LocalBlox, a company that scrapes data from public web profiles, has left the details of over 48 million users on a publicly accessible Amazon Web Services (AWS) S3 bucket, according to an UpGuard security researcher who discovered the data on February 28, this year.
Roskomnadzor, Russia's telecommunications watchdog, banned today over 1.8 million IP addresses belonging to Amazon and Google's cloud infrastructure.
Security experts from MindPoint Group, an information security firm, have hijacked over 2,000 subdomains from legitimate websites while researching possible security flaws in Amazon's CloudFront CDN service.
New research published on Monday reveals that 5.8% of all Amazon S3 buckets are publicly readable, while 2% are publicly writeable —with the latter allowing anyone to add, edit, or delete data, and even hold a victim's data for ransom.
Amazon AWS S3 cloud storage servers might soon fall victims to ransom attacks, similar to how hacker groups held tens of thousands of MongoDB databases for ransom throughout 2017.
In what appears to be a New Years glitch, Amazon has sent out a barrage of emails to AWS users that state recipient's free tier services are forecasted to breach free limits. These alerts are being sent to customers who have active services and even those who do not currently have any running services with Amazon.
US data analytics provider Alteryx has left an Amazon S3 storage bucket exposed online, leaking the sensitive details of over 123 million US households in the process.
Ten days after an Amazon S3 server exposed data from the US Army's CENTCOM and PACOM divisions, security researchers have identified another S3 server instance that leaked files from INSCOM, a joint US Army and NSA agency tasked with conducting intelligence, security, and information operations.
A security researcher revealed today he found three misconfigured Amazon S3 servers belonging to the US Department of Defense (DOD) containing 1.8 billion social media and forum posts made by users from all over the world, including many by Americans.
Following a long string of data leaks caused by misconfigured S3 servers, Amazon has decided to add a visible warning to the AWS backend dashboard panel that will let server admins know if one of their buckets (storage environments) is publicly accessible and exposing potentially sensitive data on the Internet.
Hackers can exploit exposed Amazon S3 buckets to carry out silent Man-in-the-Middle attacks or other hacks on a company's customers or internal staff.
During the past year, there has been a surge in data breach reporting regarding Amazon S3 servers left accessible online, and which were exposing private information from all sorts of companies and their customers.
Millions of small websites, app backends, and various high-profile services are offline or experiencing severe issues because of a mysterious problem that hit Amazon's S3 (Simple Storage Service) a few hours ago.