Security News > 2024 > December > Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket
2024-12-09 16:15
ShinyHunters-linked heist thought to have been ongoing since March Exclusive A massive online heist targeting AWS customers during which digital crooks abused misconfigurations in public websites and stole source code, thousands of credentials, and other secrets remains "ongoing to this day," according to security researchers.…
News URL
https://go.theregister.com/feed/www.theregister.com/2024/12/09/aws_credentials_stolen/
Related news
- Ransomware abuses Amazon AWS feature to encrypt S3 buckets (source)
- Attackers are encrypting AWS S3 data without using ransomware (source)
- Week in review: AWS S3 data encrypted without ransomware, data of 15k Fortinet firewalls leaked (source)
- Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant' (source)