SecurityWeek
Vulnerability Allowed One-Click Takeover of AWS Service Accounts
AWS patches vulnerability that could have been used to hijack Managed Workflows Apache Airflow (MWAA) sessions via FlowFixation attack.
SecurityWeek
AWS patches vulnerability that could have been used to hijack Managed Workflows Apache Airflow (MWAA) sessions via FlowFixation attack.
SC Magazine
Several AWS, Azure and Google Cloud domains were found to lack a key guardrail against XSS.
SC Magazine
Several AWS, Azure and Google Cloud domains were found to lack a key guardrail against XSS.
Trend Micro
We found malicious samples attempting to steal Amazon Elastic Compute Cloud (EC2) Workloads' access keys and tokens via typosquatting and the abuse of legitimate tools.
The DFIR Report
In this intrusion from May 2022, the threat actors used BumbleBee as the initial access vector. BumbleBee has been identified as an initial access vector utilized by several ransomware affiliates. …
DataBreaches
Spotted today: a notification by the Renton School District in Washington that they notified 20,509 Washington residents on June 17 dues to a breach that...
Bleeping Computer
A malware named Electron Bot has found its way into Microsoft's Official Store through clones of popular games such as Subway Surfer and Temple Run, leading to the infection of 5,000 computers in Sweden, Israel, Spain, and Bermuda.
ThreatPost
Ashwin Vamshi Adware strains Shlayer and Bundlore are the most common malware in macOS – although they have slight variations, they have long invaded and bypassed Xprotect, Notarization, Gatekeeper, and File Quarantine, all security features pre-built into macOS. The Uptycs threat research team has tracked these threats, along with 90% of macOS malware in routine