Analyze resource-based policy dependencies across your AWS Organizations accounts
Managing multiple AWS accounts in an organization can get complicated, especially when trying to understand how services and permissions are connected. The Account Assessment …
YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection
YES3 Scanner is an open-source tool that scans and analyzes 10+ different configuration items for your S3 buckets in AWS. This includes access such as public access via ACLs …
Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover
Wiz researchers have unearthed several critical vulnerabilities affecting Ingress NGINX Controller for Kubernetes (ingress-nginx) that may allow attackers to take over …
Finders Keypers: Open-source AWS KMS key usage finder
Finders Keypers is an open-source tool for analyzing the current usage of AWS KMS keys. It supports both AWS customer managed KMS keys and AWS Managed KMS keys. Use cases …
Echoworx launches Manage Your Own Keys feature powered by AWS
Echoworx has unveiled its “Manage Your Own Keys” (MYOK) feature, powered by AWS Key Management Service (AWS KMS), an Amazon Web Services (AWS) service. This solution gives …
Attackers are encrypting AWS S3 data without using ransomware
A ransomware gang dubbed Codefinger is encrypting data stored in target organizations’ AWS S3 buckets with AWS’s server-side encryption option with customer-provided …
The shocking speed of AWS key exploitation
It’s no secret that developers often inadvertently expose AWS access keys online and we know that these keys are being scraped and misused by attackers before …
AWS offers incident response service
Amazon Web Services (AWS) has launched a new service to help organizations prepare for and recover from ransomware attacks, account takeovers, data breaches, and other …
Deploy a SOC using Kali Linux in AWS
The Kali SOC in AWS project is a Terraform-based implementation that enables the deployment of a Security Operations Center (SOC) in AWS, utilizing the Kali Linux toolset for …
AWS security essentials for managing compliance, data protection, and threat detection
AWS offers a comprehensive suite of security tools to help organizations manage compliance, protect sensitive data, and detect threats within their environments. From AWS …
Whispr: Open-source multi-vault secret injection tool
Whispr is an open-source CLI tool designed to securely inject secrets from secret vaults, such as AWS Secrets Manager and Azure Key Vault, directly into your application’s …
The Cloud Latency Map measures latency across 100+ cloud regions
Kentik launched The Cloud Latency Map, a free public tool allowing anyone to explore the latencies measured between over 100 cloud regions worldwide. Users can identify recent …
Featured news
Resources
Don't miss
- Klue breach lead to Salesforce data theft, Huntress affected
- Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253)
- Your browser tab could become encrypted storage for someone else’s files
- Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned
- 74,000 Fortinet firewall credentials exposed in FortiBleed data leak