Bleeping Computer

Amazon: Ongoing cryptomining campaign uses hacked AWS accounts

Amazon’s AWS GuardDuty security team is warning of an ongoing crypto-mining campaign that targets its Elastic Compute Cloud (EC2) and Elastic Container Service (ECS) using compromised credentials for ...
InfoQ

AWS Introduces Centralized Root Access Management for Organizations

AWS has introduced a new capability for AWS Organizations members, allowing administrators to centrally manage and restrict root-user access across multiple AWS accounts. This update enhances security ...
Bleeping Computer

Amazon to make MFA mandatory for 'root' AWS accounts by mid-2024

Amazon will require all privileged AWS (Amazon Web Services) accounts to use multi-factor authentication (MFA) for stronger protection against account hijacks leading to data breaches, starting in mid ...
SDxCentral

AWS introduces resource sharing across VPCs and accounts with new features

AWS customers can enhance cloud integration and simplify modernization. New features enable sharing resources securely across VPCs and accounts with EventBridge and Step Functions. The introduction of ...
Dark Reading

AWS Elastic IP Transfer Feature Gives Cyberattackers Free Range

Attackers can compromise a new feature in Amazon Web Services (AWS) to hijack cloud accounts' static public IP addresses and abuse them for various malicious purposes, researchers have found. Threat ...
TMCnet

Platformr Launches Optics AI Suite, Bringing Natural Language Intelligence to AWS Organizations

Optics Discovery, the first release in the suite, cuts through the complexity of AWS data to give every team member complete visibility and plain-English answers across their entire organization. BEND ...
CSOonline

whoAMI name confusion attacks can expose AWS accounts to malicious code execution

Thousands of active AWS accounts are vulnerable to a cloud image name confusion attack that could allow attackers to execute codes within those accounts. According to DataDog research, vulnerable ...