Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kyaw_Myo_Oo
Contributor III
a week ago
a week ago

Ongoing Campaign Targeting Amazon Web Services S3 Buckets

Dear all,

 

There are reports of a ransomware campaign that targets Amazon Web Services (AWS) S3 bucket functionality by abusing their versioning and encryption features. By compromising identify and access management (IAM) credentials or exploiting overly permissive IAM roles, attackers gain unauthorised access and render the original data inaccessible unless a ransom is paid or S3 versioning was enabled (allowing data restoration by the victim). This approach leverages the widespread use of AWS in enterprise environments, making recovery efforts more complex and amplifying the impact of weak security configurations.

 

https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-006

 

 

 

 

 

Kyaw Myo Oo
Information Security Program Manager , CB BANK PCL
CCIE #58769 | PCNSE | SAA-C03 | CCSM | CISSP | PMP
Reply
0 Replies