MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
aws
Recherche

110K Domains Targeted in 'Sophisticated' AWS Cloud Extortion Campaign

jeudi 22 août 2024, 04:15 , par Slashdot
A sophisticated extortion campaign has targeted 110,000 domains by exploiting misconfigured AWS environment files, security firm Cyble reports. The attackers scanned for exposed.env files containing cloud access keys and other sensitive data. Organizations that failed to secure their AWS environments found their S3-stored data replaced with ransom notes.

The attackers used a series of API calls to verify data, enumerate IAM users, and locate S3 buckets. Though initial access lacked admin privileges, they created new IAM roles to escalate permissions. Cyble researchers noted the attackers' use of AWS Lambda functions for automated scanning operations.

Read more of this story at Slashdot.
Lire la suite sur Slashdot
https://it.slashdot.org/story/24/08/22/0214202/110k-domains-targeted-in-sophisticated-aws-cloud-exto...

Voir aussi

aws The future of Kubernetes and cloud infrastructure InfoWorld 2 Sep
extortion Novel attack on Windows spotted in phishing campaign run from and targeting China TheRegister 2 Sep
campaign Asia's Richest Man Says He Will Give Everyone 100 GB of Free Cloud Storage Slashdot30 Aug
domains US indicts duo over alleged Swatting spree that targeted elected officials TheRegister30 Aug
cloud DataVita declares sovereignty with 'National Cloud' for UK TheRegister29 Aug
data eWeek TweetChat, September 17: The Future of Cloud Computing eWeek29 Aug
targeted The Trump Campaign’s Rhetoric About Women Sounds a Lot Like Andrew Tate’s Wired: Tech.28 Aug
attackers Enterprise SAP users split between on-prem and cloud as migration challenges loom TheRegister28 Aug
access VMware reveals how it will deliver Broadcom's unified hybrid cloud … sometime soon TheRegister27 Aug
cyble Proton launches secure cloud storage for businesses BetaNews27 Aug
files The elusive dream of cloud portability: Why migrating workloads isn't so simple TheRegister27 Aug
iam Quantum computing attacks on cloud-based systems InfoWorld27 Aug
'sophisticated' VMware prepping unified SDK for its core hybrid cloud products TheRegister26 Aug
aws IBM’s Vikas Ganoorkar on Cloud Migration and Generative AI eWeek26 Aug
extortion La Chine peut utiliser les dernières puces du marché grâce au cloud et c'est un problème Génération-NT25 Aug
campaign 'Invasive' Iranian Intelligence Group Believed to Be The Ones Who Breached Trump's Campaign Slashdot24 Aug
domains Shopper claims she had Louis Vuitton staff spend hours counting $110k in cash, then left without buying anything BoingBoing24 Aug
cloud Cloud : Thalès gagne un premier round judiciaire contre la société américaine Broadcom (VMWare) 01net24 Aug
data RFK Jr. Suspends Presidential Campaign, Endorses Trump Wired: Tech.23 Aug
targeted IBM’s Vikas Ganoorkar on Cloud Migration and Generative AI eWeek23 Aug
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Date Actuelle
mar. 5 nov. - 15:48 CET