#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

CloudTrail | Breaking Cybersecurity News | The Hacker News

Category — CloudTrail
Alert: Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts

Alert: Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts

Dec 06, 2023 Access Management / Cloud Security
Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS) as a way to infiltrate cloud accounts and conduct follow-on attacks. The service enables threat actors to impersonate user identities and roles in cloud environments, Red Canary researchers Thomas Gardner and Cody Betsworth  said  in a Tuesday analysis. AWS STS is a  web service  that enables users to request temporary, limited-privilege credentials for users to access AWS resources without needing to create an AWS identity. These STS tokens can be valid  anywhere from 15 minutes to 36 hours . Threat actors can steal long-term IAM tokens through a variety of methods like malware infections, publicly exposed credentials, and phishing emails, subsequently using them to determine roles and privileges associated with those tokens via API calls. "Depending on the token's permission level, adversaries may also be able to use it to create additional IAM users with long-term A...
The Rise of S3 Ransomware: How to Identify and Combat It

The Rise of S3 Ransomware: How to Identify and Combat It

Oct 25, 2023 Ransomware/ Malware Threat
In today's digital landscape, around  60%  of corporate data now resides in the cloud, with Amazon S3 standing as the backbone of data storage for many major corporations.  Despite S3 being a secure service from a reputable provider, its pivotal role in handling vast amounts of sensitive data (customer personal information, financial data, intellectual property, etc.), provides a juicy target for threat actors. It remains susceptible to ransomware attacks which are often initiated using leaked access keys that have accidentally been exposed by human error and have access to the organization's buckets. To effectively combat these evolving threats, it is vital to ensure that your organization has visibility into your S3 environment, that you are aware of how threat actors can compromise data for ransom and most importantly, best practices for minimizing the risk of cyber criminals successfully executing such an attack. Ensuring Visibility: CloudTrail and Server Access L...
The Future of Network Security: Automated Internal and External Pentesting

The Future of Network Security: Automated Internal and External Pentesting

Dec 10, 2024Vulnerability / Perimeter Security
In today's rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing (pentesting), while effective, often falls short due to its high costs, resource requirements, and infrequent implementation. Automated internal and external network pentesting is a game-changing solution, empowering organizations to stay ahead of attackers with cost-effective, frequent, and thorough security assessments. Strengthen Your Defenses: The Role of Internal and External Pentests  Effective cybersecurity requires addressing threats from both inside and outside your organization. Automated solutions streamline this process, enabling IT teams to implement a holistic and proactive defense strategy. Internal Pentesting: Securing the Core Internal pentesting simulates an attacker operating within your network, exposing vulnerabilities such as insider threats, compromised credentials, or breaches through physical or ...
Expert Insights / Articles Videos
Cybersecurity Resources