aws-customer-security-incidents
aws-customer-security-incidents copied to clipboard
ramimac
A repository of breaches of AWS customers
- https://sirleeroyjenkins.medium.com/bypassing-ssrf-protection-to-exfiltrate-aws-metadata-from-larksuite-bf99a3599462 - https://buer.haus/2016/04/18/esea-server-side-request-forgery-and-querying-aws-meta-data/ - https://ysx.me.uk/a-pair-of-plotly-bugs-stored-xss-and-aws-metadata-ssrf/
https://www.pdpc.gov.sg/-/media/Files/PDPC/PDF-Files/Commissions-Decisions/Decision---Sendtech-Pte-Ltd---220721.ashx?la=en There was an unauthorized access to the Organisation’s Amazon Web Services (“AWS”) account via an access key (the “Incident”). 2. The Organisation became aware of the Incident on 10...
https://archive.ph/bRjXi Overview of the incident: the hackers reset passwords through emails and obtained the Amazon AWS web account for our 2.0 Beta server
https://www.pdpc.gov.sg/-/media/Files/PDPC/PDF-Files/Commissions-Decisions/Decision---Commeasure-Pte-Ltd---15092021.pdf?la=en Investigations revealed that the unknown threat actor(s) had most likely gained access and exfiltrated the Organisation’s database of customer records hosted in an Amazon RDS cloud database, after they...
https://www.firemon.com/what-you-need-to-know-about-ransomware-in-aws/?ck_subscriber_id=1413415352
https://services.google.com/fh/files/misc/gcat-threathorizons-full-nov2021.pdf
https://www.linkedin.com/posts/the-dfir-report_insight-from-an-unusual-script-in-dagon-activity-7130185501621325826-zJfB/?trk=public_profile_like_view