Articles about s3

passport

When it absolutely, positively needs to be leaked overnight: 120k FedEx customer files spill from AWS S3 silo

Another day, another unsecured Amazon Web Services S3 storage bucket spilling secrets onto the public internet. This time it's a misconfigured AWS cloud silo belonging to FedEx, which openly exposed an archive of more than 119,000 scanned documents – including passports and drivers licenses – plus customer records including …
Iain Thomson, 15 Feb 2018
hacker

NSA code backported, crims cuffed, leaky AWS S3 buckets, and more

Roundup Here's a roundup of this week's security news, beyond what we've already covered, to kickstart your weekend. You dirty RAT Scumbags could, once upon a time, buy a remote access trojan called Luminosity Link for about $40, and get a piece of malware that, when installed on victims' PCs, would spy on their activities, disable …
Iain Thomson, 10 Feb 2018
bucket

Good news: unsecured S3 bucket discovery just got easier

If you thought the business of discovering unsecured Amazon Web Services S3 buckets was for the pros, think again: like all things, the process can be automated, and the code to automate it posted to GitHub. It's not a new discipline – quickly Googling GitHub for S3 bucket enumeration turns up more than 1,000 results, but the …

US credit repair biz damages own security: 111GB of personal info exposed in S3 blunder

The National Credit Federation, a US credit repair biz, left 111GB of thousands of folks' highly sensitive personal details exposed to the public internet, according to security researchers. In yet another AWS S3 configuration cockup, Americans' names, addresses, dates of birth, photos of driver licenses and social security …
Iain Thomson, 2 Dec 2017
army

Massive US military social media spying archive left wide open in AWS S3 buckets

Three misconfigured AWS S3 buckets have been discovered wide open on the public internet containing "dozens of terabytes" of social media posts and similar pages – all scraped from around the world by the US military to identify and profile persons of interest. The archives were found by UpGuard's veteran security-breach …
Iain Thomson, 17 Nov 2017
ABC logo

Australian Broadcasting Corporation leaks passwords, video from AWS S3 bucket

The Australian Broadcasting Corporation (ABC) has joined the long list of organisations to leak sensitive data from a poorly secured public-facing Amazon Web Services S3 bucket. Security outfit Kromtech's chief communications officer Bob Diachenko on Thursday revealed today that the company “identified a trove of data that is …
Simon Sharwood, 16 Nov 2017
Amazonian_rainforest

Back up bod Druva paddles even further up the Amazon

+Comment Druva has nabbed a new Druva Cloud Platform (DCP) service gig for protecting, governing and looking into data in Amazon Web Services' Elastic Compute Cloud (EC2), Simple Storage Service (S3), Elastic Block Store (EBS), and the Relational Database Service (RDS). DCP is delivered as-a-service, working across AWS IaaS and PaaS …
Chris Mellor, 13 Nov 2017
A revolving door

Nutanix builds doorway to multiple compute and object storage services

.NEXT Nutanix has a one click, one OS, any cloud concept with new services to virtualise compute and object storage across multiple clouds – both on-premises and public ones. This assumes that on-premises IT is running public cloud style, of course. The company's view is that almost everything is being digitised, and that should …
Chris Mellor, 8 Nov 2017
Murmuration

Feasting on Azure blobs: Caringo and Scality are doing it

Both Caringo and Scality are adding S3 gateways between their object storage and Microsoft's Azure Blob storage. This is a bit old hat really – startup NooBaa provided an S3 frontend to Azure Blobs (Microsoft's form of object storage) in November last year, with a February 2017 ship date. You can download it here. Anyway, …
Chris Mellor, 27 Sep 2017

Guess – go on, guess – where a vehicle tracking company left half a million records

A US outfit that sells vehicle tracking services has been accused of leaving more than half a million records in a leaky AWS S3 bucket. The Kromtech Security Centre, which has made belling this particular cat its hobby, says it found a total of 540,642 ID numbers associated with SVR Tracking, an outfit that uses GPS devices to …
Businessman with unlocked padlock - shutterstck

Aw, not you too, Verizon: US telco joins list of leaky AWS S3 buckets

Yet another major company has burned itself by failing to properly secure its cloud storage instances. Yes, it's Verizon. Researchers with Kromtech Security say they were able to access an AWS S3 storage bucket that contained data used by the US telco giant's billing system and the Distributed Vision Service (DVS) software …
Shaun Nichols, 22 Sep 2017
chicago_crop_648

Don't panic, Chicago, but an AWS S3 config blunder exposed 1.8 million voter records

A voting machine supplier for dozens of US states left records on 1.8 million Americans in public view for anyone to download – after misconfiguring its AWS-hosted storage. ES&S says it was notified by UpGuard researcher Chris Vickery of the vulnerable database that contained personal information it collected from recent …
Shaun Nichols, 17 Aug 2017

Security company finds unsecured bucket of US military images on AWS

“Cyber resilience” company UpGuard claims to have found a publicly-accessible AWS S3 bucket full of classified US intelligence data. The company's Dan O'Sullivan says colleague Chris Vickery found an “unsecured Amazon Web Services 'S3' bucket” and that the firm's “Analysis of the exposed information suggests the overall …
Broken light bulb

Azure storage browns out for eight hours, nobody notices

Users of Microsoft's Azure storage service “may have experienced difficulties provisioning new resources or accessing their existing resources “ for over eight hours on Wednesday and Thursday. Azure storage was also tough to provision for a short time on Wednesday night. The first brownout hit the service's East US region, and …
Simon Sharwood, 17 Mar 2017

SwiftStack drops v5.0, says hybrid IT rules OK!

SwiftStack v5's Cloud Sync provides two-way replication between on-premises data centres and Google Cloud Storage, Amazon S3 and Glacier. Open-source object storage SwiftStack software delivers access to petabytes of unstructured data in a single namespace, with a pay-as-you-grow feature. It first talked about Cloud Sync back …
Chris Mellor, 6 Mar 2017
Amazon data center

Amazon S3-izure cause: Half the web vanished because an AWS bod fat-fingered a command

Amazon has provided the postmortem for Tuesday's AWS S3 meltdown, shedding light on what caused one of its largest cloud facilities to bring a chunk of the web down. In a note today to customers, the tech giant said the storage system was knocked offline by a staffer trying to address a problem with its billing system. …
Shaun Nichols, 2 Mar 2017
SHUT UP!

Tuesday's AWS S3-izure exposes Amazon-sized internet bottleneck

Analysis Amazon’s S3 outage is a gift to Azure and Google, on-premises IT, hybrid cloud supporters and multi-cloud gateways. But it has also exposed inadequate business continuance and disaster recovery provisions by Amazon's business customers. All of them can point the finger at Jeff Bezos and say AWS let users down. And now we know …
Chris Mellor, 1 Mar 2017
Man runs as a fire engine pulls up to a burning building. Pic by Shutterstock

AWS's S3 outage was so bad Amazon couldn't get into its own dashboard to warn the world

Tuesday's Amazon Web Services mega-outage knocked offline not only websites big and small, by yanking away their backend storage, but also knackered apps and Internet of Things gadgets relying on the technology. In fact, the five-hour breakdown was so bad, Amazon couldn't even update its own AWS status dashboard: its red …
Shaun Nichols, 1 Mar 2017

Create a news alert about s3, or find more stories about s3.

Biting the hand that feeds IT © 1998–2018