Amazon News, Articles and Updates

Tesla's AWS servers hijacked by cryptominers

The hijacking of Tesla's Amazon Web Server cloud system by rogue cryptominers is proof that no one is immune to a misconfigured AWS server nor cryptomining attacks.

Open AWS S3 bucket exposes private info on thousands of Fedex customers

In what has become an alarmingly routine occurrence, an unsecured Amazon S3 server - this time affiliated with FedEx - has exposed personal information of tens of thousands of users.

Amazon issues security patch for Key after researcher claims hack

Amazon is issuing a security patch for its "Key"services shortly after a researcher posted a video demonstration of them claiming to hack the Amazon device using a Raspberry Pi.

Misconfigured Amazon Web Services bucket exposes 12,000 social influencers

Another misconfigured Amazon Web Services (AWS) S3 cloud storage bucket has been left insecure this time exposing the sensitive data of 12,000 social media influencers, most of whom were female.

Sensitive medical records on AWS bucket found to be publicly accessible

A large cache of sensitive medical records handled by a US-based digital records management company was found stored in an Amazon S3 storage bucket without adequate protection.

123 million sensitive PII records exposed, most US households hit

A cloud-based data repository belonging to Alteryx, has publicly exposed datasets from the data analytics firm's partner Experian and the US Census Bureau containing sensitive personal information on 123 million Americans.

Misconfigured Amazon S3 server leaks Australian Broadcasting Corporation

As misconfigured Amazon servers continue to leak sensitive data Australian Broadcasting Corporation (ABC) is the latest culprit of administrators not properly securing their cloud servers.

Amazon takes steps to reduce S3 misconfiguration leaks

Amazon is taking action to combat the recent wave of its Amazon S3 server being left misconfigured subsequently exposing potentially sensitive data.

Misconfigured Amazon S3 Buckets allowing man-in-the-middle attacks

Misconfigured Amazon Web Service (AWS) S3 buckets that allow public writes are enabling man-in-the-middle (MITM) attacks on servers containing data from leading news media, retail and well-known cloud services.

Unencrypted PII records leaked from WWE database hosted on AWS server

Bob Dyachenko, the Kromtech security researcher who discovered the data leak of 3 million WWE fans, says it was most likely accessible thanks to a misconfiguration by either WWE or a contractor.

As Amazon uncovers login credential list online, does controversial GCHQ password advice still stand?

The unveiling of a new surprise from Amazon may tell us surprising new things about the continuing usefulness of passwords, so does GCHQ's landmark advice still stand?

Three major flaws found in Ruckus Enterprise APs

Craig Young, a researcher at Tripwire has found several major security flaws in Ruckus Enterprise APs

ICYMI: Spotting encrypted malware; Russia attacked; Power plant malware; Malicious Pokemon; Amazon breached?

The latest In Case You Missed It (ICYMI) looks at Spotting encrypted malware; attacks on Russia; Malware in power plant and more

Hacker claims to breach Amazon server, Amazon disagrees

A security researcher claims to have hacked an Amazon server and dumped the information of tens of thousands of users online. Even though several sources appear to speak for the data's legitimacy, Amazon says it's nonsense.

Datadog breached, tells users to reset login credentials

Cloud service data aggregator Datadog was hit with a data breach late last week and has sent a letter to its customers warning them to change their login credentials.

New Locky ransomware campaign sets sights on Amazon customers

Amazon customers are the target of a wide-ranging phishing email scam intended to fool recipients into opening up a malicious attachment that results in the downloading of Locky ransomware.

Removal of Fire OS encryption fans privacy flames

Amazon had quietly removed encryption from it's Fire OS, prompting a backlash from privacy advocates and consumers who wished to protect their data. Amazon quickly reversed the decision.

ICYMI: £4bn for NHS, Avast ye flaw, phishing in the Amazon, Word up, IP theft

In this week's In Case You Missed It, we recap the most popular stories of the week including NHS digital transformation cash, serious flaw found in Avast secure browser, fake survey is hooking Amazon users, more WordPress malware and businesses suffering theft of intellectual property.

Fake survey offer lures Amazon users in email phishing scam

A new phishing email posing as Amazon has been targeting users of the online retailer by luring them to complete a survey for the chance to win some cash.

Amazon force-resets passwords

Amazon has suddenly force-reset many of it's customers passwords after a vulnerability scare

Tech giants team up against new cyber-security law

A public protest has been issued against a controversial US cyber-security bill by some of the world's tech giants.

Vulnerability could have led to RSA keys being stolen in AWS

Listening carefully to the neighbours on co-located servers could serve up an entire 2048-bit RSA key.

Amazon UK customers targeted with phishing scam

Researchers at Malwarebytes spotted an email phishing scam on Wednesday that targets Amazon users in the UK.

Hack Amazon's dash buttons for more than just ordering stuff

Amazon's dash buttons can be hacked for anything

Three stages for securing the personal cloud

The personal cloud can be managed in three easy steps and secure the apps that employees are going to use regardless of policy, says Ojas Rege.

'Kyle and Stan' malvertising attack infects millions via Amazon and YouTube

A malicious advertising network dubbed 'Kyle and Stan' has dropped malware on possibly millions of users via hundreds of websites including Amazon, YouTube and Yahoo, according to a Cisco investigation.