Amazon Web Services (AWS) Archives

LLMs, AI, cyberattacks, access, identity, 1Password, Exabeam, LogRhythm, GenAI, censorship, model, RBAC, secure, Fortinet, SASE, Opal, access privileges, cloud security, GenAI, generative AI cloud compromise LLM

Attackers Used AI to Breach an AWS Environment in 8 Minutes

Jeffrey Burt | February 6, 2026 | AI (Artificial Intelligence), AI cloud security, Amazon Web Services (AWS), GPUs, Large language models (LLMs), Sysdig Threat Research Team

Threat actors using LLMs needed only eight minutes to move from initial access to full admin privileges in an attack on a company's AWS cloud environment in the latest example of cybercriminals ...

Security Boulevard

Use of XMRig Cryptominer by Threat Actors Expanding: Expel

Jeffrey Burt | January 9, 2026 | Amazon Web Services (AWS), cryptominers, Expel, G Data, Kaspersky Labs, Kubernetes, MDR (Managed Detection and Response), Monero, React2Shell Vulnerability, Wiz, XMRig miner

Security researchers last year wrote about a surge in the use by threat actors of the legitimate XMRig cryptominer, and cybersecurity firm Expel is now outlining the widening number of malicious ways ...

Security Boulevard

A New Security Threat to Public Clouds From Old Vulnerabilities

Jeffrey Burt | August 12, 2025 | Amazon Web Services (AWS), Data leak, Google Cloud Security, processor vulnerability, Spectre

Researchers at the WHY2025 hacker forum said they were able to combine the Spectre and L1TF processor vulnerabilities discovered in 2018 to create a new transient execution attack called L1TF Reloaded that ...

Security Boulevard

200,000 Workers’ PII at Risk in WorkComposer S3 SNAFU

Don’t say ‘spyware’—21 million screenshots in one open bucket ...

Security Boulevard

russian, Russia Microsoft phishing AWS Ukraine

AWS Seizes Domains Used by Russian Threat Group APT29

Jeffrey Burt | October 25, 2024 | Amazon Web Services (AWS), APT29, phishing attack, russia hacker, Ukraine cybersecurity

Cloud computing giant AWS, tipped off by Ukrainian security experts, seized domains that were being used by Russian threat group APT29 to send phishing emails to government officials and enterprises that contained ...

Security Boulevard

Extortion Group Exploits Cloud Misconfigurations, Targets 110,000 Domains

Jeffrey Burt | August 19, 2024 | Amazon Web Services (AWS), Cloud Security, data theft extortion

An unknown threat group leveraged publicly exposed environment variables in organizations' AWS accounts to exfiltrate sensitive data and demand ransoms in a wide-ranging extortion campaign that targeted 110,000 domains ...

Security Boulevard

customer, experience, AWS Mithra internal security AI cloud security

AWS’ Mithra Neural Network Detects, Ranks Malicious Domains

Jeffrey Burt | August 6, 2024 | Amazon Web Services (AWS), Cloud Security, cyber security threat intelligence

AWS details Mithra, its massive neural network graph model that runs on its internal systems and is used to identify and rank malicious domains that threaten the cloud giants systems that hold ...

Security Boulevard

CISA, hunt, DHS, President, cyber threats, Seal of the Cybersecurity & Infrastructure Security Agency

Sisense Hacked: CISA Warns Customers at Risk

Richi Jennings | April 12, 2024 | Amazon Web Services (AWS), aws, AWS access keys, AWS bucket, cisa, CISA Advisories, CISA Advisory, CISA Alert, CISA warning, CISA.gov, depth, NSA/CISA, Sangram Dash, SB Blogwatch, Sisense

A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.” ...

Security Boulevard

Anitian Achieves AWS DevOps Competency Status

Anitian | April 19, 2022 | 2021 Press Releases, 2021 Resources, Amazon Web Services (AWS), aws, DEVOPS, DevSecOps, FEATURED, Partners, Press Release, Press Releases

Anitian achieves Amazon Web Services (AWS) DevOps Competency, validating its technical proficiency and proven customer success specializing in DevSecOps. The post Anitian Achieves AWS DevOps Competency Status appeared first on Anitian ...

Anitian

Campaign Uses Public Cloud to Spread RAT Payloads

Teri Robinson | January 17, 2022 | Amazon Web Services (AWS), azure, Cloud Security, Discovering RATs, google cloud, IT remote access, Phishing Attacks, public cloud infrastructure

Everything is migrating to the cloud, including threat actors. Now it seems a trio of remote access Trojans (RATs)—Nanocore, Netwire and AsyncRAT—are being spread in a campaign that taps public cloud infrastructure ...

Security Boulevard

Amazon Web Services (AWS)

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On