CSOonline

AWS and Google Cloud command-line tools can expose secrets in CI/CD logs

Security researchers warn that certain commands executed in the AWS and Google Cloud command-line interfaces (CLIs) will return credentials and other secrets stored in environment variables as part of ...
Cloud Security Alliance

AWS Ends SSE-C Encryption, and a Ransomware Vector

SSE-C stands (well, stood) for “Server Side Encryption- Customer-provided keys”. It allowed you to provide an encryption key ...
ZDNet

AWS embraces Fedora Linux for its cloud-based Amazon Linux

AWS has long tried to incorporate Red Hat Enterprise Linux (RHEL) compatibility into Amazon Linux, but this latest release takes that to new heights. By using Fedora as its upstream, the new Amazon ...
TheServerSide

How to configure multiple AWS CLI authentication credentials

AWS power users often possess multiple IAM accounts with which they execute terminal commands and CLI operations. For example, an AWS developer might rely on separate accounts to manage Kubernetes ...
Dark Reading

AWS Elastic IP Transfer Feature Gives Cyberattackers Free Range

Attackers can compromise a new feature in Amazon Web Services (AWS) to hijack cloud accounts' static public IP addresses and abuse them for various malicious purposes, researchers have found. Threat ...
Business Insider

Amazon took down parts of the internet because an employee fat-fingered the wrong command

Lots of websites on Tuesday loaded slowly, or not at all, including Business Insider. The reason was that Amazon Web Services, a server product from Amazon that powers a surprising number of sites and ...
Dark Reading

Attackers Abuse AWS Cloud to Target Southeast Asian Governments

Attackers are targeting government entities in Southeast Asia with a novel Windows remote access Trojan (RAT), using a unique command-and-control (C2) tactic that abuses Amazon Web Services (AWS) ...