SEARCH
Archive
Amazon Fixes Five Flaws in AWS Encryption Client
Amazon has patched five vulnerabilities in its AWS Encryption Client, including a CBC padding oracle flaw.
AWS Adds New Protections Against SSRF, Other Web App Attacks
The new AWS IMDSv2 security feature mitigates common attacks that take advantage of SSRF, open WAFs, and open layer 3 firewalls.
Exposed AWS Resources Leaked Sensitive Data
Amazon S3 buckets aren't the only data repositories that can leak data because of the organization's configuration errors. Other cloud services on the AWS platform are often found accessible by anyone on the Internet.
SSH Key Exposure: Lapses in Server Access Security
The exposure of SSH keys to public websites or code repositories can result in unauthorized admin access to your servers and systems.
Securing Access to Data Stored in Amazon S3 Buckets
There have been countless examples of misconfigured access to Amazon S3 buckets containing massive amounts of sensitive data - here’s how you can configure granular access policies and use MFA to protect your data in the cloud.