Amazon

Pierluigi Paganini September 01, 2022
1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials

Researchers discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials. Researchers from Broadcom Symantec’s Threat Hunter team discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials that allowed access to private cloud services. The experts pointed out that most of the apps containing hard-coded Amazon Web Services […]

Pierluigi Paganini April 10, 2021
This man was planning to kill 70% of Internet in a bomb attack against AWS

The FBI arrested a man for allegedly planning a bomb attack against Amazon Web Services (AWS) to kill about 70% of the internet. The FBI arrested Seth Aaron Pendley (28), from Texas, for allegedly planning to launch a bomb attack against Amazon Web Services (AWS) data center on Smith Switch Road in Ashburn, Virginia. The […]

Pierluigi Paganini March 19, 2021
Why Focusing on Container Runtimes Is the Most Critical Piece of Security for EKS Workloads?

Amazon Elastic Kubernetes Service (EKS), a platform which gives customers the ability to run Kubernetes apps in the AWS cloud or on premises. Organizations are increasingly turning to Kubernetes to manage their containers. In the 2020 Cloud Native Survey, 91% of respondents told the Cloud Native Computing Foundation (CNCF) that they were using Kubernetes—an increase […]

Pierluigi Paganini June 14, 2020
Tech firms suspend use of ‘biased’ facial recognition technology

Amazon, IBM and now Microsoft ban the sale of facial recognition technology to police departments and are urging for federal laws to regulate its use. Microsoft has joined Amazon and IBM in banning the sale of facial recognition technology to police departments, the tech giants are also urging for federal laws to regulate the use […]

Pierluigi Paganini September 18, 2018
Amazon is investigating allegations that its staff is selling customer data

Amazon confirmed an ongoing investigation of the allegations that some of its personnel sold confidential customer data to third party companies. Amazon confirmed that it is investigating allegations that its staff sold customer data and other confidential information to third-party firms, particularly in China, a practice that violated the company policy. The news was first […]

Pierluigi Paganini January 15, 2018
Spectre/Meltdown patches had a significant impact on SolarWinds’s AWS infrastructure

Analysis conducted by SolarWinds on the impact on the performance of the Spectre/Meltdown patches on its own Amazon Web Services infrastructure revealed serious performance degradation. SolarWinds, the vendor of IT Management Software & Monitoring Tools, has analyzed the impact on the performance of Meltdown and Spectre security patches on its own Amazon Web Services infrastructure. The […]

Pierluigi Paganini September 06, 2017
Another unsecured AWS S3 bucket exposed 4 million Time Warner Cable subscriber records

Experts reported that the AWS S3 storage containing subscriber data was left open by freelancers who handled web applications for the Time Warner Cable. A few days ago, researchers discovered of thousands of resumes of US Military and intel contractors left unsecured on an Amazon server, now roughly four million Time Warner Cable customers in the US were […]

Pierluigi Paganini August 22, 2017
Hotel booking service Groupize allegedly exposed sensitive data contained in unsecured AWS storage bucket

Security researchers discovered that hotel booking service Groupize allegedly exposed sensitive data contained in unsecured AWS storage bucket Security experts continue to discover unsecured AWS storage bucket leaking sensitive data. Last discovery in order of time is an AWS storage related to the hotel booking service Groupize, it was discovered by Kromtech Security Center researchers and confirmed […]

Pierluigi Paganini January 27, 2017
Hacker discovered security flaws in Amazon, Apple and Google epub services

A hacker discovered a XXE flaw in the EpubCheck library that affects major epub services causing information disclosure and denial of service conditions. The security expert and bug hunter Craig Arendt (@craig_arendt) has discovered flaws in major eBook readers including the ones commercialized by Amazon, Apple, and Google. The expert discovered different XML external entity (XXE) […]

Pierluigi Paganini July 09, 2016
Hacker breached an Amazon server containing 80,000 login credentials

The hacker behind the Twitter account 0x2Taylor is claiming to have breached one of the Amazon servers containing 80,000 login credentials of Kindle users. The hacker 0x2Taylor is claiming to have breached an Amazon server containing login credentials of Kindle users. As a proof the hack, the hacker leaked online more than 80,000 credentials belonging to Amazon […]