Sign in to follow this  
Snaggles

S3 bucket security changes

Recommended Posts

AWS is a scary place for me, mainly due to having been used to on-prem in regards to hosts that may be running within datacenters that I have access to. Spinning up new instances and potentially not even checking the security of the instances can prove to be detrimental to people.. Then there's another point to consider, S3 buckets. It's worth reading up that there is consistently the possibility that storage buckets are put in place that allow for perpetrators to access websites because they were left open and public write access is left enabled. In this case, Magecart is the same threat actor that also attacked  British Airways who suffered a massive data breach of personal data and credit-card numbers of up to 380,000 customers, and as a result was fined £183 million by the ICO for not complying with GDPR regulations. They are a pretty well known cybercriminal hacker group and considering we are on Cracked, a point of envy in my opinion. Here's further source reading:

 

https://www.theregister.co.uk/2019/07/12/riskiq_magecart_s3/

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this