Business Insider

Lightspin Research Team Discovers Cross-Account Attack Path Leveraging Dangerous S3 Bucket Permissions on AWS

Hackers can achieve public write access to write files to protected S3 buckets and store data at a victim's expense TEL AVIV, Israel, June 3, 2021 /PRNewswire/ -- Lightspin, a pioneer in contextual ...
Dark Reading

Abandoned AWS Cloud Storage: A Major Cyberattack Vector

Abandoned cloud storage buckets present a major, but largely overlooked, threat to Internet security, new research has shown. The risks arise when bad actors discover and re-register these neglected ...
Dark Reading

Twilio Security Incident Shows Danger of Misconfigured S3 Buckets

Twilio, the cloud communications platform-as-a-service (CPaaS) giant, has confirmed a security incident in which attackers accessed a misconfigured Amazon AWS S3 bucket and modified the TaskRouter ...
Bleeping Computer

Amazon S3 will now encrypt all new data with AES-256 by default

Amazon Simple Storage Service (S3) will now automatically encrypt all new objects added on buckets on the server side, using AES-256 by default. While the server-side encryption system has been ...
Bleeping Computer

2% of Amazon S3 Public Buckets Aren't Write-Protected, Exposed to Ransom Attacks

New research published on Monday reveals that 5.8% of all Amazon S3 buckets are publicly readable, while 2% are publicly writeable —with the latter allowing anyone to add, edit, or delete data, and ...