This new open-source tool is hunting for public AWS S3 buckets to spy on

Cloud misconfigurations are one of the biggest causes of data breaches these days, and one security researcher has now set out to fix it with a new tool.

Built on Python, S3crets Scanner allows security researchers and analysts to look for “secrets” that companies exposed to the public, by mistake, through their company’s AWS S3 storage buckets.

As explained by BleepingComputer, secrets include authentication keys, access tokens, or API keys, all of which can be used by threat actors to deal plenty of damage. For example, these secrets can be used to access the company’s corporate network and endpoints, which could result in data theft, malware infections, or even ransomware attacks. 

Targeting PII

The tool was built by security researcher Eilon Harel to only look for secrets exposed by mistake. It does so by only scanning S3 buckets that have specific configurations set to false, such as “BlockPublicAcls”, “BlockPublicPolicy”, “IgnorePublicAcls”, and “RestrictPublicBuckets”. Any other buckets are filtered out. 

Buckets that match the above criteria will be downloaded as text files, and scanned using the Trufflehog3 tool which checks for credentials and private keys on S3 buckets, but also GitHub, GitLab, and filesystems. Harel created a unique set of rules for Trufflehog3, which targets personally identifiable information (PII) exposure, as well as internal access tokens. 

Harel believes the tool can help businesses expose fewer secrets, consequently suffering fewer data leaks and similar cybersecurity incidents. He also believes it can be used for white-hat operations, as researchers can scan publicly accessible buckets for misconfigurations and notify the businesses before bad actors.

A multi-cloud environment is essential for businesses these days, but securing data in such a system is one of the biggest challenges they face. A recent report by cybersecurity experts Radware states that 70% of senior execs, DevOps leaders, and other seniors, aren’t confident they can properly secure both on-prem and multi-cloud environments. 

Via: BleepingComputer



from TechRadar - All the latest technology news https://ift.tt/wluUGQf
Share:

No comments:

Post a Comment

Categories

Rove Reviews Youtube Channel

  1. Subscribe to our youtube channel
  2. Like our videos and share them too.
  3. Our youtube channel name Rove reviews.

WITNUX

This website is made by Witnux LLC. This website provides you with all the news feeds related to technology from large tech media industries like GSM Arena, NDTV, Gadgets 360, Firstpost and many other such ates altogether at technical depicts so that you need not go to several sites to view their post provide you advantantage of time.

From the developer
Tanzeel Sarwar

OUR OTHER NETWORKS

OUR YOUTUBE CHANNEL

ROVE REVIEWS PLEASE SUBSCRIBE

OUR FACEBOOK PAGE

The Rove Reviews

Support

Trying our best to provide you the best DONATE or SUPPORTour site Contact me with details how are you gonna help us