S3 bucket – Experimental News Clipping Site

Simon Willison’s Weblog: Using S3 triggers to maintain a list of files in DynamoDB

Feb 19, 2025

—

by

Source URL: https://simonwillison.net/2025/Feb/19/s3-triggers/#atom-everything Source: Simon Willison’s Weblog Title: Using S3 triggers to maintain a list of files in DynamoDB Feedly Summary: Using S3 triggers to maintain a list of files in DynamoDB I built an experimental prototype this morning of a system for efficiently tracking files that have been added to a large S3 bucket…

The Register: Chinese spies suspected of ‘moonlighting’ as tawdry ransomware crooks

Feb 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/02/14/chinese_spies_ransomware_moonlighting/ Source: The Register Title: Chinese spies suspected of ‘moonlighting’ as tawdry ransomware crooks Feedly Summary: Some employees steal sticky notes, others ‘borrow’ malicious code A crew identified as a Chinese government-backed espionage group appears to have started moonlighting as a ransomware player – further evidence that lines are blurring between nation-state cyberspies…

AWS News Blog: AWS CloudTrail network activity events for VPC endpoints now generally available

Feb 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://aws.amazon.com/blogs/aws/aws-cloudtrail-network-activity-events-for-vpc-endpoints-now-generally-available/ Source: AWS News Blog Title: AWS CloudTrail network activity events for VPC endpoints now generally available Feedly Summary: AWS CloudTrail now offers network activity events for VPC endpoint logging, enabling comprehensive monitoring and recording of AWS API activity through VPC endpoints to enhance security visibility, detect unauthorized access, and prevent data exfiltration…

Hacker News: Delivering Malware Through Abandoned Amazon S3 Buckets

Feb 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.schneier.com/blog/archives/2025/02/delivering-malware-through-abandoned-amazon-s3-buckets.html Source: Hacker News Title: Delivering Malware Through Abandoned Amazon S3 Buckets Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a concerning vulnerability in software supply chain security, specifically targeting abandoned Amazon S3 buckets that could serve as a platform for malware delivery. The research highlights the potential risks…

Schneier on Security: Delivering Malware Through Abandoned Amazon S3 Buckets

Feb 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.schneier.com/blog/archives/2025/02/delivering-malware-through-abandoned-amazon-s3-buckets.html Source: Schneier on Security Title: Delivering Malware Through Abandoned Amazon S3 Buckets Feedly Summary: Here’s a supply-chain attack just waiting to happen. A group of researchers searched for, and then registered, abandoned Amazon S3 buckets for about $400. These buckets contained software libraries that are still used. Presumably the projects don’t realize…

The Register: Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look ‘insignificant’

Feb 4, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/02/04/abandoned_aws_s3/ Source: The Register Title: Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look ‘insignificant’ Feedly Summary: When cloud customers don’t clean up after themselves, part 97 Abandoned AWS S3 buckets could be reused to hijack the global software supply chain in an attack that would make…

AWS News Blog: Luma AI’s Ray2 video model is now available in Amazon Bedrock

Jan 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://aws.amazon.com/blogs/aws/luma-ai-ray-2-video-model-is-now-available-in-amazon-bedrock/ Source: AWS News Blog Title: Luma AI’s Ray2 video model is now available in Amazon Bedrock Feedly Summary: Amazon Bedrock now offers Luma AI’s Ray2 video model, enabling users to generate high-quality, 5 or 9 second video clips with 540p and 720p resolution from text prompts, marking AWS as the exclusive cloud…

CSA: Unpacking the LastPass Hack: A Case Study

Jan 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://insidersecurity.co/lastpass-hack-illustrative-case-study/ Source: CSA Title: Unpacking the LastPass Hack: A Case Study Feedly Summary: AI Summary and Description: Yes Summary: The text provides an in-depth analysis of the LastPass hack, emphasizing the importance of security practices in cloud computing and software services. It discusses the vulnerabilities exploited during the breach, the implications of the…

Slashdot: Ransomware Crew Abuses AWS Native Encryption, Sets Data-Destruct Timer for 7 Days

Jan 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/01/14/0141238/ransomware-crew-abuses-aws-native-encryption-sets-data-destruct-timer-for-7-days?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Ransomware Crew Abuses AWS Native Encryption, Sets Data-Destruct Timer for 7 Days Feedly Summary: AI Summary and Description: Yes Summary: The emergence of the ransomware group Codefinger highlights a novel and dangerous method of exploiting AWS S3 buckets by using compromised AWS keys and AWS’s SSE-C (Server-Side Encryption with…

The Register: Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days

Jan 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/13/ransomware_crew_abuses_compromised_aws/ Source: The Register Title: Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days Feedly Summary: ‘Codefinger’ crims on the hunt for compromised keys A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant’s own server-side encryption with customer provided keys (SSE-C) to lock up…

Tag: S3 bucket