THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and MoreCyber attackers are increasingly sophisticated, using techniques like device code phishing and name confusion attacks to exploit security vulnerabilities.
Ransomware crew abuses AWS native encryptionCodefinger is a new ransomware group using AWS's own encryption scheme to lock files and extort victims for decryption keys.
THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and MoreCyber attackers are increasingly sophisticated, using techniques like device code phishing and name confusion attacks to exploit security vulnerabilities.
Ransomware crew abuses AWS native encryptionCodefinger is a new ransomware group using AWS's own encryption scheme to lock files and extort victims for decryption keys.
110K domains targeted by 'sophisticated' cloud extortionistsOrganizations must secure their AWS environments by managing .env files and IAM roles properly to prevent extortion attacks.
Non-Production Endpoints as an Attack Surface in AWSSecurity issue disclosed on AWS by Datadog, remediated by AWS with fixes for bypasses.Importance of securing all endpoints, including non-production, highlighted to prevent security breaches.
110K domains targeted by 'sophisticated' cloud extortionistsOrganizations must secure their AWS environments by managing .env files and IAM roles properly to prevent extortion attacks.
Non-Production Endpoints as an Attack Surface in AWSSecurity issue disclosed on AWS by Datadog, remediated by AWS with fixes for bypasses.Importance of securing all endpoints, including non-production, highlighted to prevent security breaches.
AWS 'Bucket Monopoly' attacks could allow account takeoverCritical flaws in AWS services allowed remote code execution and account takeover, fixed by AWS after Aqua Security's research.