Open Source Security Priorities Get a Reshuffle
The "Census of Free and Open Source Software" report, which identifies the most critical software projects, sees more cloud infrastructure…
AWS Rolls Out Updates to Amazon Cognito
Amazon Web Services' identity and access management platform has added new features that help developers implement secure, scalable, and customizable…
Malicious PyPI package with 37,000 downloads steals AWS keys
A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web…
Canadian Authorities Arrest Attacker Who Stole Snowflake Data
The suspect, tracked as UNC5537, allegedly bragged about hacking several Snowflake victims on Telegram, drawing attention to himself.
Chinese APTs Cash In on Years of Edge Device Attacks
The sophisticated Chinese cyberattacks of today rest on important groundwork laid during the pandemic and before.
‘Midnight Blizzard’ Targets Networks With Signed RDP Files
The Russian-backed group is using a novel access vector to harvest victim data and compromise devices in a large-scale intelligence-gathering…
Russia’s APT29 Mimics AWS Domains to Steal Windows Credentials
Kremlin intelligence carried out a wide-scale phishing campaign in contrast to its usual, more targeted operations.
AWS’s Predictable Bucket Names Make Accounts Easier to Crack
Amazon's open source Cloud Development Kit generates dangerously predictable naming patterns that could lead to an account takeover.
AWS, Azure auth keys found in Android and iOS apps used by millions
Multiple popular mobile applications for iOS and Android come with hardcoded, unencrypted credentials for cloud services like Amazon Web Services (AWS)…
Unmanaged Cloud Credentials Pose Risk to Half of Orgs
These types of "long-lived" credentials pose a risk for users across all major cloud service providers, and must meet their…