Friends amazon account got hacked. They logged in, changed the e-mail and then registered a new account using the old e-mail. Made me realise "change e-mail" funcitonality should require e-mail access, not just password access. #infosec #thoughts
-
-
Yes I’ve heard stories of people scraping Github for API keys to run miners. Someone I know got a $25.000 bill after someone stole their keys. In the end Amazon cleared it but be sure to get in touch with them if you suspect malicious activity!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Oh yes. It is actually why I stopped using Amazon Glacier, because (at least back then) Amazon will force you to pay for all the power the attacker used, and you could not have Glacier without an account where you could buy computing power.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Wouldn't be surprising. People write scripts to slurp up credentials and API keys posted to github to then use them to run miners...
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.