AWS's Journey to Cloud System Reliability: Integrating Formal and Semi-Formal Methods
AWS has transformed its cloud system validation through innovative formal and semi-formal methods, from TLA+ to the P programming language and PObserve. These practices have enabled AWS to deliver highly reliable services while achieving significant performance improvements across critical infrastructure.
Hijacked AWS Storage Buckets Expose Major Organizations to Supply Chain Attacks
Security researchers discovered 150 abandoned AWS S3 storage buckets previously used by major organizations that could be easily re-registered and hijacked. The vulnerability allowed researchers to gain control over storage locations still receiving millions of requests from government agencies and corporations.
Chinese CDN Exploits AWS and Azure in Massive Cloud Infrastructure Abuse Scheme
Investigation reveals Funnull, a Chinese CDN, is misusing AWS and Azure cloud services to host scam websites through deceptive IP address cycling. The scheme involves over 1,400 rented IPs used for investment scams and fake gambling operations, highlighting growing challenges in cloud security.
Location Data Broker's Massive Breach Exposes Privacy Vulnerabilities Following FTC Action
A catastrophic data breach at Gravy Analytics compromised 17 terabytes of sensitive location data from millions of mobile devices, occurring shortly after FTC mandated privacy reforms. The incident exposes widespread collection of user location data through popular apps and raises concerns about industry security practices.
Major Privacy Breach: Data Broker Exposes Location History of Millions Through iPhone App Tracking
A significant security breach at Gravy Analytics has compromised sensitive location data from millions of iPhone and Android users through popular apps. The incident, occurring shortly after FTC restrictions on the company, raises alarming concerns about data broker practices and personal privacy protection.
EU Fined €400 for Violating Its Own GDPR Privacy Rules
In a landmark case, the European Union faces a €400 fine for breaching its own GDPR privacy regulations when transferring user data through AWS to Meta's servers. The unprecedented self-imposed penalty highlights ongoing challenges in implementing and enforcing data protection standards.
Volkswagen Data Breach Exposes Location and Personal Data of 800,000 European EV Owners
A critical security lapse in Volkswagen's cloud storage exposed sensitive information of electric vehicle owners across Europe, including precise location data and contact details. The breach affected vehicles from multiple VW Group brands and has raised serious concerns about data protection in modern connected cars.
Volkswagen Data Breach Exposes Location Data of 800,000 EV Owners
A major security breach at Volkswagen's software subsidiary exposed sensitive location data and personal information of 800,000 electric vehicle owners across Europe. The unprotected cloud server leaked precise location tracking data for months, affecting politicians, police fleets and potentially intelligence personnel.
Volkswagen Data Breach Exposes Location Data of 800,000 Electric Vehicles
A major security flaw in Volkswagen's cloud storage exposed precise location data and personal information of hundreds of thousands of electric vehicle owners across multiple brands. The breach, discovered by a whistleblower, revealed detailed movement profiles collected through the company's connected car app.
Major Privacy Breach Exposes Location Data of 800,000 VW Group Electric Vehicles
A critical security flaw at Volkswagen's Cariad software unit exposed sensitive GPS coordinates and personal information of hundreds of thousands of electric vehicles across Europe. The breach, which revealed detailed tracking data through an unprotected AWS storage system, affected vehicles from VW, Audi, Seat and Skoda brands.