AWS systems targeted by crypto mining scam using hijacked IAM credentials

Cybercriminals are targeting Amazon Web Services (AWS) customers using Amazon EC2 and Amazon ECS with cryptojackers, expert ...
InfoQ

AWS Adds Automated Detection of Unused IAM Roles, Users, and Permissions

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
The Hacker News

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

Amazon reports a new AWS crypto mining campaign abusing IAM credentials, ECS, EC2, and termination protection for persistence ...
InfoQ

AWS IAM Identity Center Introduces APIs to Manage Users and Groups at Scale

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Security Boulevard

Preventing This Week’s AWS Cryptomining Attacks: Why Detection Fails and Permissions Matter

The recent discovery of a cryptomining campaign targeting Amazon compute resources highlights a critical gap in traditional cloud defense. Attackers are bypassing perimeter defenses by leveraging ...
Dark Reading

Attackers Use Stolen AWS Credentials in Cryptomining Campaign

Threat actors wielding stolen AWS Identity and Access Management (IAM) credentials leverage Amazon EC and EC2 infrastructure ...
Computer Weekly

Warning: AWS IAM behaves differently to directory services

Researchers from Israeli security firm Lightspin have identified an issue with configuring identity and access control services on Amazon Web Services (AWS) that could leave many organisations ...