Cloud misconfiguration has evolved and your controls haven’t

In this Help Net Security video, Kat Traxler, Principal Security Researcher – Public Cloud at Vectra AI, walks through two AWS misconfigurations that go beyond the basics of bucket visibility.

The first is bucket name squatting. Because S3 uses a global namespace, attackers can register bucket names they expect a target company will use, then wait for data or code to route their way. AWS recently addressed this by tying bucket names to account IDs and regions, and Traxler urges viewers to make the switch.

The second is the cross-service confused deputy problem. When a resource policy trusts an AWS service like CloudTrail without specifying the source account, an attacker in a separate account can point that same service at your infrastructure. The fix is adding a condition key to resource policies that locks trust to a specific account or organization.

Webinar: The True State of Security 2026