![]() ![]() Incident Report: TaskRouter JS SDK Security Incident User database, including MD5 hashed credentials Third-party compromise exposing access keyĮxchange rate service’s customer details hacked via AWSĬompromised third party software granting access to cloud environment “Internal compute instance” globally accessible, “Contained” AWS API keyĪccess to backend infrastructure, including user dataĬeleb Shout-Out App Cameo Exposes Private Videos and User Data How A Cryptocurrency Miner Made Its Way onto Our Internal Kubernetes Clusters Weave Scope (publicly exposed), RCE by design "Misconfigured WAF" that allowed for a SSRF attackĪ Technical Analysis of the Capital One Cloud Misconfiguration Breach Sacked IT guy annihilates 23 of his ex-employer’s AWS servers Hack Brief: Hackers Enlisted Tesla's Public Cloud to Mine Cryptocurrencyįormer contractor abuses broadly shared root credentialĭisclosure of Security Incidents on imToken Globally exposed Kubernetes console, Pod with AWS credentials Hackers have turned Politifact’s website into a trap for your PCĭXC spills AWS private keys on public GitHubĪWS Credentials committed to public github repoįEDERAL TRADE COMMISSION - Drizly ComplaintĬoinhive cryptojacking added to User data for 9.5m users, attempted extortionĢ Plead Guilty in 2016 Uber and HacksĪccessed database tables (with encrypted data) Names and driver’s license numbers of 600k drivers, PII of 57 million users in unencrypted manual backup ~13 Hacked Uber credentials purchased for forum gave access to private Github Repo with AWS credentials THE RUSSIAN FEDERATIONĬI/CD AWS access key and SSH private key leakedĪttacker attempted to pivot with customer credentials Shellshock on exposed, outdated prototype machineĪccess keys on server, used to create IAM user, create EC2, and mount backupĮC2 Snapshots copied to attacker AWS accountsĭEMOCRATIC NATIONAL COMMITTEE v. Wiped S3 buckets, EC2 instances, AMIs, EBS snapshots Joseph SullivanĪttacker created additional accounts/access keys Github Gist (data analysis script) with AWS credentialsĥ0,000 records, including names and driver’s licenses from S3 hosted database prunesĮxclusive: In lawsuit over hacking, Uber probes IP address assigned to Lyft exec - sources, A blameless post-mortem of USA v. Catalog of AWS Customer Security IncidentsĪ repository of breaches of AWS customers Name In the spirit of blameless postmortems 1, our goal is to learn from incidents without an atmosphere of blame. This repository is in no way intended as a criticism of the listed companies. It also excludes incidents impacting individuals, such as the periodic reports of cryptomining due to compromised credentials. Those incidents are already well understood, and examples can be found cataloged in places like nagwww's s3-leaks repo, upguard's reports, hackmeggedon's annual rollup reports (2022) and Corey Quinn's LWIAWS S3 Bucket Negligence Award. It will exclude incidents involving exposed data stores (e.g S3 bucket leaks, exposed managed or hosted databases). This repository seeks to index all publicly disclosed AWS customer security incidents with a known root cause. Reviewing the common root causes of security incidents is an effective way to guide prioritized remediation efforts. Security is an exercise in managing risk. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |