Archive for the ‘AWS Security’ Category

Datadog Details Most Common AWS Security Mistakes

At its Dash 2022 conference, Datadog shared a report that found the primary security challenge organizations encounter in the Amazon Web Services (AWS) cloud is lax management of credentials. Based on data collected from more than 600 organizations that rely on the Datadog platform to monitor their AWS cloud computing environments, the report also noted the complexity of the […]

Leave a Comment

AWS Adds More Tools to Secure Cloud Workloads

Amazon Web Services (AWS) today expanded its portfolio of cloud security tools as part of an ongoing effort to make it simpler to secure application environments running on its infrastructure. The additional services, announced at the AWS re:Inforce event, include support for Amazon EBS Volumes within the Amazon GuardDuty Malware Protection service and the ability to automatically share security findings […]

Leave a Comment

SEGA Europe left AWS S3 bucket unsecured exposing data and infrastructure to attack

At the end of the year, gaming giant SEGA Europe inadvertently left users’ personal information publicly accessible on Amazon Web Services (AWS) S3 bucket, cybersecurity firm VPN Overview reported. The unsecured S3 bucket contained multiple sets of AWS keys that could have allowed threat actors to access many of SEGA Europe’s cloud services along withMailChimp and Steam […]

Leave a Comment

Detecting attackers obfuscating their IP address inside AWS

The feature and its exploitation potential “Amazon Virtual Private Cloud (Amazon VPC) is a service that lets you launch AWS resources in a logically isolated virtual network that you define,” AWS explains. Customers have complete control over their virtual networking environment, and can select their own IP address range, create subnets, and configure route tables and […]

Leave a Comment

Zero Trust architectures: An AWS perspective

Our mission at Amazon Web Services (AWS) is to innovate on behalf of our customers so they have less and less work to do when building, deploying, and rapidly iterating on secure systems. From a security perspective, our customers seek answers to the ongoing question What are the optimal patterns to ensure the right level of confidentiality, integrity, […]

Leave a Comment

Nearly Two Dozen AWS APIs Are Vulnerable to Abuse

Attackers can conduct identity reconnaissance against an organization at leisure without being detected, Palo Alto Networks says. Nearly two dozen application programming interfaces (APIs) across 16 different Amazon Web Services offerings can be abused to allow attackers to obtain the roster and internal structure of an organization’s cloud account in order to launch targeted attacks […]

Leave a Comment

Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More

3somes, Gay Daddy Bear, and Herpes Dating are among the nine services that leaked the data of hundreds of thousands of users. Researchers find a developer running multiple dating services left 845GB of explicit photos, chats, and more exposed in AWS buckets Source: Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More Download […]

Leave a Comment

The importance of encryption and how AWS can help | Amazon Web Services

Encryption is a critical component of a defense-in-depth strategy, which is a security approach with a series of defensive mechanisms designed so that if one security mechanism fails, there’s at least one more still operating. As more organizations look to operate faster and at scale, they need ways to meet critical compliance requirements and improve […]

Leave a Comment

AWS Security Profiles: Tracy Pierce, Senior Consultant, Security Specialty, Remote Consulting Services | Amazon Web Services

In the weeks leading up to re:Inforce, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. You’ve worn a lot of hats at AWS. What do you do in your current role, […]

Leave a Comment