skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Cybercriminals Steal AWS Credentials from Public Websites

/ 1 min read

💻✨ Cybercriminals exploit public website vulnerabilities to steal AWS credentials. A mass cyber operation has been uncovered, revealing that gangs have scanned millions of public websites to steal Amazon Web Services (AWS) cloud credentials from thousands of organizations. Independent researchers identified the attackers as linked to known groups, including ShinyHunters, which previously breached Ticketmaster. The operation involved a two-step attack sequence, utilizing scripts to find exposed endpoints and extract sensitive data, including proprietary source code and database credentials. AWS confirmed that the vulnerabilities were on the customer application side and took steps to mitigate the impact. Experts recommend organizations implement security measures such as avoiding hardcoded credentials and using web application firewalls to protect against similar attacks.

Source
{entry.data.source.title}
Original