Ars Technica

AWS S3 storage bucket with unlucky name nearly cost developer $1,300

That's not the point here. This guy set the access control correctly, and was charged for AWS denying access to his bucket. AWS charge for requests, whether successful or denied. The real WTF is that ...
Bleeping Computer

How attackers abuse S3 Bucket Namesquatting — And How to Stop Them

With the sheer amount of data and users leveraging AWS, it’s easy for misconfigurations to slip through the cracks. One commonly overlooked area is the naming of S3 buckets. AWS S3 bucket names are ...
ZDNet

AWS rolls out new security feature to prevent accidental S3 data leaks

Amazon's Web Services division has rolled out new security features to AWS account owners today that are meant to prevent accidental data exposures caused by the misconfiguration of S3 data storage ...
Dark Reading

AWS's Predictable Bucket Names Make Accounts Easier to Crack

The Amazon Web Services Cloud Development Kit (CDK), a popular open source tool, allows cyber teams to conveniently build software-defined cloud infrastructure with widely used programming languages, ...
Bleeping Computer

Misconfigured Amazon S3 Buckets Expose Users, Companies to Stealthy MitM Attacks

Hackers can exploit exposed Amazon S3 buckets to carry out silent Man-in-the-Middle attacks or other hacks on a company's customers or internal staff. Codenamed GhostWriter, the technique relies on an ...