AWS
Researchers Simulate DPRK’s Largest Cryptocurrency Heist Through Compromised macOS Developer and AWS Pivoting
Security researchers at Elastic have recreated the intricate details of the February 21, 2025, ByBit cryptocurrency heist, where approximately 400,000 ETH-valued at over a billion dollars-was stolen.
Attributed to North...
AWS
AWS Defaults Open Stealthy Attack Paths Enabling Privilege Escalation and Account Compromise
A recent investigation by security researchers has exposed critical vulnerabilities in the default IAM roles of several Amazon Web Services (AWS) offerings, including SageMaker,...
AWS
Bybit Hack: Details of Sophisticated Multi-Stage Attack Uncovered
The Bybit hack, which occurred on February 21, 2025, has been extensively analyzed by multiple cybersecurity teams, including Sygnia.
This attack exposed significant security...
AWS
AWS SNS Exploited for Data Exfiltration and Phishing Attacks
Amazon Web Services' Simple Notification Service (AWS SNS) is a versatile cloud-based pub/sub service that facilitates communication between applications and users.
While its scalability...
Amazon AWS
86,000+ Healthcare Staff Records Exposed Due to AWS S3 Misconfiguration
A non-password-protected database belonging to ESHYFT, a New Jersey-based HealthTech company, was recently discovered by cybersecurity researcher Jeremiah Fowler.
The database contained over 86,000 records,...
AWS
EC2 Grouper Hackers Using AWS Tools To Exploit Compromised Credentials
Cloud security researchers have uncovered alarming trends in identity compromises within Amazon Web Services (AWS) environments.
Among the most prolific threat actors is a group...
Amazon AWS
AWS Launches Mithra To Detect Malicious Domains Across Systems
Amazon's e-commerce platforms and cloud services form a digital ecosystem requiring a strong cybersecurity framework.
Amazon, which has a vast online presence covering multiple domains...
AWS
Researchers Detail on How Defenders Eliminate Detection Gaps in AWS Environments
As enterprises increasingly migrate their workloads to cloud infrastructure, the need for robust security measures becomes more pressing.
Unlike traditional data centers, cloud environments...
AWS
Hackers Attacking Vaults, Buckets, And Secrets To Steal Data
Hackers target vaults, buckets, and secrets to access some of the most classified and valuable information, including API keys, logins, and other useful data...
AWS
Criminal IP: Enhancing Security Solutions through AWS Marketplace Integration
AI SPERA, a leader in Cyber Threat Intelligence (CTI) solutions, announced today that its proprietary search engine, Criminal IP, is now available on the...
Amazon AWS
One-Click AWS Vulnerability Let Attackers Takeover User’s Web Management Panel
Tenable Research has identified a critical vulnerability within the AWS Managed Workflows for Apache Airflow (MWAA) service, which they have named "FlowFixation."
This vulnerability...