Bleeping Computer

Over 1,000 iOS apps found exposing hardcoded AWS credentials

Security researchers are raising the alarm about mobile app developers relying on insecure practices that expose Amazon Web Services (AWS) credentials, making the supply chain vulnerable. Malicious ...
Bleeping Computer

Ransomware abuses Amazon AWS feature to encrypt S3 buckets

A new ransomware campaign encrypts Amazon S3 buckets using AWS's Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption ...
CSOonline

AWS environments compromised through exposed .env files

Attackers collected Amazon Web Services keys and access tokens to various cloud services from environment variables insecurely stored in tens of thousands of web applications. A data extortion ...
Dark Reading

CISA: AWS, Microsoft 365 Accounts Under Active 'Androxgh0st' Attack

The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have issued an alert about a malware campaign targeting Apache webservers and websites using the popular Laravel Web ...