News

Hosted on MSN1mon
Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket
The criminals stored the victims' data, more than 2 TB total, in an open S3 bucket ... Project Discovery's red-teaming software to scan 26.8 million IP addresses belonging to AWS.
Hosted on MSN3mon
Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant'
The researchers, in a report ... the bucket no longer exists, an attacker would simply need to do what watchTowr did next: Re-register this S3 bucket with the same name inside their AWS account.
Threat Post3y
SEGA’s Sloppy Security Confession: Exposed AWS S3 Bucket Offers Up Steam API Access & More
SEGA’s disclosure underscores a common, potentially catastrophic, flub — misconfigured Amazon Web Services (AWS ... s account, the report said. The exposed S3 bucket could have also allowed ...