If the headlines are any indication, hackers continue to exploit vulnerabilities in cloud infrastructure platforms, with targeted AWS attacks becoming very common. Many attacks follow similar patterns: Actors are typically looking opportunistically for AWS keys, which are either accidentally posted to open source code websites like GitHub or stolen from employee laptops using malware. Once the actor has gained access to the AWS account, they often look for fairly direct paths to sensitive data or valuable resources, such as an open S3 bucket or access to launch a new EC2 instance to mine cryptocurrency.
Many developers use AWS access keys that have not been changed in months or years. Although keeping these keys the same makes things easy for the developers, it’s not very good security hygiene. Many organizations aren’t aware that their stagnant AWS keys could be causing major vulnerabilities. Read more “How to Avoid Targeted AWS Attacks With Secure AWS Keys”