The Information Highway

The Information Highway

Amazon Web Services

Malicious PyPI Package 'Fabrice' Found Stealing AWS Keys from Thousands of Developers

Thursday, 07 November 2024

Ravie Lakshmanan

Security News

aw_20241109-185929_1

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services (AWS) credentials.

Continue reading

446 Hits

0 Comments

Tags:

Cybersecurity researchers package Python Package Index exfiltrating developers Amazon Web Services

Amazon's AWS SSM agent can be used as post-exploitation RAT malware

Wednesday, 02 August 2023

Security Cloud Computing

hacker-looking-at-screens

Researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows hackers to use the platform's System Manager (SSM) agent as an undetectable Remote Access Trojan (RAT).

Continue reading

1335 Hits

0 Comments

Tags:

agent SSM System Manager Amazon Web Services post-exploitation technique

Blog Categories
Security 453 post(s) News 315 post(s) Technology 153 post(s) Compliance 27 post(s) Cloud Computing 10 post(s) Uncategorized 1 post(s) Business Continuity & Disaster Recovery 1 post(s)

You May Also Like

Citrix warns admins to kill NetScaler user sessions to block hackers

Citrix reminded admins today that they must take additional measures after patching their NetScaler ...

Exploited cryptojacking campaign impacting Docker

Threat update A new cryptojacking campaign exploiting the Docker Engine API has been discovere...

New RAMBO attack steals data using RAM in air-gapped computers

A novel side-channel attack dubbed "RAMBO" (Radiation of Air-gapped Memory Bus for Offense) ge...

CISA urges software devs to weed out path traversal vulnerabilities

CISA and the FBI urged software companies today to review their products and eliminate path traversa...

Barracuda ESG zero-day attacks linked to suspected Chinese hackers

A suspected pro-China hacker group tracked by Mandiant as UNC4841 has been linked to data-thef...

Blog Archive

Recent Comments
No comments yet.

Recent Blogs

08 December 2024

QR codes bypass browser isolation for malicious C2 communication

06 December 2024

Microsoft expands Recall preview to Intel and AMD Copilot+ PCs

04 December 2024

Microsoft says having a TPM is "non-negotiable" for Windows 11

04 December 2024

FBI shares tips on how to tackle AI-powered fraud schemes

04 December 2024

BT unit took servers offline after Black Basta ransomware breach

Tag Cloud

Top Breaches Cost ($) of 2024

HEALTHCARE

FINANCIAL

INDUSTRIAL

TECHNOLOGY

ENERGY

Source: IBM Cost of a Data Breach Report 2024