December 10, 2024 at 11:21AM Cybercriminal gangs exploited public website vulnerabilities to steal AWS cloud credentials from numerous organizations, uncovered by researchers from CyberCyber Labs. The attackers, linked to groups Nemesis and ShinyHunters, misconfigured an AWS S3 bucket containing stolen data. AWS confirmed the incident was due to customer application flaws, not their systems. ### … Read more
December 9, 2024 at 11:20AM Security researchers report an ongoing massive online heist targeting AWS customers, exploiting public website misconfigurations to steal source codes, credentials, and secrets. The criminal operation, linked to the Nemesis and ShinyHunters gangs, remains active. Misconfigurations allowing these breaches are attributed to customer oversight, not AWS itself. ### Meeting Takeaways 1. … Read more
December 3, 2024 at 09:06AM At AWS re:Invent 2024, new cloud security products were announced including AWS’s incident response service and enhanced threat detection for Amazon GuardDuty using AI. Wiz launched Wiz Defend for real-time threat detection, while Sweet Security introduced a unified platform. Skyhawk Security announced interactive detection capabilities for suspicious activities. ### Meeting … Read more
December 2, 2024 at 08:36PM Amazon Web Services (AWS) has launched a new incident response service, combining automation and human intervention, with a starting price of $7,000 per month. The service offers 24/7 support, threat analysis, and centralized tools for managing security incidents, available in 12 global regions. Pricing increases with AWS spending tiers. ### … Read more
December 2, 2024 at 12:50PM AWS has launched a new Security Incident Response service that automates security incident management. It integrates with Amazon GuardDuty and third-party solutions for incident triage and alerts, offering continuous support from AWS’s Customer Incident Response Team. The service features self-service tools and dashboards for performance monitoring and enhanced incident handling. … Read more
November 26, 2024 at 11:31AM CyberRatings.org has completed a “Mini-Test” of native firewalls from AWS, Azure, and GCP, assessing their security effectiveness against 522 exploits. Results showed protection effectiveness ranging from 0.38% to 50.57%. The findings raise concerns about reliance on CSP firewalls, urging customers to consider third-party solutions. A second, more rigorous test is … Read more
November 9, 2024 at 03:12PM A malicious Python package, ‘fabrice,’ has been available on PyPI since 2021, stealing AWS credentials from developers. Downloaded over 37,000 times through typosquatting the legitimate ‘fabric,’ it executes OS-specific scripts for credential theft, exfiltrating them to a VPN server. Users are advised to verify packages and implement IAM for protection. … Read more
November 7, 2024 at 05:04AM A malicious package named “fabrice” on PyPI has stealthily stolen AWS credentials from developers for over three years, with over 37,100 downloads. It exploits trust in the legitimate library “fabric,” using various payloads to execute attacks on both Linux and Windows systems, facilitating credential theft. ### Meeting Takeaways – Nov … Read more
November 5, 2024 at 02:48AM Golang ransomware abuses Amazon S3 Transfer Acceleration to exfiltrate victim files to attacker-controlled buckets, leveraging hard-coded AWS credentials. It disguises itself as LockBit ransomware to manipulate victims. AWS confirmed that this activity violates their policy, leading to account suspensions, highlighting the importance of monitoring cloud security. ### Key Takeaways from … Read more
October 31, 2024 at 08:04PM Security researchers uncovered a criminal operation named Emeraldwhale, which exposed over 15,000 cloud service and email credentials in an unsecured AWS S3 bucket. The attackers used sophisticated tools to exploit misconfigured servers, targeting Git directories. Although linked to French-speaking malware, Emeraldwhale’s affiliation with a specific criminal group remains unclear. ### … Read more