#Misconfiguration

Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket

December 9, 2024 by Xynik

December 9, 2024 at 11:20AM Security researchers report an ongoing massive online heist targeting AWS customers, exploiting public website misconfigurations to steal source codes, credentials, and secrets. The criminal operation, linked to the Nemesis and ShinyHunters gangs, remains active. Misconfigurations allowing these breaches are attributed to customer oversight, not AWS itself. ### Meeting Takeaways 1. … Read more

Low-Code, High Risk: Millions of Records Exposed via Misconfigured Microsoft Power Pages

November 14, 2024 by Xynik

November 14, 2024 at 11:10AM A security researcher found misconfigurations in several Microsoft Power Pages installations, leading to unintentional access to confidential data. This investigation highlights a risk associated with low-code platforms, exposing millions of records due to improper setup. The findings were reported by SecurityWeek. **Meeting Takeaways:** 1. **Investigation Findings:** A security researcher conducted … Read more

5 SaaS Misconfigurations Leading to Major Fu*%@ Ups

November 1, 2024 by Xynik

November 1, 2024 at 07:33AM The article discusses key SaaS misconfigurations that pose security risks, including excessive help desk privileges, lack of MFA for super admins, unblocked legacy authentication, mismanaged super admin counts, and Google Groups view settings. It emphasizes the importance of continuous monitoring and fixing these issues to prevent data breaches and ensure … Read more

Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking

September 12, 2024 by Xynik

September 12, 2024 at 09:36AM Bad actors target Internet-exposed Selenium Grid instances for illicit cryptocurrency mining and proxyjacking. The lack of authentication makes these instances vulnerable. Threat actors exploit this to carry out malicious actions, including deploying crypto miners and proxyware solutions EarnFM and IPRoyal Pawn. Organizations are urged to configure authentication to prevent abuse. … Read more

Cloud Email Filtering Bypass Attack Works 80% of the Time

March 29, 2024 by Xynik

March 29, 2024 at 03:38PM Many businesses using cloud-based email spam filtering services are at risk due to frequent misconfigurations, posing potential security vulnerabilities. Based on the meeting notes, it seems that there is a concern about the potential risk for enterprises using cloud-based email spam filtering services due to misconfigurations. It might be important … Read more