Browsing tag
New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive credentials in build logs, posing significant risks to organizations. The vulnerability has been codenamed LeakyCLI by cloud security firm Orca. “Some commands on Azure CLI, AWS CLI, and Google Cloud CLI can expose sensitive […]
Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims’ sessions and achieve remote code execution on underlying instances. The vulnerability, now addressed by AWS, has been codenamed FlowFixation by Tenable. “Upon […]
A new phishing campaign has been observed delivering remote access trojans (RAT) such as VCURMS and STRRAT by means of a malicious Java-based downloader. “The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub, employing a commercial protector to avoid detection of the malware,” Fortinet FortiGuard Labs researcher Yurren Wan said. […]
Cloudflare has revealed that it was the target of a likely nation-state attack in which the threat actor leveraged stolen credentials to gain unauthorized access to its Atlassian server and ultimately access some documentation and a limited amount of source code. The intrusion, which took place between November 14 and 24, 2023, and detected on […]
A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person, described as the “mastermind” behind the operation, was apprehended in Mykolaiv, Ukraine, on January 9 by the National Police of Ukraine with support from Europol and an unnamed […]
Amazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called HTTP/2 Rapid Reset. The layer 7 attacks were detected in late August 2023, the companies said in a coordinated disclosure. The cumulative susceptibility to this attack is being […]
Amazon Web Services (AWS) has resolved a cross-tenant vulnerability in its platform that could be weaponized by an attacker to gain unauthorized access to resources. The issue relates to a confused deputy problem, a type of privilege escalation where a program that doesn’t have permission to perform an action can coerce a more-privileged entity to […]
Specification of the upcoming Intel 10th Gen Comet Lake CPU has been leaked on a Chinese Website. The latest CPUs will only offer a minor refresh of the current Whiskey Lake and Coffee Lake architectures. The CPU will mark the first time when Intel would be forced to use 5-digit numbering for its CPU models. […]
CPU comparison between Intel and ARM has been a topic since 2010 when Steve Jobs predicted the future of Apple with ARM. It was not long ago when Intel Atom used to be a thing. The processor started its journey on some smartphones but ended up receiving no proper app support. Intel processors were overshadowed […]
Short Bytes: If we take a look at the highest paying software skills for developers, we observe that cloud-based skills are dominating the tech world. Amazon Web Services like DynamoDB, MapReduce, and CloudFormation are topping the charts of the most in-demand skills. Cloud company named NovelAspect has populated different job listings from the job site Indeed. […]
To benefit the hard-working app developers and programmers, Amazon is starting a cloud-based service named AWS Device Farm. AWS Device Farm will help developers to test their applications on real devices i.e. physical cellphones and tablets. For the time being, iOS app testing is not included in AWS Device Farm and this service will be […]