Monday,
February 17, 2025

🥖 Palette Cleanser

Welcome to a round of hide-and-seek (with AWS) - except this time, the stakes are a little higher than your average childhood game. Forgotten buckets, hidden AWS resources, and ransomware lurking in the shadows… if AWS had a horror genre, this issue would be it.

Think your cloud is squeaky clean? Turns out, what you don’t see can absolutely hurt you. Whether it’s an abandoned S3 bucket waiting to be hijacked, a rogue resource you forgot about, or ransomware locking up your data for a price.

This week’s menu is all about finding and securing the things you forgot existed before the bad guys do. Buckle up, and let’s go ghost-hunting.

Have feedback about AWS Security Digest? Tell us here. This issue is also available to share online.

📋 Chef's selections

  • Find Hidden AWS Resources with Effective Wordlists by Daniel Grzelak

    We’re probably all missing our usual chef, Daniel - so what better way to pay homage to him while he’s off sipping mulled wine somewhere in Europe than by featuring his own work?

    Daniel takes us on a ride into how attackers (and defenders) use wordlists to uncover hidden AWS resources. If you’ve ever assumed your cloud setup was invisible, this might make you rethink that. Just because you can’t see it doesn’t mean someone else won’t find it.

  • The Complete Guide to Cloud-Native Ransomware Protection in Amazon S3 and KMS by Jason Kao

    Jason is back for round two….probably because he knows that if you don’t fix your security holes the first time, attackers will happily revisit them for you. This time, he’s tackling ransomware in AWS, breaking down how bad actors can turn your own encryption against you and what you can do to stop them.

    If your S3 and KMS security strategy is just "hope for the best", his article will make you rethink your life choices. Because nothing ruins a good day like finding out your backups have been backed up by criminals.

  • Abandoned AWS Cloud Storage: A Major Cyberattack Vector by Jai Vijayan

    You know that feeling when you leave food in the fridge a little too long, and it turns into a science experiment? Well, abandoned AWS storage is kinda like that - except instead of weird mold, you get attackers re-registering your old buckets and using them for malware, phishing, or worse.

    This read is a wake-up call for anyone who’s ever spun up an S3 bucket and forgotten about it (so…pretty much all of us?!). If you think out of sight means out of mind, attackers would love to prove you wrong.

🥗 AWS security blogs

🍛 Reddit threads on r/aws

💸 Sponsor shoutout

Have you got a long list of AWS security issues you could fix but no idea how bad any of it really is?

Instead, start a free trial with Plerion. Focus on the 1% of risks that matter & achieve better security outcomes.

Simplify cloud security with Plerion.

🤖 Dessert

Dessert is made by robots, for those that enjoy the industrial content.

🧁 IAM permission changes

🍪 API changes

🍹 IAM managed policy changes

☕ CloudFormation resource changes

🎮 Amazon Linux vulnerabilities

📺 AWS Security Bulletins

    No bulletins this week.

YouTube Twitter LinkedIn

Crafted with ❤️ by Plerion. We simplify cloud security.