Tag
#amazon
Plus: A mysterious hacking group’s secret client is exposed, Signal takes a swipe at Microsoft Recall, Russian hackers target security cameras to spy on aid to Ukraine, and more.
Operation Endgame takes down DanaBot malware network; 300 servers neutralized, €21.2M in crypto seized, 16 charged, 20 international warrants.
Talos analyzed six months of PowerShell network telemetry and found that rare domains are over three times more likely to be malicious compared to frequently contacted ones.
A stalkerware company that recently leaked millions of users' personal information online has taken all of its assets offline without any explanation.
The trove has now been taken down but included users’ logins for platforms including Apple, Google, and Meta, plus services from multiple governments.
In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files in an Amazon S3 bucket, are vulnerable to XML External Entity (XXE) attacks when parsing XML files. This vulnerability can lead to information disclosure, denial of service, and other security issues.
A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and Microsoft Azure endpoints, by leveraging misconfigurations in the Domain Name System (DNS) records. The hijacked domains are then used to host URLs that direct users to scams and malware via traffic distribution systems (TDSes), according to
Infoblox reveals Hazy Hawk, a new threat exploiting abandoned cloud resources (S3, Azure) and DNS gaps since Dec…
Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts. "These roles, often created automatically or recommended during setup, grant overly broad permissions, such as full S3
Cisco Talos built on Tenable’s discovery of a Google Cloud Platform vulnerability to uncover how attackers could exploit similar techniques across AWS and Azure.