Hosted on MSN1mon
AWS S3 feature exploited by ransomware hackers to encrypt storage buckets
After accessing the buckets, they would use AWS server-side encryption with customer provided ... also using AWS S3 native features. Speaking to The Register, VP of services with the Halcyon ...
How attackers abuse S3 Bucket Namesquatting — And How to Stop Them
AWS S3 bucket names are global with predictable names that can be exploited in "S3 bucket namesquatting" attacks to access or ...
CSOonline10d
Abandoned AWS S3 buckets open door to remote code execution, supply-chain compromises
Attackers re-register abandoned AWS S3 buckets filled with malicious files that are executed by applications looking for ...
Security Boulevard3d
The Rise of Non-Ransomware Attacks on AWS S3 Data
A sophisticated ransomware gang, Codefinger, has a cunning new technique for encrypting data stored in AWS S3 buckets without traditional ransomware tools. Instead, they exploit the AWS server-side ...
SecurityWeek10d
Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms
Amazon S3 buckets could have been leveraged to deliver malware or backdoors to governments and Fortune companies.
heise online1mon
Codefinger ransomware encrypts Amazon S3 buckets
With compromised AWS keys, they encrypt S3 buckets using SSE-C, which makes recovery impossible without the created key. The data loss is irreversible, as AWS Cloudtrail only logs an HMAC of the ...
Forbes1mon
New Amazon Ransomware Attack—‘Recovery Impossible’ Without Payment
The Codefinger attack leverages AWS’s server-side encryption with customer-provided ... it could pose a systemic threat to organizations using AWS S3 for critical data storage.” ...
Security Boulevard17d
Codefinger Ransomware: Detection and Mitigation Using MixMode
The Codefinger ransomware represents a new frontier in cyber threats, specifically targeting AWS S3 buckets. By exploiting Server-Side Encryption with Customer-Provided Keys (SSE-C), attackers gain ...