Moving to

🌟 24K GOLD PS5 GIVEAWAY 🌟 The vault has been looted and a 𝐆𝐎𝐋𝐃 𝐏𝐒𝟓 worth over $10K has been found and is up for grabs. Follow @Borderlands, like this post, and RT for your chance to win this 24K GOLD PS5 Terms ➡️ https://t.co/Ik9SUOiNNx

And it turns out that she left some important details out. I still think many creators are underpaid for their contributions, this isn’t going to help them. But it’s really hard to support someone that omits the important details.

Hideki Kamiya is now blocking people that are questioning why PlatinumGames decided to disrespect the value and of Hellena Taylor's voice actor work as Bayonetta. His "funny antics" is now turning into pure deflection and cowardice from him.

I was excited for #Bayonetta3 but I won’t be buying it now, offering only $4000 USD to voice the main character of a video game is ridiculous.

We wanted to do something special for our 1.5 MILLION monthly active Borderlands 2 players so we went digging and found five Replica Psycho Masks that we’re giving away TO YOU! Just LIKE and RETWEET this post! #Borderlands Terms 👉 https://t.co/nb0H5sls0I

Today @amitaico, @0xdabbad00 and I are launching a new website to list cloud vulnerabilities and CSP security issues. The website will be driven by the community, enabling cloud defenders to search and view essential info about cloud vulnerabilities https://t.co/REwMYBvan3 1/6

New documentary called “Money Pitt” searching for gold under Brad Pitt’s château coming soon to @HISTORY

@campuscodi @JLLeitschuh @GossiTheDog We just published our analysis on how we initially found it and triaged the payload: https://t.co/CsNby7KElN

COME GET SOME ✨ LOOT ✨ 𝗥𝗘𝗧𝗪𝗘𝗘𝗧 THIS POST to get your very own SKELETON KEY code NOW! 💀 More & Terms: https://t.co/dMJNEfPfSl

I will also add that the security and support engineers I exchanged messages with were great and that I am very satisfied that AWS took action on this issue as quickly as they did.

I've always had the view that AWS had excellent security. But I hope everyone realizes that just because you don't hear about the issues doesn't mean they don't exist. Vendors are out there quietly fixing problems.

In my opinion AWS should publicly announce all of these vulnerabilities. Even if they are minor, difficult to exploit and even if possible to prove it was never actually used to gain unauthorized access.

The verbal statement bit was rather weird. It sounded like something that had been prepared to post on a website but that they didn't want to actual post. It made me feel as though AWS wanted to hide the situation.

If you're an AWS customer using MWAA I don't believe you need to take any specific action. All tokens that were logged like this have long since expired. But you may want to look at your logs to see if anything suspicious happened.

I do not know is how long this issue was present in their systems (they didn't tell me).

I have no way of knowing what controls AWS has internally with their own employees accessing CloudTrail logs for customers. But I presume someone has some degree of access. I have no information if this was used or not to gain unauthorized access to any MWAA server.

I can't say for certain that I was the first one to report the issue. I just know that I reported it and the timeline in relation to my report. I reported it both via AWS Security's Vulnerability Form and and AWS Support Ticket.

On May 26th we managed to coordinate that call and they read me a verbal statement they would not provide over email or the support ticket I had with them. They told me about the mitigating circumstances and that they were fixing the issue anyway out of an abundance of caution.

I reported this issue on May 11th and it was fixed in us-west-2 sometime between May 12th and May 17th. But I know for certain the issue was fixed by May 22nd worldwide as AWS wanted to have a phone call with me to tell me they had fixed it.