CSOonline15d
Abandoned AWS S3 buckets open door to remote code execution, supply-chain compromises
Attackers re-register abandoned AWS S3 buckets filled with malicious files that are executed by applications looking for ...
How attackers abuse S3 Bucket Namesquatting — And How to Stop Them
AWS S3 bucket names are global with predictable names that can be exploited in "S3 bucket namesquatting" attacks to access or ...
Security Boulevard7d
The Rise of Non-Ransomware Attacks on AWS S3 Data
A sophisticated ransomware gang, Codefinger, has a cunning new technique for encrypting data stored in AWS S3 buckets without traditional ransomware tools. Instead, they exploit the AWS server-side ...
Hosted on MSN16d
Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant'
Abandoned AWS S3 buckets could be reused to hijack the global software supply chain in an attack that would make Russia's "SolarWinds adventures look amateurish and insignificant," watchTowr Labs ...