Dark Reading

Critical AWS Vulnerabilities Allow S3 Attack Bonanza

BLACK HAT USA – Las Vegas – Thursday, Aug. 8 – Six critical vulnerabilities in Amazon Web Services (AWS) could have allowed threat actors to target organizations with remote code execution (RCE), ...
CSOonline

Abandoned AWS S3 buckets open door to remote code execution, supply-chain compromises

Attackers re-register abandoned AWS S3 buckets filled with malicious files that are executed by applications looking for these buckets. Code references to nonexistent cloud assets continue to pose ...
InfoQ

Amazon S3 Unauthorized Request Billing Issue: an Empty S3 Bucket Can Dramatically Increase the Costs

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Forbes

Safeguarding S3 Buckets: Mitigating CORS Misconfigurations

Amazon Simple Storage Service (S3) is a scalable object storage service provided by AWS that enables users to store and retrieve data from anywhere on the web. It is widely used for a variety of ...
Dark Reading

Abandoned AWS Cloud Storage: A Major Cyberattack Vector

Abandoned cloud storage buckets present a major, but largely overlooked, threat to Internet security, new research has shown. The risks arise when bad actors discover and re-register these neglected ...