MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
aws
Search

110K Domains Targeted in 'Sophisticated' AWS Cloud Extortion Campaign

Thursday August 22, 2024. 04:15 AM , from Slashdot
110K Domains Targeted in 'Sophisticated' AWS Cloud Extortion Campaign
A sophisticated extortion campaign has targeted 110,000 domains by exploiting misconfigured AWS environment files, security firm Cyble reports. The attackers scanned for exposed.env files containing cloud access keys and other sensitive data. Organizations that failed to secure their AWS environments found their S3-stored data replaced with ransom notes.

The attackers used a series of API calls to verify data, enumerate IAM users, and locate S3 buckets. Though initial access lacked admin privileges, they created new IAM roles to escalate permissions. Cyble researchers noted the attackers' use of AWS Lambda functions for automated scanning operations.

Read more of this story at Slashdot.
Read more at Slashdot
https://it.slashdot.org/story/24/08/22/0214202/110k-domains-targeted-in-sophisticated-aws-cloud-exto...

Related News

aws The future of Kubernetes and cloud infrastructure InfoWorldSep 2
extortion Novel attack on Windows spotted in phishing campaign run from and targeting China TheRegisterSep 2
campaign Asia's Richest Man Says He Will Give Everyone 100 GB of Free Cloud Storage SlashdotAug 30
domains US indicts duo over alleged Swatting spree that targeted elected officials TheRegisterAug 30
cloud DataVita declares sovereignty with 'National Cloud' for UK TheRegisterAug 29
data eWeek TweetChat, September 17: The Future of Cloud Computing eWeekAug 29
targeted The Trump Campaign’s Rhetoric About Women Sounds a Lot Like Andrew Tate’s Wired: Tech.Aug 28
attackers Enterprise SAP users split between on-prem and cloud as migration challenges loom TheRegisterAug 28
access VMware reveals how it will deliver Broadcom's unified hybrid cloud … sometime soon TheRegisterAug 27
cyble Proton launches secure cloud storage for businesses BetaNewsAug 27
files The elusive dream of cloud portability: Why migrating workloads isn't so simple TheRegisterAug 27
iam Quantum computing attacks on cloud-based systems InfoWorldAug 27
'sophisticated' VMware prepping unified SDK for its core hybrid cloud products TheRegisterAug 26
aws IBM’s Vikas Ganoorkar on Cloud Migration and Generative AI eWeekAug 26
extortion 'Invasive' Iranian Intelligence Group Believed to Be The Ones Who Breached Trump's Campaign SlashdotAug 24
campaign Shopper claims she had Louis Vuitton staff spend hours counting $110k in cash, then left without buying anything BoingBoingAug 24
domains RFK Jr. Suspends Presidential Campaign, Endorses Trump Wired: Tech.Aug 23
cloud IBM’s Vikas Ganoorkar on Cloud Migration and Generative AI eWeekAug 23
data China AI devs use cloud services to game US chip sanctions TheRegisterAug 23
targeted JD Vance fumbles through painful small talk with donut shop employees in viral campaign stop fail BoingBoingAug 22
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Sep, Thu 19 - 17:53 CEST