Security News

Amazon Web Services Launches Independent European Cloud as Calls for Data Sovereignty Grow
2023-11-01 17:10

Amazon Web Services has launched an independent cloud for Europe designed for public sector customers and companies operating in highly regulated industries within the European Union. The AWS Sovereign Cloud will operate both "Physically and logically" separate from AWS's existing cloud regions and has been engineered specifically to meet the data residency and regulatory requirements of European customers.

Ubuntu Pro now available on Amazon Web Services
2023-05-04 18:36

Canonical announced on Tuesday that Ubuntu Pro is available in a subscription-included model on Amazon Web Services. With Ubuntu Pro on AWS, users can launch Ubuntu Pro on-demand instances and purchase Ubuntu Pro compute savings plans directly from the Amazon Elastic Compute Cloud console.

Researchers Detail AppSync Cross-Tenant Vulnerability in Amazon Web Services
2022-11-28 11:56

Amazon Web Services has resolved a cross-tenant vulnerability in its platform that could be weaponized by an attacker to gain unauthorized access to resources. "This attack abuses the AppSync service to assume roles in other AWS accounts, which allows an attacker to pivot into a victim organization and access resources in those accounts," Datadog researcher Nick Frichette said in a report published last week.

How phishing attacks are exploiting Amazon Web Services
2022-08-18 17:18

How phishing attacks are exploiting Amazon Web Services. Cybercriminals prefer to use legitimate sites and services in their phishing scams, not just to trick unsuspecting victims but to sneak past security scanners that would otherwise block traffic from a suspicious site.

Amazon Web Services fixes container escape in Log4Shell hotfix
2022-04-20 08:45

Amazon Web Services has fixed four security issues in its hot patch from December that addressed the critical Log4Shell vulnerability affecting cloud or on-premise environments running Java applications with a vulnerable version of the Log4j logging library or containers. The hot patch packages from Amazon are not exclusive to AWS resources and allowed escaping a container in the environment and taking control of the host.

Trustwave Fusion platform now also hosted on Amazon Web Services GovCloud
2020-09-18 00:00

Trustwave announced the Trustwave Fusion platform is now also hosted on Amazon Web Services GovCloud, providing U.S. government agencies and suppliers threat detection and response services to help address the constantly shifting threat landscape while meeting stringent U.S. Federal government security requirements. The cloud-native Trustwave Fusion platform delivers the first U.S.-only managed threat detection and response services hosted on AWS GovCloud and is in the process of FedRAMP authorization.

Kryon unveils cloud-based Full Cycle Automation-as-a-Service platform powered by Amazon Web Services
2020-09-04 01:30

Kryon launched the industry's first cloud-based Full Cycle Automation-as-a-Service platform. Powered by Amazon Web Services, Kryon's FCAaaS pushes the boundaries of automation by combining Process Discovery, RPA, and actionable analytics in one unified platform.

How phishing attacks have exploited Amazon Web Services accounts
2020-08-25 18:45

A series of recent phishing attacks tried to take advantage of organizations that use Amazon Web Services. In one phishing campaign reported to KnowBe4, the attackers created a basic, no-frills scam to harvest the credentials of AWS users.

Datadog now supports Amazon EFS for AWS Lambda on Amazon Web Services
2020-06-19 00:15

Datadog's integration with Amazon EFS for AWS Lambda brings single-click correlation between AWS Lambda and the underlying Elastic File System. "We are excited to see Datadog integrating support for Amazon EFS for AWS Lambda into their serverless monitoring at launch," said Adam Fergus, Manager, DevOps at Fiix.

Phishing attack impersonates Amazon Web Services to steal user credentials
2020-05-28 11:56

The emails spoof an automated notification from AWS to try to capture Amazon account credentials, according to Abnormal Security. A blog post published Wednesday by security provider Abnormal Security describes how phishing attacks are taking advantage of Amazon Web Services to steal user credentials.