CSOonline

AWS access control confusion enables cross-account attacks

The Amazon Web Services identity and access management (IAM) mechanism is complex, and not fully understanding its particularities often leads to misconfigurations and exposed cloud assets.
Business Insider

Lightspin Research Team Discovers Cross-Account Attack Path Leveraging Dangerous S3 Bucket Permissions on AWS

Hackers can achieve public write access to write files to protected S3 buckets and store data at a victim's expense TEL AVIV, Israel, June 3, 2021 /PRNewswire/ -- Lightspin, a pioneer in contextual ...
ZDNet

AWS rolls out new security feature to prevent accidental S3 data leaks

Amazon's Web Services division has rolled out new security features to AWS account owners today that are meant to prevent accidental data exposures caused by the misconfiguration of S3 data storage ...
Dark Reading

Critical AWS Vulnerabilities Allow S3 Attack Bonanza

BLACK HAT USA – Las Vegas – Thursday, Aug. 8 – Six critical vulnerabilities in Amazon Web Services (AWS) could have allowed threat actors to target organizations with remote code execution (RCE), ...