AWS Archives

Application Security

Abandoned Amazon S3 Buckets Could Have Enabled Attacks Against Governments, Big Firms

150 abandoned Amazon S3 buckets could have been leveraged to deliver malware or backdoors to governments and Fortune companies.

Eduard KovacsFebruary 5, 2025

Ransomware

Compromised AWS Keys Abused in Codefinger Ransomware Attacks

A ransomware group tracked as Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C.

Ionut ArghireJanuary 14, 2025

Cloud Security

AWS Launches Incident Response Service

AWS has launched Security Incident Response, a new service for quick and efficient security event management.

Ionut ArghireDecember 2, 2024

Phishing

AWS Seizes Domains Used by Russia’s APT29

AWS announced the seizure of domains used by Russian hacker group APT29 in phishing attacks targeting Ukraine and other countries.

Eduard KovacsOctober 25, 2024

Cloud Security

Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue

As many as 15,000 applications using AWS Application Load Balancer (ALB) could be exposed to ALBeast attacks.

Eduard KovacsAugust 21, 2024

Cloud Security

Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign

Security researchers at Palo Alto Networks discover a threat actor extorting organizations after compromising their cloud environments using inadvertently exposed environment variables.

Ionut ArghireAugust 16, 2024

Cloud Security

AWS Patches Vulnerabilities Potentially Allowing Account Takeovers

AWS has patched vulnerabilities in several products, including flaws that could have been exploited to take over accounts.

Eduard KovacsAugust 8, 2024

Artificial Intelligence

AWS Deploying ‘Mithra’ Neural Network to Predict and Block Malicious Domains

AWS says a massive neural network graph model with 3.5 billion nodes and 48 billion edges is speeding up the prediction and detection of...

Ryan NaraineAugust 5, 2024

Cloud Security

AWS Announces Authentication and Malware Protection Enhancements

AWS announced passkey MFA for IAM and root users, IAM Access Analyzer updates, and Amazon GuardDuty Malware Protection for S3.

Eduard KovacsJune 13, 2024

Cloud Security

Inside AWS’s Crusade Against IP Spoofing and DDoS Attacks

SecurityWeek speaks to Tom Scholl, VP and distinguished engineer at AWS, on how the organization tackles IP Spoofing and DDoS attacks.

Kevin TownsendApril 11, 2024

Cybercrime

Researchers Flag FBot Hacking Tool Hijacking Cloud, Payment Services

The tool, called FBot, is capable of credential harvesting for spamming attacks, and AWS, PayPal and SaaS account hijacking.

Ryan NaraineJanuary 11, 2024

Cloud Security

Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets

AWS announces Amazon One Enterprise, a palm-based identity service that enables users to easily access physical locations and digital assets.

Eduard KovacsNovember 28, 2023

SECURITYWEEK NETWORK:

ICS:

All posts tagged "AWS"

Application Security

Abandoned Amazon S3 Buckets Could Have Enabled Attacks Against Governments, Big Firms

Ransomware

Compromised AWS Keys Abused in Codefinger Ransomware Attacks

Cloud Security

AWS Launches Incident Response Service

Phishing

AWS Seizes Domains Used by Russia’s APT29

Cloud Security

Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue

Cloud Security

Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign

Cloud Security

AWS Patches Vulnerabilities Potentially Allowing Account Takeovers

Artificial Intelligence

AWS Deploying ‘Mithra’ Neural Network to Predict and Block Malicious Domains

Cloud Security

AWS Announces Authentication and Malware Protection Enhancements

Cloud Security

Inside AWS’s Crusade Against IP Spoofing and DDoS Attacks

Cybercrime

Researchers Flag FBot Hacking Tool Hijacking Cloud, Payment Services

Cloud Security

Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets

Featured

Ransomware

LockBit Ransomware Admin Panel Hacked, Leaks Reveal Inside Details

Vulnerabilities

Possible Zero-Day Patched in SonicWall SMA Appliances

ICS/OT

US Warns of Hackers Targeting ICS/SCADA at Oil and Gas Organizations

Hacker Conversations

Hacker Conversations: John Kindervag, a Making not Breaking Hacker

Mobile & Wireless

Android Update Patches FreeType Vulnerability Exploited as Zero-Day

Government

White House Proposal Slashes Half-Billion From CISA Budget

Cybercrime

Man Admits Hacking Disney and Leaking Data Disguised as Hacktivist

Latest News

Vulnerabilities

In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak

Malware & Threats

Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack

Data Breaches

160,000 Impacted by Valsoft Data Breach

Malware & Threats

Malicious NPM Packages Target Cursor AI’s macOS Users

Management & Strategy

Rising Tides: Kelley Misata on Bringing Cybersecurity to Nonprofits

Vulnerabilities

SAP Zero-Day Targeted Since January, Many Sectors Impacted

Data Breaches

Company and Personal Data Compromised in Recent Insight Partners Hack

Daily Briefing Newsletter