Lone Attacker Uses AI to Breach AWS Cloud Environment in 72 Hours
The attacker exploited AI workflows, chained cloud weaknesses, and stolen credentials to extort a large Amazon customer.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The attacker exploited AI workflows, chained cloud weaknesses, and stolen credentials to extort a large Amazon customer.
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on a public GitHub account. The inquiry comes as CISA is still struggling to contain the breach and invalidate the leaked credentials.
A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale
The European Commission has revealed details of a data breach impacting its AWS infrastructure
Some weeks in security feel normal. Then you read a few tabs and get that immediate “ah, great, we’re doing this now” feeling
A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely breach a victim's cloud environment within a span of 72 hours
Crooks claim 2 GB haul from AWS instance via React2Shell exploit Data analytics giant LexisNexis has confirmed its Legal & Professional division suffered a data breach days after the Fulcrumsec cybercrime crew claimed responsibility for the hack.…
The AI-assisted attack, which started with exposed credentials from public S3 buckets, rapidly achieved administrative privilges.
Password Manager Must Pay 1.2M PoundsThe British data regulator imposed a fine of 1.2 million pounds against password manager LastPass over a 2022 data breach that exposed the data of millions of its customers. Unidentified hackers stole backup data from LastPass's Amazon Web Services S3 bucket.
Also, Australian Police Arrest 55 in New Round of Anom App StingThis week: UPenn hit by email breach, Australian police arrested 55, 'SesameOp' backdoor hid C2 traffic, BEC scammers used AWS, hackers stole trucking cargo, Ukrainian national extradited to United States for role in Conti ransomware and a supply chain risk in advanced installer tool.
PLUS: MGM settles breach suits; AWS doesn't trust you with security defaults; A new .NET backdoor; and more Infosec in brief The United States Food and Drug Administration has told medical facilities and caregivers that monitor patients using Contec equipment to disconnect the devices from the internet ASAP.…
Hackers exploited AWS misconfigurations, leaking 2TB of sensitive data, including customer information, credentials and proprietary source code
ShinyHunters Fronting for Threat Group That Allegedly Infiltrated AWS InstancesA massive quantity of data allegedly stolen from Ticketmaster is being offered for sale on the BreachForums data leak site, which has been freshly rebooted following a recent FBI-led seizure. The alleged Ticketmaster breach involves 1.3 terabytes of data comprising 560 million customers' details.
Compromised AWS account led to fears that user info could have been exposed to cybercriminals Sumo Logic has confirmed that no customer data was compromised as a result of the potential security breach it discovered on November 3.…
Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS (Amazon Web Services) account was compromised last week. [...]
As for March megabreach? M&S and Guinness maker Diageo warn pension members about data risks The bad news train keeps rolling for Capita, with more local British councils surfacing to say their data was put on the line by an unsecured AWS bucket, and, separately, pension clients warning of possible data theft in March's mega breach.…
LastPass revealed more information on a "coordinated second attack," where a threat actor accessed and stole data from the Amazon AWS cloud storage servers for over two months. [...]
Alleged teen hacker claims he found an admin password in a network share inside Uber that allowed complete access to ride-sharing giant's AWS, Windows, Google Cloud, VMware, and other environments.
AWS and G Suite admin accounts may have been popped, HackerOne bug bounty account hit, and more Uber is tonight reeling from what looks like a substantial cybersecurity breach.…
The software engineer intended to mine the stolen data and install cryptocurrency miners on some AWS servers