Security News

AWS offers incident response service
2024-12-02 12:06

Amazon Web Services (AWS) has launched a new service to help organizations prepare for and recover from ransomware attacks, account takeovers, data breaches, and other security events: AWS...

Deploy a SOC using Kali Linux in AWS
2024-11-25 05:00

The Kali SOC in AWS project enables the deployment of a Security Operations Center (SOC) in AWS, utilizing the Kali Linux toolset for purple team activities. This environment is ideal for honing...

Malicious PyPI package with 37,000 downloads steals AWS keys
2024-11-09 15:17

A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. [...]

Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers
2024-11-07 09:07

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating...

AWS security essentials for managing compliance, data protection, and threat detection
2024-11-07 05:00

AWS offers a comprehensive suite of security tools to help organizations manage compliance, protect sensitive data, and detect threats within their environments. From AWS Security Hub and Amazon...

AWS Cloud Development Kit flaw exposed accounts to full takeover
2024-10-24 22:33

Remember Bucket Monopoly? Yeah, it gets worse Amazon Web Services has fixed a flaw in its open source Cloud Development Kit that, under the right conditions, could allow an attacker to hijack a...

AWS Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover Risks
2024-10-24 13:00

Cybersecurity researchers have disclosed a security flaw impacting Amazon Web Services (AWS) Cloud Development Kit (CDK) that could have resulted in an account takeover under specific...

AWS, Azure auth keys found in Android and iOS apps used by millions
2024-10-22 20:19

Multiple popular mobile applications for iOS and Android come with hardcoded, unencrypted credentials for cloud services like Amazon Web Services (AWS) and Microsoft Azure Blob Storage, exposing...

New 'ALBeast' Misconfiguration Exposes Weakness in AWS Application Load Balancer
2024-08-22 15:03

As many as 15,000 applications using Amazon Web Services' (AWS) Application Load Balancer (ALB) for authentication are potentially susceptible to a configuration-based issue that could expose them...

110K domains targeted in 'sophisticated' AWS cloud extortion campaign
2024-08-21 17:23

If you needed yet another reminder of what happens when security basics go awry It's a good news day for organizations that don't leave their AWS environment files publicly exposed because infosec...