Search results for aws firewall explained | Breaking Cybersecurity News | The Hacker News

If you're using AWS, it's easy to assume your cloud security is handled - but that's a dangerous misconception. AWS secures its own infrastructure, but security within a cloud environment remains the customer's responsibility. Think of AWS security like protecting a building: AWS provides strong walls and a solid roof, but it's up to the customer to handle the locks, install the alarm systems, and ensure valuables aren't left exposed. In this blog, we'll clarify what AWS doesn't secure, highlight real-world vulnerabilities, and how cloud security scanners like Intruder can help. Understanding the AWS Shared Responsibility Model AWS operates on a Shared Responsibility Model . In simple terms: AWS is responsible for securing the underlying infrastructure (e.g., hardware, networking, data centers) - the "walls and roof." The customer is responsible for securing their data, applications, and configurations within AWS - the "locks and al...

Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that's based on Apache Airflow. "This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account, which has high-level permissions across GCP services like Cloud Build itself, Cloud Storage, and Artifact Registry," Liv Matan, senior security researcher at Tenable, said in a report shared with The Hacker News. The shortcoming has been codenamed ConfusedComposer by the cybersecurity company, describing it as a variant of ConfusedFunction , a privilege escalation vulnerability impacting GCP's Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner. The disclosure comes weeks after Tenable detailed another pr...

An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro , according to findings from Synacktiv. "This backdoor features functionalities relying on the installation of two eBPF [extended Berkeley Packet Filter] modules, on the one hand to conceal itself, and on the other hand to be remotely activated upon receiving a 'magic packet,'" security researcher Théo Letailleur said . The infection, per the French cybersecurity company, involved the attackers exploiting an exposed Jenkins server vulnerable to CVE-2024-23897 (CVSS score: 9.8) as the starting point, following which a malicious Docker Hub image named "kvlnt/vv" (now removed) was deployed on several Kubernetes clusters. The Docker image consists of a Kali Linux base along with a folder called "app" containing three files - start.sh, a shell script to start the SSH service and execute the...

Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems—some just hours after being found. No system was fully safe. From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted backups and secure areas were put to the test. Keep reading for the full list of the biggest cyber news from this week—clearly explained and easy to follow. ⚡ Threat of the Week Motex Lanscope Flaw Exploited to Drop Gokcpdoor — A suspected Chinese cyber espionage actor known as Tick has been attributed to a target campaign that has leveraged a recently disclosed critical security flaw in Motex Lanscope Endpoint Manager (CVE-2025-61932, CVSS score: 9.3) to infiltrate target networks and deploy a backdoor called Gokcpdoor. Sophos, which disclosed details of the activity, said it was "limited to sectors aligned with their intelligence...