Breaking
December 16, 2024

AWS, Azure and Google Cloud credentials from old accounts are putting businesses at risk udinmwenefosa@gmail.com (Efosa Udinmwen) | usagoldmines.com

  • Report warns long-lived credentials remain a significant security risk
  • Outdated access keys increase vulnerability across cloud platforms
  • Automated credential management is crucial for cloud security

As cloud computing adoption continues to rise, organizations increasingly rely on platforms such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud for their infrastructure and services, however, this means their security risks also grow more complex.

The recent Datadog State of Cloud Security 2024 report reveals one particularly concerning issue – the use of long-lived credentials, which pose significant security threats across all major cloud providers.

Despite advancements in cloud security tools and practices, many organizations still use long-lived credentials, which do not expire automatically.

The prevalence of long-lived credentials

Long-lived credentials, particularly those that are no longer actively managed, can serve as an easy target for attackers. If leaked or compromised, they could provide unauthorized access to sensitive data or systems. The longer these credentials remain in place without rotation or monitoring, the greater the risk of a security breach.

Datadog’s report reveals nearly half (46%) of organizations still have unmanaged users with long-lived credentials. These credentials are particularly problematic because they are often embedded in various assets such as source code, container images, and build logs. If these credentials are not properly managed, they can easily be leaked or exposed, providing an entry point for attackers to access critical systems and data.

Almost two-thirds 62% of Google Cloud service accounts, 60% of AWS Identity and Access Management (IAM) users, and 46% of Microsoft Entra ID applications have access keys that are more than a year old.

In response to these risks, cloud providers have been making strides toward improving security. Datadog’s report notes that the adoption of cloud guardrails is on the rise. These guardrails are automated rules or configurations designed to enforce security best practices and prevent human error.

For instance, 79% of Amazon S3 buckets now have either account-wide or bucket-specific public access blocks enabled, up from 73% the previous year. However, while these proactive measures are a step in the right direction, long-lived credentials remain a major blind spot in cloud security efforts.

Furthermore, the report added there is a conspicuously high number of cloud resources with overly permissive configurations.

About 18% of AWS EC2 instances and 33% of Google Cloud VMs were found to have sensitive permissions that could potentially allow an attacker to compromise the environment. In cases where a cloud workload is breached, these sensitive permissions can be exploited to steal associated credentials, enabling attackers to access the broader cloud environment.

In addition, there is the risk of third-party integrations, which are common in modern cloud environments. More than 10% of third-party integrations examined in the report were found to have risky cloud permissions, potentially allowing the vendor to access sensitive data or take control of the entire AWS account.

What’s more, 2% of these third-party roles do not enforce the use of External IDs, leaving them susceptible to a “confused deputy” attack, a scenario where an attacker tricks a service into using its privileges to perform unintended actions.

“The findings from the State of Cloud Security 2024 suggest it is unrealistic to expect that long-lived credentials can be securely managed,” said Andrew Krug, Head of Security Advocacy at Datadog.

“In addition to long-lived credentials being a major risk, the report found that most cloud security incidents are caused by compromised credentials. To protect themselves, companies need to secure identities with modern authentication mechanisms, leverage short-lived credentials and actively monitor changes to APIs that attackers commonly use,” Krug added.

You might also like

​ 

This articles is written by : Nermeen Nabil Khear Abdelmalak

All rights reserved to : USAGOLDMIES . www.usagoldmines.com

You can Enjoy surfing our website categories and read more content in many fields you may like .

Why USAGoldMines ?

USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.

Recent:

NYT Strands today — my hints, answers and spangram for Monday, December 16 (game #288) | usagoldmin...
NYT Connections today — my hints and answers for Monday, December 16 (game #554) | usagoldmines.com
Quordle today – my hints and answers for Monday, December 16 (game #1057) | usagoldmines.com
AirTag 2 Expected to Launch Next Year With 'Considerable' Upgrade to Item Tracking Joe Rossignol | u...
Ransomware defenses are being weakened by outdated backup technology, limited backup data encryption...
Build your own super mini PC with this $338 AMD AM5 barebone workstation that has OCuLink, two 2.5Gb...
'iPhone 17 Air' With 'Major' Design Changes and 19-Inch MacBook Detailed in New Report Joe Rossignol...
The Samsung Galaxy S25 is tipped to come with a huge Bixby AI upgrade | usagoldmines.com
5 useful PC upgrades to plug into your unused PCIe slots | usagoldmines.com
Best gaming laptops under $1,000: Expert picks that won’t break the bank | usagoldmines.com
Best Windows backup software 2024: Protect your data! | usagoldmines.com
Best VPNs for Android 2024: Our picks for phones and tablets | usagoldmines.com
9 tweaks that turn off your Windows PC’s most annoying ads | usagoldmines.com
Apple 'Working' on Redesigned Magic Mouse With a Long-Awaited 'Fix' Joe Rossignol | usagoldmines.com
China launches new compact radiation detection chip for semiconductor self-reliance udinmwenefosa@gm...
We just got a hint that we might have to pay more for the iPhone 17 | usagoldmines.com
Identity fraud attacks using AI are fooling biometric security systems udinmwenefosa@gmail.com (Efos...
This free tool offers SMBs critical insights into compromised credentials found on the dark web udin...
NotLockBit ransomware targets Apple users with advanced file-locking and data exfiltration udinmwene...
Microsoft 365 fees adding up? Get a permanent Office license for cheap | usagoldmines.com
Master the art of AI and make automation your new superpower | usagoldmines.com
AI investment isn't slowing down — venture capitalists are funding startups while trying to grapple ...
NYT Strands today — my hints, answers and spangram for Sunday, December 15 (game #287) | usagoldmin...
Quordle today – my hints and answers for Sunday, December 15 (game #1056) | usagoldmines.com
NYT Connections today — my hints and answers for Sunday, December 15 (game #553) | usagoldmines.com
US border surveillance towers face significant operational failures — vast areas unwatched, national...
Hey sysadmin, this is the perfect Christmas laptop gift for you; HX 370-powered Pocket 4 has a RS232...
Chinese flagship phones are great value for money, but they won't stay cheaper for much longer – her...
Rivian Gets Google Cast, YouTube App in Holiday Update Kellen | usagoldmines.com
The Samsung Galaxy S25 Ultra could come with a stylish new color | usagoldmines.com
Galaxy Watch Ultra Gets $460 Off Deal, But You Get a Bonus Free $80 Band Too Kellen | usagoldmines.c...
UGREEN Takes Up to 40% Off Uno Chargers and More in Amazon Sale Mitchel Broussard | usagoldmines.com
US government to restrict investments in China's high-tech sectors to safeguard national security ud...
Galaxy S24 Ultra Keeps Sitting at $800 Off With Trades Kellen | usagoldmines.com
Top Stories: iOS 18.2 Out Now, iPhone and Mac Rumors, and More MacRumors Staff | usagoldmines.com
The new Vault Hunter designs in Borderlands 4 are fine actually, you’re all just being mean christia...
Apple rumored to have started production on the iPhone 17 Air | usagoldmines.com
The US wants security requirements as standard to stop sensitive data from falling into enemy hands ...
EU citizens are enthusiastic about AI use in law enforcement, but some fear it is a danger to democr...
iMac Pro Launched Seven Years Ago Today Hartley Charlton | usagoldmines.com
Samsung Galaxy S25 rumored features: the key tipped upgrades on the S25 line | usagoldmines.com
Hugging Face launches an open source tool for affordable AI deployment udinmwenefosa@gmail.com (Efos...
The easiest way to get a $45 Costco Digital Shop Card | usagoldmines.com
ICYMI: the week's 7 biggest tech stories from Samsung's XR headset reveal to Apple's 17 favorite App...
Paramount Plus: how to watch, price, free trial, movies, TV shows, and more tom.power@futurenet.com ...
The Bose New Soundlink Flex Is Down to Its Lowest Price (and It Arrives Before Christmas) Daniel Oro...
11 of the Best Music Documentaries Ever Made Jason Keil | usagoldmines.com
Four Situations When Supplemental Health Insurance Makes Sense (When You’re Not Retired) Jeff Somers...
All The Biggest Reveals From the 2024 Game Awards Michelle Ehrhardt | usagoldmines.com
iOS 18.2: What You Can Do With Visual Intelligence Juli Clover | usagoldmines.com
Character.AI won't let its chatbots get romantic with teenagers anymore erichs211@gmail.com (Eric Ha...
NYT Strands today — my hints, answers and spangram for Saturday, December 14 (game #286) | usagoldm...
NYT Connections today — my hints and answers for Saturday, December 14 (game #552) | usagoldmines.c...
Quordle today – my hints and answers for Saturday, December 14 (game #1055) | usagoldmines.com
The Best Ways to Find a Running Track Near You (and a Beginner’s Workout to Try) Beth Skwarecki | us...
What You Can and Can't Make With iOS 18.2's Genmoji Feature Juli Clover | usagoldmines.com
Malcolm, Malcolm, Malcolm! Yes, 'Malcolm in the Middle' is being revived for Disney Plus jacob.krol@...
Amazon teams up with Samsung rival to design and build bespoke next generation tech that will help A...
The Intel Arc B580 GPU could rejuvenate the budget PC market - here's why allisa.james@futurenet.com...
Bird flu jumps from birds to human in Louisiana; patient hospitalized Beth Mole | usagoldmines.com
My Best Advice for Shipping Holiday Cookies Without Ruining Them Allie Chanthorn Reinmann | usagoldm...
ChatGPT Can Finally See Jake Peterson | usagoldmines.com
Yearlong supply-chain attack targeting security pros steals 390K credentials Dan Goodin | usagoldmin...
Windows PCs are full of ads. These 9 settings turn off the worst ones | usagoldmines.com
Classic Outlook gets an official ‘death date’ as users are urged to switch | usagoldmines.com
Mint Mobile Cuts $400 Off Pixel 9 Pro, Gives You Unlimited for 12 Months at 50% Off Kellen | usagold...
You Can Max Out Your IRA Contributions for Longer Than You Might Think Emily Long | usagoldmines.com
iOS 18.2: Here's How Mail Categories Work Juli Clover | usagoldmines.com
ChatGPT's new Projects feature can organize your AI clutter erichs211@gmail.com (Eric Hal Schwartz) ...
December Pixel Update Expands to Pixel Fold, Pixel 7 on T-Mobile Kellen | usagoldmines.com
WhatsApp Now Lets You Call Select Members of a Group Chat Jake Peterson | usagoldmines.com
Toxic Christmas Tree Water and Other Holiday Pet Dangers You Never Knew About Lindsey Ellefson | usa...
Best laptops for college students 2024: Top picks and expert advice | usagoldmines.com
It’s Time to Learn What ‘Core Sleep’ Actually Is Beth Skwarecki | usagoldmines.com
Report: Apple to Stop Selling iPhone 14 and iPhone SE in EU This Month Joe Rossignol | usagoldmines....
Best Apple Deals of the Week: Steep Discounts Hit Apple Watches and Bands, Plus Sales on AirTag, Ank...
“6G can efficiently enable intelligent computing everywhere”: Qualcomm offers an exclusive sneak pee...
Hackers are abusing Microsoft tools more than ever before | usagoldmines.com
Microsoft announced Phi-4, a new AI that’s better at math and language processing | usagoldmines.co...
Google Home Devices Get First Taste of Gemini in Place of Assistant Kellen | usagoldmines.com
This iPhone 15 Pro Max Is Less Than $900 Pradershika Sharma | usagoldmines.com
Google Maps’ Best Feature Is About to Get a Lot Less Useful David Nield | usagoldmines.com
Apple Begins Selling New Vision Pro Carry Sling and Exclusive Charging Accessories Juli Clover | usa...
I didn’t expect Fallout to win Best Adaptation at The Game Awards 2024 when Netflix’s Arcane was suc...
This Yoto Mini 'fire hazard' children's speaker has been recalled again due to its overheating batte...
Werner Herzog muses on mysteries of the brain in Theater of Thought Jennifer Ouellette | usagoldmine...
Nvidia stokes RTX 50-series hype with Witcher 4 and a global LAN party | usagoldmines.com
Google’s Pixel Camera Update Returns Quick Access Controls, and Folks are Happy Kellen | usagoldmine...
This Free App Archives and Deletes Your Tweets Justin Pot | usagoldmines.com
Now Is the Best Time to Get a Deal on a Used Car Emily Long | usagoldmines.com
The MacRumors Show: Apple's 2024 – Year in Review Hartley Charlton | usagoldmines.com
M2 iPad Air Holiday Deals Include $100 Off and All-Time Low Prices at Best Buy Mitchel Broussard | u...
Civil societies warn against EU plans to make digital devices monitorable at all times chiara.castro...
Prime Video is testing a great new feature that'll use AI to better recommend movies and shows | us...
eM Client boosts email offerings with Postbox acquisition udinmwenefosa@gmail.com (Efosa Udinmwen) |...
Project Moohan shows Samsung doesn’t understand what makes the Meta Quest 3 special – and I don't t...
Where is Apple CarPlay 2? A 2024 launch is looking unlikely, but not impossible alexblake.techradar@...
Apple forced to patch iOS and macOS security flaw that could have leaked your private info | usagol...
Astro Bot takes home four major awards at The Game Awards 2024, including Game of the Year | usagol...
Americans spend more years being unhealthy than people in any other country Beth Mole | usagoldmines...

Leave a Reply