Bleeping Computer

Over 1,000 iOS apps found exposing hardcoded AWS credentials

Security researchers are raising the alarm about mobile app developers relying on insecure practices that expose Amazon Web Services (AWS) credentials, making the supply chain vulnerable. Malicious ...
SiliconANGLE

AWS IAM credentials at risk: EleKtra-Leak operation revealed by Unit 42

A new report from Palo Alto Networks Inc.’s Unit 42 warns of a new active campaign targeting exposed Amazon Web Services Inc. identity and access management credentials within public GitHub ...
Hosted on MSN

Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket

Exclusive A massive online heist targeting AWS customers during which digital crooks abused misconfigurations in public websites and stole source code, thousands of credentials, and other secrets ...
CRN

AWS’ EKS Kubernetes ‘Critical Security’ Flaw Exposes Credentials, Says Trend Micro

AWS said in a statement to CRN that it completed an investigation into the security flaw and determined that it ‘is not a security issue, but rather expected behavior that falls within the trust ...
ZDNet

Datadog chews on data breach, AWS user credentials in leak

Datadog has admitted to becoming a victim of a data breach and has recommended that users immediately revoke and change their credentials. Datadog provides metrics for cloud providers across services, ...
Infosecurity-magazine.com

Source Code of Over 1800 Android and iOS Apps Gives Access to AWS Credentials

The Symantec Threat Hunter team has spotted 1859 apps across Android and iOS containing hard-coded Amazon Web Services (AWS) access tokens that permitted access to private AWS cloud services. Of all ...
CRN

Hackers Target AWS IMDS And EC2 To Steal Credentials: Wiz Report

‘We uncovered exploitation in the wild of a previously unknown zero-day vulnerability in a popular web service stemming from insecure use of Pandoc,’ said Wiz researchers in a new report.