AWS Launches New Incident Response Service

December 3, 2024 at 06:55AM Amazon Web Services (AWS) launched a new incident response service that aids security teams in faster threat response and recovery using machine learning. It automates triage and analysis of security signals, offers preconfigured notifications, and allows collaboration with third-party vendors. The service is available in 12 AWS regions globally. ### … Read more

How Major Companies Are Honoring Cybersecurity Awareness Month

October 8, 2024 at 01:04PM Cybersecurity Awareness Month promotes security best practices and empowers organizations to create a culture of security. Companies like AWS, IBM, Intuit, SentinelOne, and Gallo use this month to educate, engage, and inspire their employees and communities. Programs include online and physical security training, expert-led discussions, and educational initiatives for students. … Read more

Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts

August 16, 2024 at 12:39PM A recent extortion campaign targeted organizations by exploiting publicly accessible .env files with cloud and social media credentials. The attackers used AWS environments to scan over 230 million targets, compromised over 90,000 unique variables, and conducted phishing and ransom activities. The campaign demonstrated advanced cloud knowledge, evasion techniques, and financial … Read more

Critical AWS Vulnerabilities Allow S3 Attack Bonanza

August 8, 2024 at 08:07AM Aqua Security researchers discovered six critical vulnerabilities in Amazon Web Services (AWS) that could have allowed remote code execution, exfiltration, denial of service attacks, and account takeovers. Attack methods such as “Bucket Monopoly” and “Shadow Resources” were uncovered and reported to AWS, which rolled out mitigations between March and June. … Read more

GitHub Rolls Out Default Secret Scanning Push Protection for Public Repositories

March 1, 2024 at 01:09AM GitHub has announced the default activation of secret scanning push protection for all public repository pushes. This feature identifies over 200 token types from more than 180 service providers to prevent fraudulent use. The move comes as a response to ongoing “repo confusion” attacks targeting GitHub, aiming to thwart malicious … Read more

Malicious ‘SNS Sender’ Script Abuses AWS for Bulk Smishing Attacks

February 16, 2024 at 06:45AM A Python script called SNS Sender is being utilized to send fraudulent SMS messages through AWS SNS, posing as messages from USPS to trick users into disclosing personal and payment information. The tool leverages AWS SNS to conduct SMS spamming attacks and is linked to a threat actor named ARDUINO_DAS. … Read more

FBI: Beware of thieves building Androxgh0st botnets using stolen creds

January 16, 2024 at 08:36PM The FBI and CISA warn that cybercriminals are leveraging old vulnerabilities to deploy Androxgh0st malware, targeting .env files containing user credentials for AWS, Microsoft Office 365, SendGrid, and Twilio. The malware can be used to steal data, execute code remotely, and create new AWS users and instances. Mitigations include updating … Read more