cyberfeed.io — security news aggregator

Vulnerability management across hybrid cloud

cybersecurity • 2025-10-26 • www.reddit.com

I'm running into a wall with our current vulnerability management setup. We've got workloads spread across on-prem, AWS, and Azure, and I'm drowning in CVE alerts that aren't actually exploitable in our environment. Half of the vulnerabilities flagged are on systems behind three layers of security groups with no internet access, but they still get the same priority as internet-facing boxes. What's a good approach to filter by actual risks? submitted by /u/jilelectra [link] [comments]

#vulnerability #cloud #patch-management #azure #aws

Cybersecurity Newsletter Weekly - AWS Outage, WSUS Exploitation, Chrome Flaws, and RDP Attacks

Cyber Security News • 2025-10-26 • cybersecuritynews.com

Welcome to this week's edition of the Cybersecurity Newsletter, where we dissect the latest threats, vulnerabilities, and disruptions shaping the digital landscape. As organizations navigate an increasingly complex threat environment, staying ahead of emerging risks has never been more critical. This week, we're zeroing in on major incidents that underscore the fragility of cloud infrastructure,

#exploit #vulnerability #cloud #aws

Red Team Engagement Video Demo - Game of Active Directory

cybersecurity • 2025-10-26 • www.reddit.com

I'm releasing a fully public red team engagement video demo and an accompanying report after building the Game of Active Directory lab on AWS EC2 with Mythic C2. I ran the environment for about a week (not continuously) and the total cost ended around $28.40. The lab can also be deployed locally in a VM if you have sufficient RAM and storage (I didn't). The video walks through the full compromise from initial AD reconnaissance, ACL abuse, targeted kerberoasting, shadow credential attacks, to...

#red-team #aws

Docker Hub Incident Report - October 20, 2025

Docker • 2025-10-24 • www.docker.com

Docker experienced significant disruptions due to a widespread outage in AWS's US-East-1 region on October 20, 2025. Developers worldwide rely on Docker as part of their daily workflow, and we regret the disruption this caused. In this post, we want to provide transparency about what happened, what we have learned, and how we are strengthening

#incident #docker #aws

Amazon: This week's AWS outage caused by major DNS failure

BleepingComputer • 2025-10-24 • www.bleepingcomputer.com

Amazon says a major DNS failure was behind a massive AWS (Amazon Web Services) outage that took down many websites and online services on Monday.

#aws

Amazon Uncovers Root Cause of Major AWS Outage That Brokes The Internet

Cyber Security News • 2025-10-24 • cybersecuritynews.com

Amazon Web Services (AWS), the backbone for countless websites and services, faced a severe outage last weekend that disrupted operations for millions. The incident, which unfolded in the early hours of October 20, 2025, exposed vulnerabilities in even the most robust systems and left users scrambling. The trouble began at 11:49 PM PDT on October

#vulnerability #incident #aws

My AWS Account Got Hacked - Here is What Happened

cybersecurity • 2025-10-23 • www.reddit.com

submitted by /u/zvikizviki [link] [comments]

#aws

My AWS Account Got Hacked - Here Is What Happened

Technical Information Security Content & Discussion • 2025-10-23 • www.reddit.com

submitted by /u/zvikizviki [link] [comments]

#aws

Enterprise SIEM or SOAR Solution integrated with Microsoft Defender

cybersecurity • 2025-10-23 • www.reddit.com

Hello, is there any solution out there targeted towards orgs that don't have infrastructure in Azure or AWS? Looking for a fixed price solution for less than 200 endpoints. Sentinels 100gb minimum sounds like way too much. submitted by /u/StallCypher [link] [comments]

#soar #azure #aws #siem

Introducing AWS RTB Fabric for real-time advertising technology workloads

AWS News Blog • 2025-10-23 • aws.amazon.com

AWS RTB Fabric is a fully managed service designed for real-time bidding advertising workloads that enables AdTech companies to connect with their supply and demand partners through a dedicated, high-performance network environment, delivering single-digit millisecond performance and up to 80% lower networking costs compared to standard cloud connections while eliminating the need for colocation infrastructure or upfront commitments.

#cloud #aws

AWS - Loop Interview (Security Engineering)

cybersecurity • 2025-10-22 • www.reddit.com

Anyone familiar with the Loop interview process for a Security Engineering adjacent role at AWS? There will be a live scripting/coding portion. I am looking for some good preparation material. Kind of looking to significantly up my game in this arena. submitted by /u/Techatronix [link] [comments]

#aws

Signal is critisized for relying on Amazon web services, which caused it to be affected by the recent outage

cybersecurity • 2025-10-22 • www.reddit.com

submitted by /u/rkhunter_ [link] [comments]

#aws

How to choose the right AWS service for managing secrets and configurations

AWS Security Blog • 2025-10-22 • aws.amazon.com

When building applications on AWS, you often need to manage various types of configuration data, including sensitive values such as API tokens or database credentials. From environment variables and API keys to passwords and endpoints, this configuration data helps determine application behavior. AWS offers managed services that you can use for different aspects of managing

#aws

Customer Carbon Footprint Tool Expands: Additional emissions categories including Scope 3 are now available

AWS News Blog • 2025-10-22 • aws.amazon.com

AWS has expanded its Customer Carbon Footprint Tool (CCFT) to include Scope 3 emissions data alongside updated Scope 1 and 2 emissions, giving customers more insight into their carbon impact. The CCFT now tracks emissions from fuel- and energy-related activities (FERA), IT hardware, buildings, equipment, and transportation. AWS customers can access this information and track changes over time through the AWS Billing console.

#security-tools #aws

Security consolidations yay / Nay

cybersecurity • 2025-10-22 • www.reddit.com

Hey guys, Wanted to get a group feel on something. I've been reading a lot about tool and policy consolidation lately, and I get the argument visibility and unified control sound great. But the AWS outage last week was a good reminder of what happens when everything depends on one system. One DNS failure took out services for thousands of companies. That's the same trade-off we're making in security when we centralize control: one misconfig, one breach, and the blast radius is massive. Anyone...

#breach #security-tools #incident #aws

The AWS Outage Bricked People's $2,700 Smartbeds

404 Media • 2025-10-22 • www.404media.co

When Amazon Web Services went offline, people lost control of their cloud-connected smart beds, getting stuck in reclined positions or roasting with the heat turned all the way up.

#cloud #aws

Using AWS Secrets Manager Agent with Amazon EKS

AWS Security Blog • 2025-10-21 • aws.amazon.com

AWS Secrets Manager is a service that you can use to manage, retrieve, and rotate database credentials, application credentials, API keys, and other secrets throughout their lifecycles. You can also use Secrets Manager to replace hard-coded credentials in application source code with runtime calls to retrieve credentials dynamically when needed. Managing secrets in Amazon Elastic

#aws

The attendee guide to digital sovereignty sessions at AWS re:Invent 2025

AWS Security Blog • 2025-10-21 • aws.amazon.com

AWS re:Invent 2025, the premier cloud computing conference hosted by Amazon Web Services (AWS), returns to Las Vegas, Nevada, from December 1 - 5, 2025. This flagship event brings together the global cloud community for an immersive week of learning, collaboration, and innovation across multiple venues. Whether you're a cloud expert, business leader, or technology enthusiast, re:Invent

#cloud #aws

Publix outage due to ddos

cybersecurity • 2025-10-21 • www.reddit.com

Publix had a pretty good outage yesterday after 5pm, they couldn't accept debit cards in any stores for a few hours. employees in the store said it was aws related but an insider in their NOC is saying it was a ddos attack where akamai received too much traffic to them and let the traffic through, causing an outage, until they cools then determine the fingerprints to filter it. https://www.reddit.com/r/publix/comments/1obxp3l/publix_systems_outage_what_actually_happened_from/ submitted by...

#incident #aws

AWS Declares Major Outage Resolved After Nearly 24 Hours of Disruption

Cyber Security News • 2025-10-21 • cybersecuritynews.com

Amazon Web Services (AWS), the world's largest cloud computing provider, has officially marked a widespread outage in its US-EAST-1 region as resolved, following nearly a full day of cascading failures that disrupted services for millions worldwide. The incident, which began late on October 19, 2025, and persisted until early afternoon on October 20, highlighted the

#incident #cloud #aws