During a detailed investigation, researchers from watchTowr took control of about 150 neglected AWS S3 buckets that were still actively queried by various organizations, including Fortune 500 companies and government entities. Over 8 million HTTP requests were recorded in two months, demonstrating the ongoing reliance on these overlooked resources. The findings raise concerns about potential exploitation by cybercriminals for delivering malware or orchestrating attacks, surpassing previous security incidents like the SolarWinds breach. Many prominent institutions, including NASA and leading banks, showed a concerning dependency on mismanaged cloud assets.
During four months, researchers assumed control of 150 abandoned AWS S3 buckets, revealing neglected cloud assets being queried millions of times.
WatchTowr warned that breaches could surpass the 2020 SolarWinds attack in scale and impact, with implications for cybersecurity broadly.
The discovery included deployment templates from SSL VPN vendors, exposing serious risks these forgotten assets posed to major organizations.
This oversight in managing cloud resources involves key entities like NASA, military networks, and Fortune 100 companies relying on abandoned infrastructures.
Collection
[
|
...
]