Krebs on Security

CISA Admin Leaked AWS GovCloud Keys on Github

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public ...

CISA Contractor Exposed Sensitive Credentials in Public GitHub Repository

CISA is investigating after a contractor’s public GitHub repository exposed AWS GovCloud credentials, internal files, and ...
Threat Post

AWS Cryptojacking Worm Spreads Through the Cloud

The malware harvests AWS credentials and installs Monero cryptominers. A cryptomining worm from the group known as TeamTNT is spreading through the Amazon Web Services (AWS) cloud and collecting ...
CRN

AWS’ EKS Kubernetes ‘Critical Security’ Flaw Exposes Credentials, Says Trend Micro

AWS said in a statement to CRN that it completed an investigation into the security flaw and determined that it ‘is not a security issue, but rather expected behavior that falls within the trust ...
Bleeping Computer

Cryptojacking worm steals AWS credentials from Docker systems

A cybercrime group known as TeamTNT is using a crypto-mining worm to steal plaintext AWS credentials and config files from compromised Docker and Kubernetes systems. TeamTNT's cryptocurrency mining ...

CISA contractor apparently leaked 'highly sensitive' government AWS keys on Github

"One of the most egregious government data leaks in recent history" ...
Computing

Thousands of AWS credentials compromised via misconfigured websites

A major operation seeking exposed credentials of Amazon Web Services (AWS) customers has been discovered, with hackers scanning millions of websites and exfiltrating sensitive data from thousands of ...
InfoQ

AWS Expands Credential Lifecycle Management and Monitoring

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...