CSOonline

AWS environments compromised through exposed .env files

Attackers collected Amazon Web Services keys and access tokens to various cloud services from environment variables insecurely stored in tens of thousands of web applications. A data extortion ...
ZDNet

New tool detects AWS intrusions where hackers abuse self-replicating tokens

Security firm CyberArk has released a new tool called SkyWrapper that can detect a certain class of intrusions and malicious activity inside AWS (Amazon Web Services) computing environments. These ...
Dark Reading

Hunting Cybercriminals with AWS Honey Tokens

BLACK HAT ASIA - Singapore - Security analysts here today demonstrated how to detect security breaches by using Amazon Web Services (AWS) keys as honey tokens to lure cybercriminals. A honey form is ...
CSOonline

Act fast to blunt a new ransomware attack on AWS S3 buckets

A threat actor is leveraging AWS’s own encryption against victim firms with no way out except paying for decryption keys, says report. CISOs are being warned to make sure employees take extra steps to ...