Tag: Buckets
-
Writing IAM Policies: Grant Access to User-Specific Folders in an Amazon S3 Bucket
November 14, 2023: We’ve updated this post to use IAM Identity Center and follow updated IAM best …
-
IAM Policies and Bucket Policies and ACLs! Oh, My! (Controlling Access to S3 Resources)
Updated on July 6, 2023: This post has been updated to reflect the current guidance around the usage of s3 ACL and to include s3 Access …
-
Supply Chain Attack: Abandoned S3 Buckets Used for Malicious Payloads
Previously, threat actors took over misconfigured databases to demand ransom, but now there has been a change in their tactics. Hijacked S3 …
-
Hackers Use New Exploit Technique to Hijack S3 Buckets
It has been discovered that threat actors might take over expired Amazon S3 buckets to serve rogue binaries without changing the actual …
-
New Supply Chain Attack Exploits Abandoned S3 Buckets to Distribute Malicious Binaries
In what’s a new kind of software supply chain attack aimed at open source projects, it has emerged that threat actors could seize control …
-
Cloud Misconfig Exposes 3TB of Sensitive Airport Data in Amazon S3 Bucket: ‘Lives at Stake’
The unsecured server exposed more than 1.5 million files, including airport worker ID photos and other PII, highlighting the ongoing …
-
12K Misconfigured Elasticsearch Buckets Ravaged by Extortionists
The cloud instances were left open to the public Internet with no authentication, allowing attackers to wipe the …
-
Misconfigured AWS Bucket Exposes Hundreds of Social Influencers
A misconfigured cloud storage bucket has exposed the personal details of hundreds of social media influencers, potentially putting them at …
-
Google Cloud Buckets Exposed in Rampant Misconfiguration
Six percent of all Google Cloud buckets are misconfigured and left open to the public internet, for anyone to access their contents. In a …
-
Twilio Security Incident Shows Danger of Misconfigured S3 Buckets
Twilio, the cloud communications platform-as-a-service (CPaaS) giant, has confirmed a security incident in which attackers accessed a …
-
Unsecured AWS S3 Buckets Infected With Skimmer Code
Cybercriminals are continuing to take advantage of unsecured Amazon Web Services Simple Storage Service cloud storage buckets, with RiskIQ …
-
Magecart Targets Emergency Services-related Sites via Insecure S3 Buckets
Hacking groups are continuing to leverage misconfigured AWS S3 data storage buckets to insert malicious code into websites in an attempt to …
●●●