Lunch Time Nibbles - 2022-09-01

Welcome to another Lunch Time breakout:

Over 1,800 Android and iOS Apps Found Leaking Hard-Coded AWS Credentials
Researchers have identified 1,859 apps across Android and iOS containing hard-coded Amazon Web Services (AWS) credentials, posing a major security risk. "Over three-quarters (77%) of the apps contained valid AWS access tokens allowing access to private AWS cloud services," Symantec's Threat Hunter team, a part of Broadcom Software, said in a report shared with The Hacker News. Interestingly, a
Read more....

Infra Used in Cisco Hack Also Targeted Workforce Management Solution
The attack infrastructure used to target Cisco in the May 2022 incident was also employed against an attempted compromise of an unnamed workforce management solutions holding company a month earlier in April 2022. Cybersecurity firm Sentire, which disclosed the findings, raised the possibility that the intrusions could be the work of a criminal actor known as mx1r, who is said to be a member of
Read more....

Over 1,000 iOS apps found exposing hardcoded AWS credentials
Security researchers are raising the alarm about mobile app developers relying on insecure practices that expose Amazon Web Services (AWS) credentials, making the supply chain vulnerable. [...]
Read more....

Neopets says hackers had access to its systems for 18 months
Neopets has released details about the recently disclosed data breach incident that exposed personal information of more than 69 million members. [...]
Read more....