Cloud Security Alliance

AWS Ends SSE-C Encryption, and a Ransomware Vector

SSE-C stands (well, stood) for “Server Side Encryption- Customer-provided keys”. It allowed you to provide an encryption key ...
Bleeping Computer

Ransomware abuses Amazon AWS feature to encrypt S3 buckets

A new ransomware campaign encrypts Amazon S3 buckets using AWS's Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption ...

Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days

A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant's own server-side encryption with ...
InfoQ

AWS Launches Amazon S3 Dual-Layer Server-Side Encryption with Keys Stored in AWS KMS

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Bleeping Computer

Amazon S3 will now encrypt all new data with AES-256 by default

Amazon Simple Storage Service (S3) will now automatically encrypt all new objects added on buckets on the server side, using AES-256 by default. While the server-side encryption system has been ...
CSOonline

Baffle to offer tenant-level data encryption to AWS users

Baffle has integrated homegrown key management capability with AWS server-side encryption, allowing SaaS applications to isolate and encrypt data at the customer level. SaaS applications running on ...