Archive for the ‘AWS Security’ Category

Detecting attackers obfuscating their IP address inside AWS

The feature and its exploitation potential “Amazon Virtual Private Cloud (Amazon VPC) is a service that lets you launch AWS resources in a logically isolated virtual network that you define,” AWS explains. Customers have complete control over their virtual networking environment, and can select their own IP address range, create subnets, and configure route tables and […]

Leave a Comment

Zero Trust architectures: An AWS perspective

Our mission at Amazon Web Services (AWS) is to innovate on behalf of our customers so they have less and less work to do when building, deploying, and rapidly iterating on secure systems. From a security perspective, our customers seek answers to the ongoing question What are the optimal patterns to ensure the right level of confidentiality, integrity, […]

Leave a Comment

Nearly Two Dozen AWS APIs Are Vulnerable to Abuse

Attackers can conduct identity reconnaissance against an organization at leisure without being detected, Palo Alto Networks says. Nearly two dozen application programming interfaces (APIs) across 16 different Amazon Web Services offerings can be abused to allow attackers to obtain the roster and internal structure of an organization’s cloud account in order to launch targeted attacks […]

Leave a Comment

Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More

3somes, Gay Daddy Bear, and Herpes Dating are among the nine services that leaked the data of hundreds of thousands of users. Researchers find a developer running multiple dating services left 845GB of explicit photos, chats, and more exposed in AWS buckets Source: Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More Download […]

Leave a Comment

The importance of encryption and how AWS can help | Amazon Web Services

Encryption is a critical component of a defense-in-depth strategy, which is a security approach with a series of defensive mechanisms designed so that if one security mechanism fails, there’s at least one more still operating. As more organizations look to operate faster and at scale, they need ways to meet critical compliance requirements and improve […]

Leave a Comment

AWS Security Profiles: Tracy Pierce, Senior Consultant, Security Specialty, Remote Consulting Services | Amazon Web Services

In the weeks leading up to re:Inforce, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. You’ve worn a lot of hats at AWS. What do you do in your current role, […]

Leave a Comment