Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Security Flaw in Abandoned AWS S3 Buckets

February 5, 2025
Reading Time: 2 mins read
in Alerts
Malicious Go Package Grants Remote Access

Researchers at WatchTowr Labs recently uncovered a critical security vulnerability in abandoned Amazon Web Services (AWS) S3 buckets that could lead to large-scale cyberattacks, potentially surpassing the impact of the SolarWinds breach. The vulnerability arises from the unique nature of AWS S3 bucket names, which become available for reuse once a bucket is deleted. WatchTowr discovered approximately 150 abandoned S3 buckets, once used by governments, Fortune 500 companies, cybersecurity firms, and open-source projects, that were still being queried for software updates, binaries, and other critical resources. By re-registering these buckets under the same names, attackers could distribute malicious payloads to any system attempting to access these outdated resources.

The vulnerability was demonstrated when WatchTowr researchers re-registered abandoned buckets for just $420.85 and observed over eight million HTTP requests originating from sensitive networks, including U.S. government agencies like NASA, military organizations, universities, and financial institutions. These requests involved various critical resources, such as software binaries, virtual machine images, JavaScript files, and CloudFormation templates. The attackers could exploit this flaw to inject malicious code, deploy ransomware, or gain unauthorized access to sensitive systems by distributing backdoored software updates or compromised virtual machine images.

WatchTowr’s findings reveal that many of the abandoned buckets were integral to critical infrastructure, including military and government systems, which highlights the risk posed by neglected cloud resources. The researchers suggest that the reuse of bucket names should be prevented by AWS to mitigate the risk of these supply chain attacks. This oversight allows attackers to distribute harmful content without detection, especially when the original content is no longer maintained or updated.

The experiment underscores the importance of securing cloud-hosted resources, both active and retired, to avoid exploitation by malicious actors.

As the threat of supply chain attacks grows, with Gartner predicting a threefold increase by 2025, organizations must take proactive steps to secure their cloud assets. WatchTowr advises conducting regular audits of cloud resources, implementing strict access controls, and utilizing digital signature verification for software updates to ensure authenticity. The report stresses that the security of abandoned digital infrastructure should be a top priority, as it can be just as vulnerable as active resources, and its compromise could lead to devastating consequences for both public and private organizations.

Reference:
  • Researchers Expose Security Flaw in Abandoned AWS S3 Buckets
Tags: Cyber AlertsCyber Alerts 2025CyberattackCybersecurityFebruary 2025
ADVERTISEMENT

Related Posts

Hackers Target Libraesva Email Flaw

Hackers Target Libraesva Email Flaw

September 30, 2025
Hackers Target Libraesva Email Flaw

ShadowV2 Botnet Targets Misconfigured AWS

September 30, 2025
Hackers Target Libraesva Email Flaw

Cisco Warns Of IOS Zero Day Bug

September 30, 2025
Fake Microsoft Teams Installers Spread

Fake Microsoft Teams Installers Spread

September 30, 2025
Fake Microsoft Teams Installers Spread

Cybercriminals Use Facebook Google Ads

September 30, 2025
Fake Microsoft Teams Installers Spread

CISA Warns Of Critical Sudo Flaw

September 30, 2025

Latest Alerts

Hackers Target Libraesva Email Flaw

ShadowV2 Botnet Targets Misconfigured AWS

Cisco Warns Of IOS Zero Day Bug

CISA Warns Of Critical Sudo Flaw

Cybercriminals Use Facebook Google Ads

Fake Microsoft Teams Installers Spread

Subscribe to our newsletter

    Latest Incidents

    Ukrainian Hackers Breach Crimean Servers

    Ransomware Gang Claims Maryland Breach

    Arizona School District Data Breach

    Attackers Take Down Asahi Brewer

    Harrods Alerts Customers To Breach

    Hackers Steal Photos From Kido Nursery

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial