Security
Headlines
HeadlinesLatestCVEs

Tag

#aws

Russia's APT29 Mimics AWS Domains to Steal Windows Credentials

Kremlin intelligence carried out a wide-scale phishing campaign in contrast to its usual, more targeted operations.

DARKReading
Open in Source
#vulnerability#web#windows#apple#microsoft#amazon#git#intel#aws#auth
AWS's Predictable Bucket Names Make Accounts Easier to Crack

Amazon's open source Cloud Development Kit generates dangerously predictable naming patterns that could lead to an account takeover.

GHSA-rjfv-pjvx-mjgv: AWS Load Balancer Controller automatically detaches externally associated web ACL from Application Load Balancers

### Summary  The AWS Load Balancer Controller includes an optional, default-enabled feature that manages WAF WebACLs on Application Load Balancers (ALBs) on your behalf. In versions 2.8.1 and earlier, if the WebACL annotation [1] [alb.ingress.kubernetes.io/wafv2-acl-arn](http://alb.ingress.kubernetes.io/wafv2-acl-arn) or [alb.ingress.kubernetes.io/waf-acl-id](http://alb.ingress.kubernetes.io/waf-acl-id) was absent on Ingresses, the controller would automatically disassociate any existing WebACL from the ALBs, including those associated by AWS Firewall Manager (FMS). Customers on impacted versions should upgrade to prevent this issue from occurring. ### Impact  WebACLs attached to ALBs managed by the AWS Load Balancer Controller through methods other than Ingress annotations may be automatically removed, leaving the ALBs unprotected by WebACL.  Impacted versions: [>=2.0.0;<2.8.2]  ### Patches  We addressed this issue in version 2.8.2 [2] and recommend customers upgrade. Now, if t...

AWS Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover Risks

Cybersecurity researchers have disclosed a security flaw impacting Amazon Web Services (AWS) Cloud Development Kit (CDK) that could have resulted in an account takeover under specific circumstances. "The impact of this issue could, in certain scenarios, allow an attacker to gain administrative access to a target AWS account, resulting in a full account takeover," Aqua said in a report shared

Mobile Apps With Millions of Downloads Expose Cloud Credentials

Popular titles on both Google Play and Apple's App Store include hardcoded and unencrypted AWS and Azure credentials in their codebases or binaries, making them vulnerable to misuse by threat actors.

LinkedIn bots and spear phishers target job seekers

The #opentowork hashtag may attract the wrong crowd as criminals target LinkedIn users to steal personal information, or scam them.

Permiso State of Identity Security 2024: A Shake-up in Identity Security Is Looming Large

Identity security is front, and center given all the recent breaches that include Microsoft, Okta, Cloudflare and Snowflake to name a few. Organizations are starting to realize that a shake-up is needed in terms of the way we approach identity security both from a strategic but also a technology vantage point.  Identity security is more than just provisioning access  The conventional view

Millions of iOS and Android Users at Risk as Popular Apps Expose Cloud Keys

Millions of iOS and Android users are at risk after Symantec discovered that popular apps contain hardcoded, unencrypted…

Ransomware Gangs Use LockBit's Fame to Intimidate Victims in Latest Attacks

Threat actors have been observed abusing Amazon S3 (Simple Storage Service) Transfer Acceleration feature as part of ransomware attacks designed to exfiltrate victim data and upload them to S3 buckets under their control. "Attempts were made to disguise the Golang ransomware as the notorious LockBit ransomware," Trend Micro researchers Jaromir Horejsi and Nitesh Surana said. "However, such is