IMDSv2 Migration

IMDSv2 (Instance Metadata Service Version 2) migration is a crucial security upgrade for AWS environments, enhancing protection against server-side request forgery (SSRF) and unauthorized access to metadata. Unlike IMDSv1, which allowed direct queries to metadata endpoints, IMDSv2 requires session-based requests with HTTP PUT tokens, making exploitation significantly harder. Migrating to IMDSv2 involves updating application code, setting instance metadata options, and enforcing its usage across EC2 instances. As cloud threats evolve, adopting IMDSv2 is a best practice for securing sensitive instance metadata in AWS infrastructure.

Hackers Target SSRF Bugs in EC2-Hosted Sites to Steal AWS Credentials

Hackers Target SSRF Bugs in EC2-Hosted Sites to Steal AWS Credentials

Recent cyberattacks exploited a weakness in Amazon EC2 configurations. Hackers targeted Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on EC2. This allowed them to access the internal EC2 metadata service and steal AWS Identity and Access Management (IAM) credentials. The campaign, observed in March 2025, leveraged older, less secure metadata services. Organizations are urged to upgrade to newer, more secure versions and implement other security measures. A cybersecurity firm, F5 Labs, detailed these attacks and recommends specific defenses, which are also offered as services by Technijian. ... Read More