Dark Reading

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...
VentureBeat

Lightspin: 46% of AWS S3 buckets could be misconfigured and unsafe

Cloud misconfigurations expose organizations to significant risk, according to a new analysis of Amazon Web Services (AWS) Simple Storage Service (S3) buckets conducted by Lightspin, a cloud security ...
Dark Reading

AWS's Predictable Bucket Names Make Accounts Easier to Crack

The Amazon Web Services Cloud Development Kit (CDK), a popular open source tool, allows cyber teams to conveniently build software-defined cloud infrastructure with widely used programming languages, ...
CSOonline

Abandoned AWS S3 buckets open door to remote code execution, supply-chain compromises

Attackers re-register abandoned AWS S3 buckets filled with malicious files that are executed by applications looking for these buckets. Code references to nonexistent cloud assets continue to pose ...
heise online

AWS S3: Account Regional Namespaces End Bucket Squatting

Amazon Web Services (AWS) has introduced Account Regional Namespaces for Amazon S3 General Purpose Buckets. This allows customers to create bucket names in a reserved namespace per account and region ...