Security researchers reported a security flaw in Google Apps Script that can enable hackers and cybercriminals to deliver Google Drive-hosted malware when abused and exploited.
A year that saw major data breaches, including some notable ones from companies like Uber and Equifax, just saw another breach that will likely rank as among 2017’s most notable incidents.
Classified information from the NSA and US Army was left exposed on a misconfigured cloud server. Over 100 gigabytes of data about old intelligence-sharing projects was found on an unsecured and public Amazon Web Service (AWS) storage server.
DJI, one of the largest drone manufacturers in the world, was the subject of an information exposure incident when a researcher discovered that it left the private key for its HTTPS certificate on GitHub for four years.
A misconfigured Amazon S3 bucket has accidentally compromised 48,270 personally identifiable information (PII) from Australian employees working in government agencies, banks, and a utility company.
Misconfigured cloud servers continue to be a problem. As cloud services are rapidly gaining ground globally and across all industries, many organizations adopt the technology without fully securing it.