CSOonline

Abandoned AWS S3 buckets open door to remote code execution, supply-chain compromises

Attackers re-register abandoned AWS S3 buckets filled with malicious files that are executed by applications looking for these buckets. Code references to nonexistent cloud assets continue to pose ...
Bleeping Computer

Misconfigured Amazon S3 Buckets Expose Users, Companies to Stealthy MitM Attacks

Hackers can exploit exposed Amazon S3 buckets to carry out silent Man-in-the-Middle attacks or other hacks on a company's customers or internal staff. Codenamed GhostWriter, the technique relies on an ...