Dark Reading

Securing Serverless: Attacking an AWS Account via a Lambda Function

I have to admit, at first, I didn't quite understand what Caleb was trying to tell me, however a quick glimpse at the URL, which contained the words Lambda and Shell, seemed as if he was trying to ...
Bleeping Computer

Amazon to make MFA mandatory for 'root' AWS accounts by mid-2024

Amazon will require all privileged AWS (Amazon Web Services) accounts to use multi-factor authentication (MFA) for stronger protection against account hijacks leading to data breaches, starting in mid ...
TheServerSide

Top 5 AWS root account best practices

Community driven content discussing all aspects of software development from DevOps to design patterns. Keeping your Amazon account secure is a major concern for every AWS user and admin. Here are the ...
CSOonline

AWS access control confusion enables cross-account attacks

The Amazon Web Services identity and access management (IAM) mechanism is complex, and not fully understanding its particularities often leads to misconfigurations and exposed cloud assets.
app.com

AWS Security: Protecting Data and Workloads in the Cloud

Cloud computing has transformed how businesses store and manage data, but it has also complicated security issues. For organizations that rely on Amazon Web Services, AWS Security serves as the ...
TheServerSide

How you can create an AWS account alias

Community driven content discussing all aspects of software development from DevOps to design patterns. When an IAM user logs in to the AWS Management Console, a 12-digit account ID is required to ...
CSOonline

S3 shadow buckets leave AWS accounts open to compromise

Attackers can gain access to AWS accounts or sensitive data by creating in advance S3 storage buckets with predictable names that will be automatically used by various services and tools. Researchers ...