Collaborate Disseminate
Before you entrust sensitive data to any third party, your company needs to be sure the partner can and will keep it safe from attack.
Read more in my article on the Bitdefender Business Insights blog.
Continue reading Security – it shouldn’t just be the jewel in your crown, but your partners and suppliers too
Games developer Nippon Ichi Software (NIS) has admitted that a recent hack has put some of its customers at risk of credit card fraud. Continue reading Games site customers offered $5 voucher after credit card breach
Don’t dilly-dally. If you haven’t already properly secured the Amazon Web Services S3 servers (known as “buckets”) storing your sensitive data in the cloud then your business has no time to lose.
Continue reading 1 in 50 publicly readable Amazon buckets are also writable – and that’s a data disaster waiting to happen
Whoever hacked the LA Times’ interactive county murder map probably hoped to make a killing mining cryptocurrency – but swift action from a security researcher has put paid to their plans.
Read more in my article on the Tripwire State of Security blog…. Continue reading LA Times homicide website throttles cryptojacking attack
Ethical hackers are warning businesses who use Amazon S3 cloud storage if they have left data exposed for anyone to access… by leaving “friendly warnings” on the servers.
Read more in my article on the We Live Security blog.
Continue reading Friendly warnings left in unsecured Amazon S3 buckets which expose private data
More than 119,000 scanned identity documents, including passports and drivers’ licenses, belonging to people from the United States and abroad were exposed in an insecure Amazon S3 storage bucket. The storage bucket belonged to a company called B… Continue reading Identity Documents Exposed in FedEx-Owned Amazon S3 Bucket
Apple has released an emergency fix for an embarrassing vulnerability that allowed people to access the highest privileges account on Mac computers without a password. The vulnerability was disclosed by a user Tuesday on Twitter. He noticed that when p… Continue reading Apple Fixes MacOS High Sierra Root Access Vulnerability
A Pentagon contractor left three storage buckets publicly accessible on Amazon’s S3 service, exposing more than 1.8 billion online posts collected since 2009. The messages, posted by people from around the world, were likely collected as part of … Continue reading Insecure Storage Buckets Expose 1.8 Billion Online Posts Scraped for U.S. Military
Before you screen “No, never!”, please read on 🙂
Question:
Is hard-coding IAM creds with extremely restricted permissions (only GET requests to s3) ok? I realize that there are other ways, but they all involve a good amount… Continue reading Should I expose AWS Credentials on github?
Once again the old, default Amazon AWS S3 settings are catching people out, this time the US Military has left terabytes of social media spying S3 data exposed to everyone for years.
It’s not long ago since a Time Warner vendor and their sloppy AWS S3… Continue reading Terabytes Of US Military Social Media Spying S3 Data Exposed