Infosecurity-magazine.com

Hackers Exploit Misconfigurations in Public Websites With Improperly Exposed AWS Credentials

A significant cyber operation exploiting vulnerabilities in improperly configured public websites has been linked to the Nemesis and ShinyHunters hacking groups, exposing sensitive data, including ...
Dark Reading

Cybercrime Gangs Abscond With Thousands of Orgs' AWS Credentials

Cybercriminal gangs have exploited vulnerabilities in public websites to steal Amazon Web Services (AWS) cloud credentials and other data from thousands of organizations, in a mass cyber operation ...
CRN

AWS’ EKS Kubernetes ‘Critical Security’ Flaw Exposes Credentials, Says Trend Micro

AWS said in a statement to CRN that it completed an investigation into the security flaw and determined that it ‘is not a security issue, but rather expected behavior that falls within the trust ...
Dark Reading

AWS Cloud Credential Stealing Campaign Spreads to Azure, Google Cloud

A sophisticated cloud-credential stealing and cryptomining campaign targeting Amazon Web Services (AWS) environments for the past several months has now expanded to Azure and Google Cloud Platform ...
TechRadar

Red Hat hackers Crimson Collective are now going after AWS instances

Crimson Collective hackers target AWS using exposed credentials to escalate privileges and exfiltrate data Attackers use TruffleHog to find secrets, then create IAM users and access keys via API Red ...