Bleeping Computer

Cryptojacking worm steals AWS credentials from Docker systems

A cybercrime group known as TeamTNT is using a crypto-mining worm to steal plaintext AWS credentials and config files from compromised Docker and Kubernetes systems. TeamTNT's cryptocurrency mining ...
Infosecurity-magazine.com

Hackers Exploit Misconfigurations in Public Websites With Improperly Exposed AWS Credentials

A significant cyber operation exploiting vulnerabilities in improperly configured public websites has been linked to the Nemesis and ShinyHunters hacking groups, exposing sensitive data, including ...
Dark Reading

AWS Focuses on Identity Access Management at re:Inforce

Amazon emphasized identity and access management during its AWS re:Inforce Security conference in Boston this week. Among announcements for GuardDuty Malware Detection and Amazon Detective for Elastic ...
Dark Reading

Cybercrime Gangs Abscond With Thousands of Orgs' AWS Credentials

Cybercriminal gangs have exploited vulnerabilities in public websites to steal Amazon Web Services (AWS) cloud credentials and other data from thousands of organizations, in a mass cyber operation ...
Bleeping Computer

FBI: Androxgh0st malware botnet steals AWS, Microsoft credentials

CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious ...
TechRepublic

Are Long-Lived Credentials the New Achilles’ Heel for Cloud Security?

Are Long-Lived Credentials the New Achilles’ Heel for Cloud Security? Your email has been sent Datadog advises Australian and APAC companies to phase out long-lived cloud credentials. The head of ...