Amazon Q flaw let booby-trapped Git repos execute code, swipe cloud creds
Researchers warn many AI coding assistants now execute commands from project configurations
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Researchers warn many AI coding assistants now execute commands from project configurations
Windows Admin Center flaws mean on-prem can attack cloud, and vice-versa Black Hat Asia Israeli researchers found a series of flaws in Microsoft's Windows Admin Center (WAC) and suggest this shows hybrid cloud management tools are a two-way attack surface that users don't spend enough time worrying about.…
LLMs automated most phases of the attack A digital intruder broke into an AWS cloud environment and in just under 10 minutes went from initial access to administrative privileges, thanks to an AI speed assist.…
AI + skilled malware developers = security threat VoidLink, the newly spotted Linux malware that targets victims' clouds with 37 evil plugins, was generated "almost entirely by artificial intelligence" and likely developed by just one person, according to the research team that discovered the do-it-all implant.…
And it's 'not unique to AWS,' researcher tells The Reg A critical misconfiguration in AWS's CodeBuild service allowed complete takeover of the cloud provider's own GitHub repositories and put every AWS environment in the world at risk, according to Wiz security researchers.…
Finish reading this, then patch A maximum-severity flaw in the widely used JavaScript library React, and several React-based frameworks including Next.js allows unauthenticated, remote attackers to execute malicious code on vulnerable instances. The flaw is easy to abuse, and mass exploitation is "imminent," according to security researchers.…
Miscreants cost victims time rather than money During the two-hour window on Monday in which hijacked npm versions were available for download, malware-laced packages reached one in 10 cloud environments, according to Wiz researchers. But crypto-craving crims did little more than annoy defenders.…
Just an FYI, like Generative AI assistants packaged up as browser extensions harvest personal data with minimal safeguards, researchers warn.…
When cloud customers don't clean up after themselves, part 97 Abandoned AWS S3 buckets could be reused to hijack the global software supply chain in an attack that would make Russia's "SolarWinds adventures look amateurish and insignificant," watchTowr Labs security researchers have claimed.…
This is what happens when you publish PoCs immediately, hm? "Several cloud deployments" are already compromised following the disclosure of the maximum-severity vulnerability in Aviatrix Controller, researchers say.…
Emeraldwhale gang looked sharp – until it made a common S3 bucket mistake A criminal operation dubbed Emeraldwhale has been discovered after it dumped more than 15,000 credentials belonging to cloud service and email providers in an open AWS S3 bucket, according to security researchers.…
Nastyware seeks creds, mines crypto, and plants ransomware that isnt deployed - for now? An unknown attacker is exploiting weak passwords to break into Oracle WebLogic servers and deploy an emerging Linux malware called Hadooken, according to researchers from cloud security outfit Aqua.…
Crashes galore, plus especially crafty crims could use it for much worse Infosec researchers are alerting the industry to a critical vulnerability in Fluent Bit – a logging component used by a swathe of blue chip companies and all three major cloud providers.…
Warning: Poorly configured Google Cloud databases spill billing info, plaintext credentials At least 900 websites built with Google's Firebase, a cloud database, have been misconfigured, leaving credentials, personal info, and other sensitive data inadvertently exposed to the public internet, according to security researchers.…
PLUS: NSA shares cloud security tips; Infosec training for Jordanian women; Critical vulnerabilities Infosec in brief Cybersecurity researchers informed Microsoft that Notorious North Korean hackers Lazarus Group discovered the "holy grail" of rootkit vulnerabilities in Windows last year, but Redmond still took six months to patch the problem.…
The critical rise of generative AI use in ransomware attacks on applications Webinar It's a fact of life that ransomware is a constant threat, like a dark cloud on every horizon. Recent research suggests that the volume of attacks has doubled in the last year.…
ALSO: Amazon's child-sized COPPA fine, smart tech security labels coming to the US, and this week's critical vulns Infosec in brief A security weakness in Google Cloud Build could have allowed attackers to tamper with organizations' code repositories and application images, according to Orca Security researchers.…
Datadog security researchers found the flaw before miscreants did Amazon Web Services (AWS) fixed a cross-tenant flaw in AWS AppSync that could allow miscreants to abuse that cloud service to assume identity and access management roles in other AWS accounts, and then gain access to and control over those resources. …
This is your chance to let us know, so we can report back to you Sponsored Feature The steady migration of applications and infrastructure out of in-house data centres and server farms and into the cloud looks unstoppable at this moment in time. Research firm Gartner has estimated that by 2025, 51 percent of IT spending on application and infrastructure software, business process services and system infrastructure will have shifted to the public cloud, up from 41 percent in 2022. And you can bet that large volumes of the data that those applications and systems host and process will go with them.…
All the news you may have missed from RSA this week RSA Conference in brief Researchers from Wiz, who previously found a series of four serious flaws in Azure's Open Management Infrastructure (OMI) agent dubbed "OMIGOD," presented some related news at RSA: Pretty much every cloud provider is installing similar software "without customer's awareness or explicit consent."…