Votiro announced the addition of an AWS S3 bucket connector to its Secure File Gateway solution suite. With this new capability, all files hosted within AWS storage will be delivered to the Votiro Secure File Gateway, powered by Positive Selection technology.
Perception Point announced its Advanced Threat Protection service for Amazon Web Services environments to protect joint customers' data and stop malicious content - files and URLs - from infiltrating their Amazon Simple Storage Service buckets. Enterprises and innovative SaaS vendors are increasingly storing their internal data as well files received from external sources in Amazon S3 buckets.
ClearDATA announced an expanded capability of their ClearDATA Healthcare Security and Compliance Platform, enabling healthcare organizations and their business associates to automatically detect protected health information in multi-cloud storage buckets. "In today's climate, cybersecurity breaches are at an all-time high, partially due to the industry's accelerating cloud adoption to tackle the unique challenges healthcare has encountered during the pandemic," said Suhas Kelkar, Chief Product Officer at ClearDATA. "This new technology offering enhances healthcare organizations' ability to create secure environments for data that facilitate innovation, collaboration and scalability."
Six percent of all Google Cloud buckets are misconfigured and left open to the public internet, for anyone to access their contents. In a survey of 2,064 Google Cloud buckets by Comparitech, 131 of them were found to be vulnerable to unauthorized access by users who could list, download and/or upload files.
Misconfigured AWS S3 storage buckets exposing massive amounts of data to the internet are like an unexploded bomb just waiting to go off, say experts. The team at Truffle Security said its automated search tools were able to stumble across some 4,000 open Amazon-hosted S3 buckets that included data companies would not want public - things like login credentials, security keys, and API keys.
Hundreds of thousands of sensitive dating app profiles - including images of "a graphic, sexual nature" - were exposed online for anyone stumbling across them to download. Word of the uncontrolled emission burst forth from vpnMentor this week, which claims it found a misconfigured AWS S3 bucket containing 845GB of private dating app records. "Aside from exposing potentially millions of users of the apps to danger, the breach also exposed the various apps' entire AWS infrastructure through unsecured admin credentials and passwords," vpnMentor's researchers wrote.
Shortly after our story was published, an infoec bod, who asked to remain anonymous, told El Reg they could access the files in the leaky bucket weeks after it was supposedly taken down. A report from Google claims phishing attacks from government-backed spies are increasingly disguised as messages from journalists.
A pair of misconfigured cloud-hosted file silos have left thousands of peoples' sensitive info sitting on the open internet. The latest demonstration of this comes from eggheads at VPNmentor, who this week said they found two open AWS S3 buckets, one belonging to a UK consulting firm and another run by an adult webcam host.
Security a popular topic at Las Vegas event re:Invent At its re:Invent event under way in Las Vegas, Amazon Web Services (AWS) dropped the veil on a new tool to help customers to avoid spewing...