Amazon Web Services (AWS) has fixed a bug that let attackers bypass its CloudTrail API monitoring system. It came to light after Datadog research found the iamadmin API was undocumented and allowed requests without generating event logs. The flaw could have let attackers carry out undetected reconnaissance activities, and potentially bypass Amazon’s GuardDuty security. The issue was reported to Amazon in March, and the fix was released in October, updating the iamadmin API.
Rest, AustralianSuper Among Funds Hit By Cyberattack
Australia’s largest superannuation funds, including AustralianSuper, REST, Australian Retirement Trust, and Hostplus, have suffered from a coordinated cyber attack, with around 8,000 accounts breached. Hackers
