AWS S3: Account Regional Namespaces End Bucket Squatting

Amazon S3 now allows account-bound bucket names. This ends bucket squatting for new buckets and simplifies naming in ...
Dark Reading

AWS's Predictable Bucket Names Make Accounts Easier to Crack

The Amazon Web Services Cloud Development Kit (CDK), a popular open source tool, allows cyber teams to conveniently build software-defined cloud infrastructure with widely used programming languages, ...
CSOonline

S3 shadow buckets leave AWS accounts open to compromise

Attackers can gain access to AWS accounts or sensitive data by creating in advance S3 storage buckets with predictable names that will be automatically used by various services and tools. Researchers ...
CSOonline

Predictable AWS cloud deployment resources allow full account takeover

Amazon Web Services (AWS) is urging its open-source Cloud Development Kit (CDK) users to apply fixes now available for a flaw that, under certain circumstances, can allow complete account takeover.