A sophisticated cloud extortion campaign has compromised over 110,000 domains by exploiting misconfigured Amazon Web Services (AWS) environment variable (.env) files. By scanning for exposed .env files on unsecured web applications, threat actors were able to obtain AWS Identity and Access Management (IAM) access keys. According to Cyble’s threat intelligence platform, these .env exposures might […]
This article has been indexed from Information Security Buzz