Twilio, a cloud communications platform as a service (CPaaS) company, disclosed that attackers compromised its TaskRouter JS SDK after gaining access to one of its misconfigured Amazon AWS S3 buckets. This left the SDK’s path publicly readable and writable since 2015. Twilio’s customers include Twitter, Netflix, Uber, Shopify, Morgan Stanley, Airbnb, and others.
Experts Comments
Linkedin Message
@Mark Bower, Senior Vice President, provides expert commentary at @Information Security Buzz.
"Compromise of common cloud security infrastructure is a jewel in the crown for any attacker...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/twilios-sdk-compromised-by-attackers-expert-reaction
Facebook Message
@Mark Bower, Senior Vice President, provides expert commentary at @Information Security Buzz.
"Compromise of common cloud security infrastructure is a jewel in the crown for any attacker...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/twilios-sdk-compromised-by-attackers-expert-reaction
Linkedin Message
@Ameet Naik, Security Evangelist , provides expert commentary at @Information Security Buzz.
"Businesses need to invest in client-side application security to ensure full visibility and control over client-side scripts and avoid data breaches...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/twilios-sdk-compromised-by-attackers-expert-reaction
Facebook Message
@Ameet Naik, Security Evangelist , provides expert commentary at @Information Security Buzz.
"Businesses need to invest in client-side application security to ensure full visibility and control over client-side scripts and avoid data breaches...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/twilios-sdk-compromised-by-attackers-expert-reaction
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Casey Kraus, President of Cloud Security Management Provider, provides expert commentary at @Information Security Buzz.
"The complexity around configurations, identity, and access in the cloud are creating many opportunities for these bad actors. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/twilios-sdk-compromised-by-attackers-expert-reaction
Facebook Message
@Casey Kraus, President of Cloud Security Management Provider, provides expert commentary at @Information Security Buzz.
"The complexity around configurations, identity, and access in the cloud are creating many opportunities for these bad actors. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/twilios-sdk-compromised-by-attackers-expert-reaction