Security News

AWS adds passkeys support, warns root users must enable MFA
2024-06-12 19:38

As announced last October, the internet company reminds us that 'root' AWS accounts must enable MFA by the end of July 2024. Passkeys on AWS. FIDO2 passkeys are physical or software-based authentication solutions that leverage public key cryptography to sign a challenge sent by the server used for verifying the authentication attempt.

AWS unveils new and improved security features
2024-06-12 15:21

At its annual re:Inforce conference, Amazon Web Services has announced new and enhanced security features and tools. To facilitate the concerted push to get customers to secure their accounts with multiple authentication factors, AWS has added support for FIDO2 passkeys as a second authentication method.

AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs
2024-04-16 13:26

New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive credentials in build logs, posing significant...

AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijacking
2024-03-22 13:45

Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited...

Alert: Cybercriminals Deploying VCURMS and STRRAT Trojans via AWS and GitHub
2024-03-13 09:43

A new phishing campaign has been observed delivering remote access trojans (RAT) such as VCURMS and STRRAT by means of a malicious Java-based downloader. “The attackers stored malware on public...

Malicious 'SNS Sender' Script Abuses AWS for Bulk Smishing Attacks
2024-02-16 10:49

A malicious Python script known as SNS Sender is being advertised as a way for threat actors to send bulk smishing messages by abusing Amazon Web Services (AWS) Simple Notification Service (SNS)....

Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure
2024-02-07 05:30

Prowler is an open-source security tool designed to assess, audit, and enhance the security of AWS, GCP, and Azure. "Easy to use from the command line with simple, understandable output, Prowler offers standard reporting formats like CSV and JSON, enabling users to thoroughly examine findings across any cloud provider, all in a uniform format. Its seamless integrations with Security Hub and S3 facilitate easy incorporation with other SIEMs, databases, and more. The ability to write custom checks and develop custom security frameworks is crucial for our expanding community," Toni de la Fuente, the creator of Prowler, told Help Net Security.

CloudFoxable: Open-source AWS penetration testing playground
2024-01-22 05:00

CloudFoxable is a capture-the-flag style learning platform you can deploy to your playground AWS account. It primarily targets current penetration testers seeking to learn exploitation of cloud-native attack paths, and cloud security experts aiming to practice offensive security techniques safely.

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More
2024-01-18 18:44

The Federal Bureau of Investigation and Cybersecurity & Infrastructure Security Agency warned in a joint advisory about a threat actor deploying a botnet that makes use of the Androxgh0st malware. The Androxgh0st malware was exposed in December 2022 by Lacework, a cloud security company.

Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials
2024-01-17 11:14

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for...