Collaborate Disseminate
Moving to the cloud means a lot more than just moving your servers and applications to the cloud; it’s also about the data – and data always has a target on it. A lot of IT departments are finding that it’s easier to meet the “five nines” (99.999%) of … Continue reading Cloud Security: Messy Blobs and Leaky Buckets
In my previous post, I took deep dive into AWS S3 permissions to outline the myriad of ways someone could expose their AWS S3 buckets and objects to everyone on the Internet. As I discussed there, the complexity of the S3 permission system is very powe… Continue reading Preventing Azure Storage Breaches
Data exposure reports have reached a dizzying pace in the past few months, and the security community has been focused on the risk from multiple angles. Now, a new study from HTTPCS gives us new insight into rates of vulnerable S3 configurations. HTTPC… Continue reading New Study Shows 20% of Public AWS S3 Buckets are Writable
Leaky AWS S3 buckets have been spilling confidential information onto the public internet for years, and now anonymous hackers have created a search engine to make finding those exposed secrets even easier. New on the scene is “BuckHacker.”… Continue reading Don’t Get BuckHacked: What Are You Doing to Keep Your AWS S3 Data Private?
It seems like everyday you see a new report about a massive data leak caused by someone accidentally exposing files stored in AWS S3 Buckets to everyone on the Internet. Many may remember Verizon’s infamous snafu that leaked data records for 6 mi… Continue reading Preventing Yet Another AWS S3 Storage Breach With Tripwire