Hot Topics

Amazon S3

AWS security compentency CTA

Six Common AWS CloudTrail Mistakes You Need to Avoid

| | Amazon S3, AWS CloudTrail, Blog
AWS CloudTrail is an critical service for organizations using AWS, providing visibility into the actions performed in your AWS accounts. This visibility and monitoring of actions is vital to improving the security ...
Symmetry Systems
The Data on the Danger of Publicly Exposed S3 Buckets

The Data on the Danger of Publicly Exposed S3 Buckets

| | access control list, Amazon S3, amazon simple storage service, AWS identiy access and management, bucket policy, Data breach, data protection, Data Security, data security posture management solution, DSPM Solution, exposed data detection, exposed data mitigation, FEATURED, personally identifiable information, sensitive data
TL;DR We recently released a post summarizing our findings that 21% of all publicly exposed … The post The Data on the Danger of Publicly Exposed S3 Buckets appeared first on Laminar ...
Laminar

Capital One Data Breach, Equifax Settlement Payouts, Nextdoor App Scams

| | amazon, Amazon S3, Capital One, Cybersecurity, Data breach, DEF CON, Equifax, FTC, Hackers, Nextdoor, Podcast, Podcast Episodes, Privacy, settlement, Weekly Blaze Podcast
This is your Shared Security Weekly Blaze for August 5th 2019 with your host, Tom Eston. In this week’s episode: everything you need to know about the Capital One data breach, changes ...
Shared Security Podcast
Identity Documents Exposed FedEx

Identity Documents Exposed in FedEx-Owned Amazon S3 Bucket

| | Amazon S3, Department of Energy, electrical grid, Fedex, storage bucket
More than 119,000 scanned identity documents, including passports and drivers’ licenses, belonging to people from the United States and abroad were exposed in an insecure Amazon S3 storage bucket. The storage bucket ...
Security Boulevard
Apple Fixes MacOS High Sierra Root Access Vulnerability

Apple Fixes MacOS High Sierra Root Access Vulnerability

| | Amazon S3, Apple, authentication bypass, blank password, cloud leak, credential validation failure, Data leak, INSCOM, macOS High Sierra, misconfiguration, nsa, Red Disk, root access, root password, storage bucket, third-party vendor, virtual appliance, vulnerability
Apple has released an emergency fix for an embarrassing vulnerability that allowed people to access the highest privileges account on Mac computers without a password. The vulnerability was disclosed by a user ...
cloud

Insecure Storage Buckets Expose 1.8 Billion Online Posts Scraped for U.S. Military

| | Amazon S3, CENTCOM, Data leak, insecure configuration, intelligence gathering, military, misconfiguration, PACOM, permission control, public access, storage bucket, VendorX
A Pentagon contractor left three storage buckets publicly accessible on Amazon’s S3 service, exposing more than 1.8 billion online posts collected since 2009. The messages, posted by people from around the world, ...
Another Cloud Storage Leak Exposes Verizon IT Files

Another Cloud Storage Leak Exposes Verizon IT Files

| | Amazon S3, Amazon Web Services, cloud storage, Coinhive, cryptocurrency, Data leak, Monero miner, verizon, website infection
Security researchers have found yet another Amazon S3 storage container with sensitive data that was publicly accessible to anyone on the internet. The S3 bucket contained around 100MB of data, including internal ...
Infoblox certificates Datadog Web3 DNSSEC OPSWAT web application security

Like Equifax, Thousands of Companies Use Vulnerable Apache Struts Versions

| | Amazon S3, Apache Struts, APT33, cyberespionage, Data leak, data wiper, Equifax, Iran, Malware, misconfiguration, patch management, S3 bucket, software components, Software Development, Viacom, vulnerability
U.S. credit monitoring bureau Equifax has been heavily criticized for its failure to patch a known critical vulnerability in the Apache Struts web development framework, an oversight that led to a massive ...
Asterisk Flaw Exposes VoIP Calls to Eavesdropping

Asterisk Flaw Exposes VoIP Calls to Eavesdropping

| | Amazon S3, Asterisk, aws, cloud breach, cloud storage, Data breach, database, Database Security, Internet, MongoDB, Ransomware, security, security breach, VoIP
Security researchers have identified a critical vulnerability in Asterisk, one of the most popular software stacks for implementing private telephone switching systems, also known as private branch exchanges (PBXes). The flaw could ...