Amazon S3
Six Common AWS CloudTrail Mistakes You Need to Avoid
AWS CloudTrail is an critical service for organizations using AWS, providing visibility into the actions performed in your AWS accounts. This visibility and monitoring of actions is vital to improving the security ...
The Data on the Danger of Publicly Exposed S3 Buckets
TL;DR We recently released a post summarizing our findings that 21% of all publicly exposed … The post The Data on the Danger of Publicly Exposed S3 Buckets appeared first on Laminar ...
Capital One Data Breach, Equifax Settlement Payouts, Nextdoor App Scams
This is your Shared Security Weekly Blaze for August 5th 2019 with your host, Tom Eston. In this week’s episode: everything you need to know about the Capital One data breach, changes ...
Identity Documents Exposed in FedEx-Owned Amazon S3 Bucket
More than 119,000 scanned identity documents, including passports and drivers’ licenses, belonging to people from the United States and abroad were exposed in an insecure Amazon S3 storage bucket. The storage bucket ...
Apple Fixes MacOS High Sierra Root Access Vulnerability
Apple has released an emergency fix for an embarrassing vulnerability that allowed people to access the highest privileges account on Mac computers without a password. The vulnerability was disclosed by a user ...
Insecure Storage Buckets Expose 1.8 Billion Online Posts Scraped for U.S. Military
A Pentagon contractor left three storage buckets publicly accessible on Amazon’s S3 service, exposing more than 1.8 billion online posts collected since 2009. The messages, posted by people from around the world, ...
Another Cloud Storage Leak Exposes Verizon IT Files
Security researchers have found yet another Amazon S3 storage container with sensitive data that was publicly accessible to anyone on the internet. The S3 bucket contained around 100MB of data, including internal ...
Like Equifax, Thousands of Companies Use Vulnerable Apache Struts Versions
U.S. credit monitoring bureau Equifax has been heavily criticized for its failure to patch a known critical vulnerability in the Apache Struts web development framework, an oversight that led to a massive ...
Asterisk Flaw Exposes VoIP Calls to Eavesdropping
Security researchers have identified a critical vulnerability in Asterisk, one of the most popular software stacks for implementing private telephone switching systems, also known as private branch exchanges (PBXes). The flaw could ...