Cloud Security Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue As many as 15,000 applications using AWS Application Load Balancer (ALB) could be exposed to ALBeast attacks. Eduard KovacsAugust 21, 2024
Cloud Security Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign Security researchers at Palo Alto Networks discover a threat actor extorting organizations after compromising their cloud environments using inadvertently exposed environment variables. Ionut ArghireAugust 16, 2024
Cloud Security AWS Patches Vulnerabilities Potentially Allowing Account Takeovers AWS has patched vulnerabilities in several products, including flaws that could have been exploited to take over accounts. Eduard KovacsAugust 8, 2024
Artificial Intelligence AWS Deploying ‘Mithra’ Neural Network to Predict and Block Malicious Domains AWS says a massive neural network graph model with 3.5 billion nodes and 48 billion edges is speeding up the prediction and detection of... Ryan NaraineAugust 5, 2024
Cloud Security AWS Announces Authentication and Malware Protection Enhancements AWS announced passkey MFA for IAM and root users, IAM Access Analyzer updates, and Amazon GuardDuty Malware Protection for S3. Eduard KovacsJune 13, 2024
Cloud Security Inside AWS’s Crusade Against IP Spoofing and DDoS Attacks SecurityWeek speaks to Tom Scholl, VP and distinguished engineer at AWS, on how the organization tackles IP Spoofing and DDoS attacks. Kevin TownsendApril 11, 2024
Cybercrime Researchers Flag FBot Hacking Tool Hijacking Cloud, Payment Services The tool, called FBot, is capable of credential harvesting for spamming attacks, and AWS, PayPal and SaaS account hijacking. Ryan NaraineJanuary 11, 2024
Cloud Security Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets AWS announces Amazon One Enterprise, a palm-based identity service that enables users to easily access physical locations and digital assets. Eduard KovacsNovember 28, 2023
Cloud Security AWS Using MadPot Decoy System to Disrupt APTs, Botnets AWS says an internal threat intel decoy system called MadPot has successfully trapped nation state-backed APTs like Volt Typhoon and Sandworm. Ryan NaraineSeptember 29, 2023