InfoQ

AWS Adds Automated Detection of Unused IAM Roles, Users, and Permissions

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

AWS systems targeted by crypto mining scam using hijacked IAM credentials

Cybercriminals are targeting Amazon Web Services (AWS) customers using Amazon EC2 and Amazon ECS with cryptojackers, expert have warned. The cloud giant warned about the ongoing campaign in a recent ...
Bleeping Computer

Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials

A targeted campaign exploited Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances to extract EC2 Metadata, which could include Identity and Access Management ...
Analytics Insight

Bridging the Identity Gap: How AI-Powered IAM Is Becoming the Cornerstone of Cloud Resilience

Remote workforces, multi-cloud platforms, and constantly shifting threat landscapes have pushed traditional security models ...
CSOonline

AWS environments compromised through exposed .env files

Attackers collected Amazon Web Services keys and access tokens to various cloud services from environment variables insecurely stored in tens of thousands of web applications. A data extortion ...