Stay informed on Amazon's latest info security updates, threats, and best practices. Your hub for all Amazon-centric cybersecurity news.
Search across headline titles and summaries.
Background for this topic.
Amazon is a multinational technology company predominantly known for its online retail platform, Amazon.com, cloud computing services through Amazon Web Services (AWS), and various consumer electronics like the Kindle e-reader, Echo smart speakers, and Fire TV. In the realm of information security, Amazon is an entity of significant importance due to the vast amount of user data it handles and its extensive infrastructure that is increasingly targeted by cyber threats.
Information security concerning Amazon covers a broad spectrum of topics such as securing its ecommerce platform to protect customer transactions and privacy, defending cloud services against data breaches and unauthorized access, and ensuring the security of IoT devices to prevent potential exploits. This domain focuses on implementing robust security measures, developing encryption technologies, conducting threat assessments, and adhering to compliance standards to safeguard both the company's assets and its users' data against cyber-attacks, data theft, and other security vulnerabilities.
Weekly headline count for the current query.
Cybersecurity firm Kaspersky reports that the Amazon Simple Email Service (SES) is being increasingly abused to send convincing phishing emails that can bypass standard security filters and render reputation-based blocks ineffective. [...]
The Amazon Simple Email Service (SES) is being increasingly abused, a cybersecurity company's telemetry data shows, to send convincing phishing emails that can bypass standard security filters and render reputation-based blocks ineffective. [...]
Renegotiated Pact With Microsoft Clears OpenAI Path to Enterprise CloudsOpenAI has launched its models and tools on Amazon Web Services, one day after revising its agreement with Microsoft to end years of cloud exclusivity, a move likely driven by competitive pressure from Anthropic's hold on enterprise AWS customers.
Last week, Anthropic announced Project Glasswing, an AI model so effective at discovering software vulnerabilities that they took the extraordinary step of postponing its public release. Instead, the company has given access to Apple, Microsoft, Google, Amazon, and a coalition of others to find and patch bugs before adversaries can
Felicis-Led Series A Backs Telemetry Correlation Across Cloud, Identity, EndpointsArtemis, a New York startup led by former Amazon GuardDuty product leader Shachar Hirshberg, emerged from stealth with $70 million to build an AI-driven SIEM alternative that correlates telemetry across enterprise environments, tailors detections and speeds investigations.
Artificial Intelligence (AI) company Anthropic announced a new cybersecurity initiative called Project Glasswing that will use a preview version of its new frontier model, Claude Mythos, to find and address security vulnerabilities
A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale
Plus: how to train your human AI interview Amazon has seen a 40 percent efficiency gain by using AI tools to pentest its products before and after launch, according to security chief CJ Moses.…
The European Commission, the European Union's main executive body, is investigating a security breach after a threat actor gained access to the Commission's Amazon cloud environment. [...]
The European Commission, the European Union's main executive body, is investigating a security breach after a threat actor gained access to its Amazon cloud infrastructure. [...]
AWS Bedrock is Amazon's platform for building AI-powered applications. It gives developers access to foundation models and the tools to connect those models directly to enterprise data and systems. That connectivity is what makes it powerful – but it’s also what makes Bedrock a target
North Carolina musician Michael Smith has pleaded guilty to collecting over $10 million in royalty payments through a massive streaming royalty fraud scheme on Spotify, Apple Music, Amazon Music, and YouTube Music. [...]
Interlock's post-exploit toolkit exposed Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, according to Amazon security boss CJ Moses.…
Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software
The Ninth Circuit has paused a lower-court order as the companies dispute whether user-approved automation can access password-protected accounts without the platform’s permission. The post Appeals court temporarily pauses order blocking Perplexity’s AI shopping agent on Amazon appeared first on CyberScoop.
Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries
A social engineering campaign impersonating PayPal and Amazon uses customer support interactions to acquire sensitive info.
State news published a list of nearly 30 sites that could be targeted Iran has reportedly designated Amazon, Google, IBM, Microsoft, Nvidia, Oracle, and Palantir facilities as legitimate targets of retaliatory strikes, according to an Al Jazeera report citing Iran’s state-affiliated Tasnim news agency.…
Amazon sued the AI browser company last year, accusing them of computer fraud, accessing password protected accounts and buying items. The post Federal judge blocks Perplexity’s AI browser from making Amazon purchases appeared first on CyberScoop.
Iranian Cyberespionage Group MuddyWater Goes DarkPhysical effects rather than cyber strikes are triggering Middle Eastern connectivity problems during day four of a sustained U.S. and Israeli bombing campaign against Iran. Iran is responding with drone and missile attacks targeting U.S. military as well as British bases in Bahrain, Cyprus.