AWS rolls out Security Agent and strengthens GuardDuty and Security Hub at re:Invent 2025

The announcements, made at the annual AWS re:Invent 2025 conference in Las Vegas, included a preview launch of AWS Security Agent, the general availability of an upgraded AWS Security Hub and an ...

Amazon: Ongoing cryptomining campaign uses hacked AWS accounts

Amazon's AWS GuardDuty security team is warning of an ongoing crypto-mining campaign that targets its Elastic Compute Cloud ...
The Hacker News

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

Amazon reports a new AWS crypto mining campaign abusing IAM credentials, ECS, EC2, and termination protection for persistence ...
The Register on MSN

Crypto crooks co-opt stolen AWS creds to mine coins

Within 10 minutes of gaining initial access, crypto miners were operational' Your AWS account could be quietly running ...
Dark Reading

Attackers Use Stolen AWS Credentials in Cryptomining Campaign

Threat actors wielding stolen AWS Identity and Access Management (IAM) credentials leverage Amazon EC and EC2 infrastructure ...
Hosted on MSN

AWS, Azure and Google Cloud credentials from old accounts are putting businesses at risk

Report warns long-lived credentials remain a significant security risk Outdated access keys increase vulnerability across cloud platforms Automated credential management is crucial for cloud security ...

Apple alerted Amazon about a potential cloud security risk, prompting a change in AWS's data-deletion process

Amazon Web Services enhanced its data-deletion process after Apple highlighted the potential security risk in 2023.
CSOonline

Predictable AWS cloud deployment resources allow full account takeover

Amazon Web Services (AWS) is urging its open-source Cloud Development Kit (CDK) users to apply fixes now available for a flaw that, under certain circumstances, can allow complete account takeover.