p><h4 class="wp-block-heading">Permission: launchwizard:UpdateDeployment</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to update a deployment</li> <li><strong>Mitre Tactic:</strong> Credential Access</li> <li><strong>Why it’s privileged: </strong>Allows modifying deployment parameters to change credentials for underlying application databases, enabling unauthorized credential access or takeover.</li> </ul><h2 class="wp-block-heading">New Services with Privileged Permissions</h2><h3 class="wp-block-heading">AWS Route 53 Global Resolver</h3><p><strong>Service Type: Networking and Content Delivery</strong></p><h4 class="wp-block-heading">Permission: route53globalresolver:BatchCreateFirewallRule</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to create multiple firewall rules</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows creation of high-priority allow rules that can bypass existing DNS filtering and evade network-based controls.</li> </ul><h4 class="wp-block-heading">Permission: route53globalresolver:BatchDeleteFirewallRule</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to delete multiple firewall rules</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows removal of DNS firewall rules, disabling DNS-based filtering and reducing network-level visibility and protection.</li> </ul><h4 class="wp-block-heading">Permission: route53globalresolver:BatchUpdateFirewallRule</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to update multiple firewall rules</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows modifying deny rules into allow rules, permitting DNS traffic that would otherwise be filtered or blocked.</li> </ul><h4 class="wp-block-heading">Permission: route53globalresolver:CreateAccessSource</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to create an access source</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows remapping CIDR ranges between DNS views with different firewall policies, enabling DNS queries from the CIDR range to bypass stricter filtering rules.</li> </ul><h4 class="wp-block-heading">Permission: route53globalresolver:CreateFirewallRule</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to create a firewall rule</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows creation of high-priority allow rules that can bypass existing DNS filtering and evade network-based controls.</li> </ul><h4 class="wp-block-heading">Permission: route53globalresolver:DeleteFirewallRule</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to delete a firewall rule</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows removal of DNS firewall rules, disabling DNS-based filtering and reducing network-level protection.</li> </ul><h4 class="wp-block-heading">Permission: route53globalresolver:ImportFirewallDomains</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to import firewall domains from an S3 bucket</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows tampering with domain lists used by firewall rules, potentially permitting DNS traffic that would otherwise be filtered or blocked.</li> </ul><h4 class="wp-block-heading">Permission: route53globalresolver:UpdateAccessSource</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to update an access source</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows remapping CIDR ranges between DNS views with different firewall policies, enabling DNS queries to bypass stricter filtering rules.</li> </ul><h4 class="wp-block-heading">Permission: route53globalresolver:UpdateDNSView</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to update a dns view</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows disabling or weakening security settings such as DNSSEC validation, enabling tampering with DNS responses and bypassing DNS integrity protections.</li> </ul><h4 class="wp-block-heading">Permission: route53globalresolver:UpdateFirewallDomains</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to update firewall domains</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows modification of domain lists used by DNS firewall rules, potentially permitting DNS traffic that would otherwise be blocked or filtered.</li> </ul><h4 class="wp-block-heading">Permission: route53globalresolver:UpdateFirewallRule</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to update a firewall rule</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Allows changing deny rules into allow rules, permitting DNS traffic that would otherwise be filtered or blocked.</li> </ul><h3 class="wp-block-heading">AWS MCP Server</h3><p><strong>Service Type: Artificial Intelligence and Machine Learning</strong></p><h4 class="wp-block-heading">Permission: aws-mcp:CallReadWriteTool</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to call AWS read and write APIs in MCP service</li> <li><strong>Mitre Tactic:</strong> Impact</li> <li><strong>Why it’s privileged: </strong>Allows invoking AWS APIs via the MCP server, enabling unintended or malicious execution of AWS actions if the tool is triggered without explicit user intent.</li> </ul><h3 class="wp-block-heading">AWS PricingPlanManager Service</h3><p><strong>Service Type: Subscription Management</strong></p><p><em>No privileged permissions</em></p><h3 class="wp-block-heading">AWS Compute Optimizer</h3><p><strong>Service Type: Compute Services</strong></p><p><em>No privileged permissions</em></p><h3 class="wp-block-heading">Amazon Nova Act</h3><p><strong>Service Type: Artificial Intelligence &amp; Machine Learning</strong></p><p><em>No privileged permissions</em></p><h3 class="wp-block-heading">AWS ECS MCP Server</h3><p><strong>Service Type: Artificial Intelligence &amp; Machine Learning</strong></p><p><em>No privileged permissions</em></p><h2 class="wp-block-heading">Conclusion</h2><p>As AWS continues to evolve its networking, traffic management, and collaboration services, new privileged permissions are increasingly defining how data flows, access is enforced, and environments are segmented in the cloud. This month’s additions demonstrate how changes to routing policies, firewall rules, encryption controls, and shared resources can quietly expand privilege, weaken isolation, or expose sensitive systems without modifying traditional administrator roles. Even small configuration changes can have an outsized impact on network trust boundaries and lateral movement risk.</p><p>Sonrai Security’s Cloud Permissions Firewall helps organizations stay ahead of these shifts by continuously identifying emerging privileged permissions, mapping them to MITRE ATT&amp;CK tactics, and enforcing least privilege across cloud control planes. In a cloud environment where network and configuration-level privileges continue to expand each month, maintaining continuous visibility and proactive control is critical to preventing overlooked permissions from becoming attack paths.</p><figure class="wp-block-image size-full"><a href="https://sonraisecurity.com/cloud-security-platform/cloud-permissions-firewall/"><img fetchpriority="high" decoding="async" width="1584" height="365" src="https://sonraisecurity.com/wp-content/uploads/image-6.png" alt="" class="wp-image-39421"></a></figure><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/02/jan-recap-new-aws-privileged-permissions-and-services/" data-a2a-title="Jan Recap: New AWS Privileged Permissions and Services"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F02%2Fjan-recap-new-aws-privileged-permissions-and-services%2F&amp;linkname=Jan%20Recap%3A%20New%20AWS%20Privileged%20Permissions%20and%20Services" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F02%2Fjan-recap-new-aws-privileged-permissions-and-services%2F&amp;linkname=Jan%20Recap%3A%20New%20AWS%20Privileged%20Permissions%20and%20Services" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F02%2Fjan-recap-new-aws-privileged-permissions-and-services%2F&amp;linkname=Jan%20Recap%3A%20New%20AWS%20Privileged%20Permissions%20and%20Services" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F02%2Fjan-recap-new-aws-privileged-permissions-and-services%2F&amp;linkname=Jan%20Recap%3A%20New%20AWS%20Privileged%20Permissions%20and%20Services" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F02%2Fjan-recap-new-aws-privileged-permissions-and-services%2F&amp;linkname=Jan%20Recap%3A%20New%20AWS%20Privileged%20Permissions%20and%20Services" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://sonraisecurity.com/">Sonrai | Enterprise Cloud Security Platform</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Adeel Nazar">Adeel Nazar</a>. Read the original post at: <a href="https://sonraisecurity.com/blog/jan-recap-new-aws-privileged-permissions-and-services/">https://sonraisecurity.com/blog/jan-recap-new-aws-privileged-permissions-and-services/</a> </p>

Most Popular

JFrog Researchers Surface Vulnerabilities in AI Automation Platform from n8n

  • Michael Vizard -- securityboulevard.com
  • Published date: 2026-02-03 00:00:00 UTC

Jan Recap: New AWS Privileged Permissions and Services

  • None -- securityboulevard.com
  • Published date: 2026-02-03 00:00:00 UTC

95% of AI Projects Are Unproductive and Not Breach Ready

  • None -- securityboulevard.com
  • Published date: 2026-02-03 00:00:00 UTC

Using AI Agents to Separate Real Risk From Vulnerability Noise

  • Alan Shimel -- securityboulevard.com
  • Published date: 2026-02-03 00:00:00 UTC

French Police Raid X Paris Office, Summon Musk Over Grok Deepfakes

  • Jeffrey Burt -- securityboulevard.com
  • Published date: 2026-02-03 00:00:00 UTC