Beyond S3: Exposed Resources on AWS
It's not just S3 buckets that are exposed. Duo's security research team found a number of other publicly available Amazon Web Services (AWS) resources, including cloud backup and misconfigured servers.
As Duo's security research team, Duo Labs is dedicated to disrupting, de-risking and democratizing complex security topics and sharing their innovations with the broader community. Learn more: duo.com/labs
157 Articles Found
It's not just S3 buckets that are exposed. Duo's security research team found a number of other publicly available Amazon Web Services (AWS) resources, including cloud backup and misconfigured servers.
Duo has been working with Google since last year on the Android Protected Confirmation API - a way to verify that only humans are responding to a prompt - and we've prototyped an integration with Duo Mobile to enhance 2FA security.
Duo's security team explores how the T2 coprocessor is being used by Apple and how it fits into the larger system security model, as well as how this may evolve in the future.
Duo Labs security researchers show how to bypass microcontroller interfaces used for internet of things (IoT) devices - these invasive attacks require physical access to typical microcontrollers.
Duo Labs performed an analysis of Objective-C binaries running on managed macOS endpoints in enterprise environments, using the Interactive Disassembler (IDA Pro) to perform disassembly and decompilation of the binaries.