AWS

AWS releases updated PCI PIN compliance report for payment cryptography

AWS releases updated PCI PIN compliance report for payment cryptography 2026-01-26 at 07:05 By Anamarija Pogorelec Amazon Web Services has published an updated Payment Card Industry Personal Identification Number (PCI PIN) compliance package for its AWS Payment Cryptography service, confirming a recent third-party audit of the platform. The report package is now accessible through AWS’s […]

AWS releases updated PCI PIN compliance report for payment cryptography Read More »

AWS European Sovereign Cloud puts data, operations, and oversight inside the EU

AWS European Sovereign Cloud puts data, operations, and oversight inside the EU 2026-01-15 at 13:54 By Sinisa Markovic Amazon has made the AWS European Sovereign Cloud generally available to customers across the European Union, backed by a €7.8 billion investment. According to AWS, the funding will support infrastructure buildout, staffing, and long-term operations, and is

AWS European Sovereign Cloud puts data, operations, and oversight inside the EU Read More »

re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities 

re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities  2025-12-03 at 14:35 By Eduard Kovacs AWS and cybersecurity vendors have made several announcements at the cloud giant’s re:Invent 2025 event.  The post re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities  appeared first on SecurityWeek. This article is an excerpt from

re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities  Read More »

Rethinking AI security architectures beyond Earth

Rethinking AI security architectures beyond Earth 2025-10-08 at 09:39 By Mirko Zorz If you think managing cloud security is complex, try doing it across hundreds of satellites orbiting the planet. Each one is a moving endpoint that must stay secure while communicating through long, delay-prone links. A new study explores how AI could automate security

Rethinking AI security architectures beyond Earth Read More »

AWS Trusted Advisor Tricked Into Showing Unprotected S3 Buckets as Secure

AWS Trusted Advisor Tricked Into Showing Unprotected S3 Buckets as Secure 2025-08-22 at 12:22 By Eduard Kovacs AWS has addressed a vulnerability that could have been leveraged to bypass Trusted Advisor’s S3 bucket permissions check. The post AWS Trusted Advisor Tricked Into Showing Unprotected S3 Buckets as Secure appeared first on SecurityWeek. This article is

AWS Trusted Advisor Tricked Into Showing Unprotected S3 Buckets as Secure Read More »

AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged

AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged 2025-08-21 at 14:38 By Zeljka Zorz AWS’s Trusted Advisor tool, which is supposed to warn customers if their (cloud) S3 storage buckets are publicly exposed, could be “tricked” into reporting them as not exposed when they actually are, Fog Security researchers have found. S3

AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged Read More »

As AI grows smarter, your identity security must too

As AI grows smarter, your identity security must too 2025-08-19 at 08:35 By Help Net Security AI is no longer on the horizon, it’s already transforming how organizations operate. In just a few years, we’ve gone from isolated pilots to enterprise-wide adoption. According to a recent SailPoint survey, 82% of companies are running AI agents

As AI grows smarter, your identity security must too Read More »

AWS CISO explains how cloud-native security scales with your business

AWS CISO explains how cloud-native security scales with your business 2025-08-13 at 09:01 By Mirko Zorz In this Help Net Security interview, Amy Herzog, CISO at AWS, discusses how cloud-native security enables scalable, flexible protection that aligns with how teams build in the cloud. She explains the Shared Responsibility Model and the tools and processes

AWS CISO explains how cloud-native security scales with your business Read More »

Analyze resource-based policy dependencies across your AWS Organizations accounts

Analyze resource-based policy dependencies across your AWS Organizations accounts 2025-05-09 at 08:02 By Help Net Security Managing multiple AWS accounts in an organization can get complicated, especially when trying to understand how services and permissions are connected. The Account Assessment for AWS Organizations open-source tool helps simplify this process by giving you a central place

Analyze resource-based policy dependencies across your AWS Organizations accounts Read More »

YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection

YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection 2025-04-07 at 07:35 By Mirko Zorz YES3 Scanner is an open-source tool that scans and analyzes 10+ different configuration items for your S3 buckets in AWS. This includes access such as public access via ACLs and bucket policies – including the complex combinations of

YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection Read More »

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover 2025-03-25 at 18:54 By Zeljka Zorz Wiz researchers have unearthed several critical vulnerabilities affecting Ingress NGINX Controller for Kubernetes (ingress-nginx) that may allow attackers to take over Kubernetes clusters. “Based on our analysis, about 43% of cloud environments are vulnerable to these vulnerabilities, with our research uncovering

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover Read More »

Finders Keypers: Open-source AWS KMS key usage finder

Finders Keypers: Open-source AWS KMS key usage finder 2025-03-24 at 07:32 By Mirko Zorz Finders Keypers is an open-source tool for analyzing the current usage of AWS KMS keys. It supports both AWS customer managed KMS keys and AWS Managed KMS keys. Use cases include: Identifying the blast radius of specific KMS keys and the

Finders Keypers: Open-source AWS KMS key usage finder Read More »

Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms

Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms 2025-02-05 at 14:50 By Eduard Kovacs 150 abandoned Amazon S3 buckets could have been leveraged to deliver malware or backdoors to governments and Fortune companies. The post Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms appeared first on SecurityWeek. This article is an

Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms Read More »

Attackers are encrypting AWS S3 data without using ransomware

Attackers are encrypting AWS S3 data without using ransomware 2025-01-13 at 19:03 By Zeljka Zorz A ransomware gang dubbed Codefinger is encrypting data stored in target organizations’ AWS S3 buckets with AWS’s server-side encryption option with customer-provided keys (SSE-C), and asking for money to hand over the key they used. They do not exfiltrate the

Attackers are encrypting AWS S3 data without using ransomware Read More »

The shocking speed of AWS key exploitation

The shocking speed of AWS key exploitation 2024-12-02 at 21:19 By Zeljka Zorz It’s no secret that developers often inadvertently expose AWS access keys online and we know that these keys are being scraped and misused by attackers before organizations get a chance to revoke them. Clutch Security researchers performed a test to see just

The shocking speed of AWS key exploitation Read More »

AWS offers incident response service

AWS offers incident response service 2024-12-02 at 14:15 By Zeljka Zorz Amazon Web Services (AWS) has launched a new service to help organizations prepare for and recover from ransomware attacks, account takeovers, data breaches, and other security events: AWS Security Incident Response (SIR). Creating a case (Source: AWS) AWS Security Incident Response explained “Security events

AWS offers incident response service Read More »

Deploy a SOC using Kali Linux in AWS

Deploy a SOC using Kali Linux in AWS 2024-11-25 at 07:04 By Mirko Zorz The Kali SOC in AWS project enables the deployment of a Security Operations Center (SOC) in AWS, utilizing the Kali Linux toolset for purple team activities. This environment is ideal for honing skills in security operations, threat detection, incident response, and

Deploy a SOC using Kali Linux in AWS Read More »

AWS security essentials for managing compliance, data protection, and threat detection

AWS security essentials for managing compliance, data protection, and threat detection 2024-11-07 at 07:03 By Help Net Security AWS offers a comprehensive suite of security tools to help organizations manage compliance, protect sensitive data, and detect threats within their environments. From AWS Security Hub and Amazon GuardDuty to Amazon Macie and AWS Config, each tool

AWS security essentials for managing compliance, data protection, and threat detection Read More »

Scroll to Top