Security
Headlines
HeadlinesLatestCVEs

Tag

#amazon

The US Is Building a One-Stop Shop for Buying Your Data

Plus: A mysterious hacking group’s secret client is exposed, Signal takes a swipe at Microsoft Recall, Russian hackers target security cameras to spy on aid to Ukraine, and more.

Wired
#web#mac#windows#apple#google#microsoft#amazon#git#wordpress#intel#auth#sap
Operation Endgame Takes Down DanaBot Malware, Neutralizes 300 Servers

Operation Endgame takes down DanaBot malware network; 300 servers neutralized, €21.2M in crypto seized, 16 charged, 20 international warrants.

Scarcity signals: Are rare activities red flags?

Talos analyzed six months of PowerShell network telemetry and found that rare domains are over three times more likely to be malicious compared to frequently contacted ones.

Stalkerware apps go dark after data breach

A stalkerware company that recently leaked millions of users' personal information online has taken all of its assets offline without any explanation.

Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials

The trove has now been taken down but included users’ logins for platforms including Apple, Google, and Meta, plus services from multiple governments.

GHSA-vrpq-qp53-qv56: Eclipse JGit XML External Entity (XXE) Vulnerability

In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files in an Amazon S3 bucket, are vulnerable to XML External Entity (XXE) attacks when parsing XML files. This vulnerability can lead to information disclosure, denial of service, and other security issues.

Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery

A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and Microsoft Azure endpoints, by leveraging misconfigurations in the Domain Name System (DNS) records. The hijacked domains are then used to host URLs that direct users to scams and malware via traffic distribution systems (TDSes), according to

Hazy Hawk Attack Spotted Targeting Abandoned Cloud Assets Since 2023

Infoblox reveals Hazy Hawk, a new threat exploiting abandoned cloud resources (S3, Azure) and DNS gaps since Dec…

AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation

Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts. "These roles, often created automatically or recommended during setup, grant overly broad permissions, such as full S3

Duping Cloud Functions: An emerging serverless attack vector

Cisco Talos built on Tenable’s discovery of a Google Cloud Platform vulnerability to uncover how attackers could exploit similar techniques across AWS and Azure.