AWS – Page 2 – PossibleThreat Articles

Business in the front, party in the back: backdoors in elastic servers expose private data

January 17, 2020 0 Comments AWS, aws buckets, cloud database, cloud databases, cloud infrastructure, elastic databases, elastic servers, insecure cloud, pacs, personally identifiable information, port 9200, Threat spotlight

Credit to Author: Vasilios Hioureas| Date: Fri, 17 Jan 2020 18:58:47 +0000

It’s all too easy to discover data leaks online, especially in cloud services. We take a look at misconfigurations in elastic servers that lead to exposed data on the Internet.

Categories:

Threat spotlight

Tags: aws AWS buckets cloud database cloud databases cloud infrastructure elastic databases elastic servers insecure cloud pacs personally identifiable information port 9200

Security Sophos

Travel database exposed PII on US government employees

October 23, 2019 0 Comments amazon, AWS, best western, best western hotel & resorts group, data breach, data loss, department of homeland security, Elasticsearch, PII, Privacy, security threats

Credit to Author: Danny Bradbury| Date: Wed, 23 Oct 2019 10:32:40 +0000

A property management company owned by hotel chain Best Western has exposed 179 GB of sensitive travel information on thousands of travelers.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/ya-mCNqAOjw” height=”1″ width=”1″ alt=””/>

MalwareBytes Security

Hacking with AWS: incorporating leaky buckets into your OSINT workflow

September 13, 2019 0 Comments amazon, AWS, aws buckets, data, Hacking, Intel, intelligence gathering, open source intelligence, osint, pen testing, penetration testing, recon, reconnaisance, Researcher's corner, Vulnerabilities

Credit to Author: Vasilios Hioureas| Date: Fri, 13 Sep 2019 20:44:52 +0000

When penetration testing for an organization, what OSINT tactics can researchers employ? We discuss how hacking with AWS buckets can provide more recon data and uncover any leaks.

Categories:

Researcher’s corner

Tags: amazon aws AWS buckets data hacking Intel intelligence gathering open source intelligence OSINT pen-testing penetration testing recon reconnaisance vulnerabilities

MalwareBytes Security

Capital One breach exposes over 100 million credit card applications

August 2, 2019 0 Comments Amazon Elastic Compute Cloud, Amazon web services, AWS, capital one, Capital One data breach, data breach, EC2, Equifax, Equifax breach, fintech, iam, identity access management, Paige Thompson, Reports

Credit to Author: Pieter Arntz| Date: Fri, 02 Aug 2019 16:00:00 +0000

The Capital One data breach is an exceptional example, if only because of how much we already know. Not only that, but the breach happened to one of the technical front-runners in banking.

Categories:

Reports

Tags: Amazon Elastic Compute Cloud Amazon web services aws Capital One Capital One data breach data breach EC2 Equifax Equifax breach fintech iam identity access management Paige Thompson