InfoSecBulletin Cybersecurity for mankind
DataDog Security Labs found a worrying campaign targeting Amazon Web Services (AWS), showing a new wave of harmful activity aimed at compromising important cloud resources. The attackers are using various methods, focusing on finding and possibly stealing data from AWS Secrets Manager, S3 buckets, and S3 Glacier vaults.
Between May 23rd and 27th, 2024, a campaign showed how cyber threats to cloud infrastructure continue to evolve. The attackers likely to use leaked access keys, residential proxies, and the Cloudflare WARP VPN to hide their actions, showing their sophistication and determination.
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
TP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
WSJ reports
T-Mobile hacked in massive breach of telecom networks
Palo Alto Networks Confirms critical RCE zero-day actively exploited
CISA, FBI Warns
Hacker compromised multiple teleco network at US
DataDog’s research did not find any successful attempts to steal data. However, the fact that many AWS resources were being identified suggests that there might be a deliberate and potentially large-scale operation happening.
While DataDog’s research did not observe successful data exfiltration attempts, the widespread enumeration of AWS resources suggests a calculated and potentially large-scale operation. The attackers may be assessing the value of available data before initiating exfiltration or testing the level of access they possess for potential resale in underground markets.
Attackers are now targeting S3 Glacier vaults, a shift from the traditional focus on S3 buckets. This shows that attackers are broadening their tactics to explore new ways to exploit potential vulnerabilities.
DataDog’s report provides important information about the tactics, techniques, and procedures used in this campaign. It gives organizations valuable insights to improve their AWS security. By monitoring the indicators of compromise and implementing proactive security measures, organizations can reduce the risk of being attacked.
