Security News
![AWS offers incident response service](/static/build/img/news/aws-offers-incident-response-service-small.jpg)
Amazon Web Services (AWS) has launched a new service to help organizations prepare for and recover from ransomware attacks, account takeovers, data breaches, and other security events: AWS...
![Deploy a SOC using Kali Linux in AWS](/static/build/img/news/deploy-a-soc-using-kali-linux-in-aws-small.jpg)
The Kali SOC in AWS project enables the deployment of a Security Operations Center (SOC) in AWS, utilizing the Kali Linux toolset for purple team activities. This environment is ideal for honing...
![Malicious PyPI package with 37,000 downloads steals AWS keys](/static/build/img/news/malicious-pypi-package-with-37000-downloads-steals-aws-keys-small.jpg)
A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. [...]
![Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers](/static/build/img/news/malicious-pypi-package-fabrice-found-stealing-aws-keys-from-thousands-of-developers-small.jpg)
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating...
![AWS security essentials for managing compliance, data protection, and threat detection](/static/build/img/news/aws-security-essentials-for-managing-compliance-data-protection-and-threat-detection-small.jpg)
AWS offers a comprehensive suite of security tools to help organizations manage compliance, protect sensitive data, and detect threats within their environments. From AWS Security Hub and Amazon...
![AWS Cloud Development Kit flaw exposed accounts to full takeover](/static/build/img/news/aws-cloud-development-kit-flaw-exposed-accounts-to-full-takeover-small.jpg)
Remember Bucket Monopoly? Yeah, it gets worse Amazon Web Services has fixed a flaw in its open source Cloud Development Kit that, under the right conditions, could allow an attacker to hijack a...
![AWS Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover Risks](/static/build/img/news/aws-cloud-development-kit-vulnerability-exposes-users-to-potential-account-takeover-risks-small.jpg)
Cybersecurity researchers have disclosed a security flaw impacting Amazon Web Services (AWS) Cloud Development Kit (CDK) that could have resulted in an account takeover under specific...
![AWS, Azure auth keys found in Android and iOS apps used by millions](/static/build/img/news/aws-azure-auth-keys-found-in-android-and-ios-apps-used-by-millions-small.jpg)
Multiple popular mobile applications for iOS and Android come with hardcoded, unencrypted credentials for cloud services like Amazon Web Services (AWS) and Microsoft Azure Blob Storage, exposing...
![New 'ALBeast' Misconfiguration Exposes Weakness in AWS Application Load Balancer](/static/build/img/news/new-albeast-misconfiguration-exposes-weakness-in-aws-application-load-balancer-small.jpg)
As many as 15,000 applications using Amazon Web Services' (AWS) Application Load Balancer (ALB) for authentication are potentially susceptible to a configuration-based issue that could expose them...
![110K domains targeted in 'sophisticated' AWS cloud extortion campaign](/static/build/img/news/110k-domains-targeted-in-sophisticated-aws-cloud-extortion-campaign-small.jpg)
If you needed yet another reminder of what happens when security basics go awry It's a good news day for organizations that don't leave their AWS environment files publicly exposed because infosec...