August 21, 2024 at 01:27PM Cyble Security researchers found 110,000 domains targeted by attackers exploiting misconfigured .env files, exposing cloud access keys and SaaS API keys. Attackers targeted unsecured web applications, accessed IAM keys, and escalated privileges to gain unfettered access. Cloud users are urged to follow best practices and avoid committing .env files to … Read more
August 21, 2024 at 11:20AM Tenable researchers discovered a server-side request forgery (SSRF) vulnerability in Microsoft’s Copilot Studio tool, allowing attackers to access sensitive cloud-based information. This flaw, tracked as CVE-2024-38206, could impact multiple tenants by bypassing SSRF protection. However, Microsoft has fully mitigated the vulnerability, ensuring no action is required from Copilot Studio users. … Read more
August 21, 2024 at 08:54AM Miggo has identified a critical configuration issue in AWS’s Application Load Balancer, potentially impacting 15,000 vulnerable apps. Referred to as ALBeast, the attack involves forging tokens and exploiting the ALB configuration to bypass authentication and authorization. Businesses are advised to validate token signers and restrict traffic to mitigate these threats. … Read more
August 21, 2024 at 07:42AM A privilege escalation vulnerability in Microsoft Azure Kubernetes Services allowed attackers to access sensitive information, including cluster credentials. The flaw impacted clusters using Azure CNI and Azure for network policy. Exploiting this flaw, attackers could access secrets, compromise clusters, and abuse cloud services and metadata servers, potentially leading to network … Read more
August 21, 2024 at 07:33AM SaaS applications have revolutionized operations but introduced security vulnerabilities. With the increasing complexity of interconnected SaaS apps, organizations struggle to monitor and secure access. Understanding app usage, permissions, and actions is crucial, along with implementing measures like multi-factor authentication and access monitoring to prevent breaches. Proactive security measures are essential … Read more
August 20, 2024 at 04:21PM Cloud security remains vital as cloud infrastructure becomes central to modern enterprises. AWS CloudTrail is key for monitoring API activity, alerting to unusual access patterns, IAM anomalies, data access movements, and security group modifications. Mitigate risk with least privilege enforcement, MFA, access key rotation, CloudTrail/GuardDuty monitoring, and AWS Config compliance … Read more
August 20, 2024 at 11:22AM Unicoin’s Google Workspace was hacked, with the hacker changing passwords for all employees, locking them out for four days. The company reported the incident to SEC, stating that the threat actor accessed and manipulated confidential information, including personal data discrepancies, compromised communications, and identity forgery. Unicoin believes the event won’t … Read more
August 19, 2024 at 06:45AM The Xeon Sender tool is being used for large-scale SMS phishing and spam campaigns through abusing legitimate cloud services. It exploits APIs of services like Amazon SNS, Nexmo, and Twilio to send bulk SMS spam attacks without exploiting any weaknesses of the providers. Organizations should monitor for anomalous changes in … Read more
August 16, 2024 at 05:51PM GitHub Actions artifacts generated during CI/CD workflows may inadvertently expose tokens for third-party cloud services and GitHub, posing a risk to repositories and services. Palo Alto Networks warns of misconfigurations and security defects allowing threat actors to compromise repositories and steal secrets. Avital suggests proactive security measures to mitigate these … Read more
August 16, 2024 at 12:39PM A recent extortion campaign targeted organizations by exploiting publicly accessible .env files with cloud and social media credentials. The attackers used AWS environments to scan over 230 million targets, compromised over 90,000 unique variables, and conducted phishing and ransom activities. The campaign demonstrated advanced cloud knowledge, evasion techniques, and financial … Read more