Sneaky recon on roster of AWS users is possible, Unit 42 says
More than 20 APIs associated with 16 Amazon Web Services products can be abused to give up basic information about users and their roles, according to the…
Advertisement
S3 bucket
Twilio breach spotlights struggle to keep corporate software kits out of the wrong hands
The damage could have been worse if the attack had been targeted.
What Capital One’s cybersecurity team did (and did not) get right
It's not great that a lone engineer was able to pull data from 106 million people. But this was far from Equifax 2.0.
Automated Magecart spree hit thousands of sites via misconfigured cloud servers, RiskIQ says
The crooks are scanning the web for vulnerable Amazon Web Services S3 buckets, according to security vendor RiskIQ.
Third-party Facebook apps left people’s data publicly exposed, researchers say
The Silicon Valley security firm identified exposures by Mexico-based media company Cultura Colectiva and the now-defunct "At the Pool" app.
Hundreds of thousands of voter records exposed on misconfigured server, researcher says
Another S3 bucket exposing voter data.
Advertisement
48 million profiles left exposed by data scraping firm, report says
The exposed data includes detailed information scraped from Facebook, Twitter, LinkedIn and Zillow.
GDPR will change how companies work with cloud providers
We keep seeing errors in the ways companies are safeguarding personally identifiable data in the cloud. Those errors will have massive consequences under Europe's new General Data…