Tag: aws

October 6, 2020

Amazon Web Services (AWS) has made available three new S3 (Simple Storage Service) security and access control features: Object Ownership Bucket Owner Condition Copy API via Access Points Object Ownership Object Ownership is a permission that can be set when […]

July 23, 2020

Twilio has confirmed that, for 8 or so hours on July 19, a malicious version of their TaskRouter JS SDK was being served from their one of their AWS S3 buckets. “Due to a misconfiguration in the S3 bucket that […]

June 1, 2020

An internal website audit revealed that a third-party company owned by a former leader of the Joomla Resource Directory team — they are still a member of the JRD team — stored full JRD backups in an AWS S3 bucket. […]

March 12, 2020

Researchers have discovered another big database containing millions of European customer records left unsecured on Amazon Web Services (AWS) for anyone to find using a search engine. A total of eight million records were involved, collected via marketplace and payment […]

January 20, 2020

The lack of care being taken to correctly configure cloud environments has once again been highlighted by two serious data leaks in the UK caused by leaking Amazon Simple Storage Service (S3) bucket databases. As a default setting, Amazon S3 […]

January 16, 2020

Cybersecurity is an important aspect and it becomes more precarious when organisations are flocking to the cloud to deploy mission-critical apps. Data is the new oil of the 21st century. The opportunity that the cloud presents also brings in challenges […]

December 10, 2019

Organizations handling highly sensitive data belonging to U.S. residents are not doing enough to protect their customers’ personal information, as a recent discovery illustrates. A group of pen testers have found more than a quarter of a million applications for […]

December 5, 2019

Amazon Web Services (AWS) has expanded its portfolio with three new services and capabilities meant to help organizations build and operate securely in the cloud. With the new Amazon Detective, customers can increase efficiency when investigating incidents across workloads. Currently […]

November 18, 2019

There are notable network performance and connectivity differences between the five major public cloud providers – Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, Alibaba Cloud and IBM Cloud, ThousandEyes reveals. A look at public cloud performance While […]

October 24, 2019

Amazon Web Services (AWS) customers experienced service interruptions yesterday as the company struggled to fight off a distributed denial-of-service (DDoS) attack. As part of such an assault, attackers attempt to flood the target with traffic, which would eventually result in […]

September 9, 2019

In the latest major cloud security foul-up, Capital One suffered a data breach, which affected 100 million people in the United States, and 6 million in Canada. It wasn’t just Capital One caught with their security pants down. We now […]

August 19, 2019

Thompson, who used the online moniker “erratic,” has been accused of accessing the personal information of roughly 106 million people — 100 million in the United States and 6 million in Canada — including, in some cases, social security numbers […]

February 5, 2019

A new backdoor is targeting Linux servers in East Asia and Latin America, including Amazon Web Services (AWS) hosted machines, Check Point security researchers say. Dubbed ‘SpeakUp’, the new Trojan targets known vulnerabilities in six different Linux distributions and attempts […]

September 26, 2018

The issue for cloud adopters is no longer where your data sits in AWS, on-premises, Azure, Salesforce, or what have you. The important questions are: Who has access to it, and how is it protected? Cloud adoption is becoming more […]

August 21, 2018

Attackers are abusing the characteristics of cloud services to launch and hide their activity as they traverse target networks. A new body of evidence indicates threat actors are using increasingly advanced techniques to target cloud providers and leveraging cloud-specific traits […]

April 5, 2018

Amazon Web Services (AWS) announced on Wednesday the launch of several tools and services designed to help customers manage their firewalls, use private certificates, and safely store credentials. Private Certificate Authority One of the new services is called Private Certificate […]

October 11, 2017

Consulting and technology services giant Accenture inadvertently exposed potentially sensitive information by leaving it unprotected in four Amazon Web Services (AWS) S3 buckets. The cloud storage containers were discovered on September 17 by Chris Vickery of cyber resilience company UpGuard […]

September 25, 2017

Researchers discovered an unprotected Amazon Web Services (AWS) S3 bucket containing potentially sensitive information associated with a system used internally by Verizon. The cloud container, discovered by Kromtech Security on September 20, stored roughly 100 Mb of data from a […]

August 7, 2017

We’ve read plenty of stories recently about the accidental exposure of data stored in the cloud because of users’ poor configuration choices. Cybersecurity researchers have been actively scanning Amazon Web Services (AWS) for accounts and files available to the public; […]

October 6, 2015

As thousands of cloud fanatics descend on Las Vegas this week for #amazon web service’s #re:invent conference, researchers in Massachusetts are raising new questions about the security of all multi-tenant cloud environments. A group of professors at #worcester polytechnic institute […]