Russia's APT29 Mimics AWS to Steal Windows Credentials
Kremlin intelligence carried out a wide-scale phishing campaign in contrast to its usual, more targeted operations.
Amazon Web Services (AWS) is a cloud platform whose configurations, vulnerabilities, and security advisories can affect hosted data and systems.
Search across headline titles and summaries.
Background for this topic.
Amazon Web Services (AWS) is a cloud platform offering on-demand computing, storage, databases, networking, and managed services. Organizations use it to run applications and process data without operating the underlying physical infrastructure. Security reporting under this tag may concern AWS service flaws, its infrastructure, or weaknesses in customer-configured environments.
AWS follows a shared-responsibility model: AWS secures the cloud infrastructure, while customers must secure identities, data, configurations, and workloads. Material risks include overly broad IAM permissions or stolen credentials, publicly exposed storage or network services, and unpatched virtual machines, containers, or application interfaces. Effective defenses include least-privilege access, encryption, configuration review, timely patching, and centralized audit logging through services such as CloudTrail. Those logs and related telemetry support detection and investigation, while predefined procedures can revoke credentials, isolate workloads, and preserve evidence when an account or resource is compromised.
Kremlin intelligence carried out a wide-scale phishing campaign in contrast to its usual, more targeted operations.
Remember Bucket Monopoly? Yeah, it gets worse Amazon Web Services has fixed a flaw in its open source Cloud Development Kit that, under the right conditions, could allow an attacker to hijack a user's account completely.…
Amazon's open source Cloud Development Kit generates dangerously predictable naming patterns that could lead to an account takeover.
Cybersecurity researchers have disclosed a security flaw impacting Amazon Web Services (AWS) Cloud Development Kit (CDK) that could have resulted in an account takeover under specific circumstances
Popular titles on both Google Play and Apple's App Store include hardcoded and unencrypted AWS and Azure credentials in their codebases or binaries, making them vulnerable to misuse by threat actors.
Azure Blob Storage, AWS, and Twilio keys all up for grabs An analysis of widely used mobile apps offered on Google Play and the Apple App Store has found hardcoded and unencrypted cloud service credentials, exposing millions of users to major security problems.…
Multiple popular mobile applications for iOS and Android come with hardcoded, unencrypted credentials for cloud services like Amazon Web Services (AWS) and Microsoft Azure Blob Storage, exposing user data and source code to security breaches. [...]