With the sheer amount of data and users leveraging AWS, it’s easy for misconfigurations to slip through the cracks. One commonly overlooked area is the naming of S3 buckets. AWS S3 bucket names are ...

Using a combination of relatively low-tech techniques and tools, security researchers have discovered that they can access the contents of one in six Amazon Simple Storage Service (S3) buckets. Those ...

The Amazon Web Services Cloud Development Kit (CDK), a popular open source tool, allows cyber teams to conveniently build software-defined cloud infrastructure with widely used programming languages, ...

Attackers re-register abandoned AWS S3 buckets filled with malicious files that are executed by applications looking for these buckets. Code references to nonexistent cloud assets continue to pose ...

Twilio, the cloud communications platform-as-a-service (CPaaS) giant, has confirmed a security incident in which attackers accessed a misconfigured Amazon AWS S3 bucket and modified the TaskRouter ...

Hackers can exploit exposed Amazon S3 buckets to carry out silent Man-in-the-Middle attacks or other hacks on a company's customers or internal staff. Codenamed GhostWriter, the technique relies on an ...

New research from cloud security firm Ermetic shows that nearly all businesses have identities that, if compromised, would place at least 90 percent of the S3 buckets in their AWS account at risk.