Cybercriminal gangs have hacked public websites to extract data including Amazon Web Services (AWS) cloud credentials from organisations. Cybersecurity researchers Noam Rotem and Ran Locar of CyberCyber Labs found the data in an AWS storage bucket left open due to a misconfiguration, stored by an attacker. The cyberattacks have been connected to threat groups Nemesis and ShinyHunters, known for a hack on Ticketmaster earlier in 2021. AWS responded to insider reports of the operation by urging users to store credentials safely.
Mandiant reveals details of major Ivanti VPN vulnerability
Cybersecurity firm Mandiant has discovered a zero-day vulnerability in Ivanti Connect Secure VPN appliances being exploited by a potential China-linked cyber-espionage group. With no clear
