Threat Post

AWS Cryptojacking Worm Spreads Through the Cloud

The malware harvests AWS credentials and installs Monero cryptominers. A cryptomining worm from the group known as TeamTNT is spreading through the Amazon Web Services (AWS) cloud and collecting ...
Dark Reading

Attackers Use Stolen AWS Credentials in Cryptomining Campaign

Attackers have been using compromised AWS Identity and Access Management (IAM) credentials to target cloud services in a sprawling cryptomining campaign that can deploy unauthorized miners 10 minutes ...
Cloud Security Alliance

AWS Ends SSE-C Encryption, and a Ransomware Vector

SSE-C stands (well, stood) for “Server Side Encryption- Customer-provided keys”. It allowed you to provide an encryption key ...
Infosecurity-magazine.com

Hackers Exploit Misconfigurations in Public Websites With Improperly Exposed AWS Credentials

A significant cyber operation exploiting vulnerabilities in improperly configured public websites has been linked to the Nemesis and ShinyHunters hacking groups, exposing sensitive data, including ...
CSOonline

LLMjacking: How attackers use stolen AWS credentials to enable LLMs and rack up costs for victims

Users of AI cloud services such as Amazon Bedrock are increasingly being targeted by attackers who abuse stolen credentials in a new attack dubbed LLMjacking. The black market for access to large ...
Bleeping Computer

Over 1,000 iOS apps found exposing hardcoded AWS credentials

Security researchers are raising the alarm about mobile app developers relying on insecure practices that expose Amazon Web Services (AWS) credentials, making the supply chain vulnerable. Malicious ...