SiliconANGLE

AWS IAM credentials at risk: EleKtra-Leak operation revealed by Unit 42

A new report from Palo Alto Networks Inc.’s Unit 42 warns of a new active campaign targeting exposed Amazon Web Services Inc. identity and access management credentials within public GitHub ...
Dark Reading

'Elektra-Leak' Attackers Harvest AWS Cloud Keys in GitHub Campaign

Attackers are actively harvesting exposed Amazon Web Services (AWS) identity and access management (IAM) credentials in public GitHub repositories to create AWS Elastic Compute (EC2) instances for ...
Hosted on MSN

AWS systems targeted by crypto mining scam using hijacked IAM credentials

Attackers used stolen high‑privilege IAM credentials to rapidly deploy large‑scale cryptomining on EC2 and ECS They launched GPU‑heavy auto‑scaling groups, malicious Fargate containers, new IAM users, ...
Dark Reading

Privilege Escalation Issue in Amazon ECS Leads to IAM Hijacking

BLACK HAT USA – Las Vegas – Thursday, Aug. 7 — A privilege escalation issue in Amazon's Elastic Container Service (ECS) could be used by an attacker to steal credentials and access other cloud ...
Computer Weekly

Warning: AWS IAM behaves differently to directory services

Researchers from Israeli security firm Lightspin have identified an issue with configuring identity and access control services on Amazon Web Services (AWS) that could leave many organisations ...