Public labels aim to help admins see which buckets are publicly accessible Amazon Web Services (AWS)has rolled out an update to the AWS S3 Console that offers prominent labels showing which S3 buckets are publicly accessible.The new feature comes on the heels of a massive leak due to misconfigured S3 bucket that exposed personally identifiable information (PII) and financial information on nearly50,000 Australian government and private sector staff. The leak was due to an unnamed contractor incorrectly setting an S3 bucket as public. A breach would be worse if there are also no access controls placed on the files within public buckets.AWS announced the new “permissions checks” labels on Monday. The S3 Console now displays a yellow “Public” label next to each S3 bucket name if it is publicly accessible. A summary at the top of the page displays how many of the total number of buckets are “public”. This should make it more difficult for admins to accidentally leave a bucket public.The “Public” indicator is also displayed beneath the permissions tab when looking inside a single bucket. The interface tells users whether it’s the Access Control List (ACL), the Bucket Policy or both causing a bucket to be publicly available. It also contains a general warning that AWS recommends admins never grant any kind of public access to an S3 bucket. Ensuring that S3 buckets with sensitive information is walled off from the public is a long known challenge for AWS admins. Rapid7 in 2013 discovered 1,951 of identified 12,328 S3 buckets were left open, providing public access to 126 billion files, including personal photos, sales records, staff information and more.As ITNews.com.aureported in July, AWS had notified several customers by email that their S3 bucket ACLs were configure to allow public access. that warning followed the discovery of accessible S3 buckets containing data on millions of Dow Jones customers and millions of Verizon customers. Researcher Chris Vickery also recently discovered leaky S3 buckets containing data about Accenture’s Cloud Platform and customers using it.AWS has recently updated its advice for S3 bucket public access, which explains the implications of different ACL policies and a description of the difference between”READ” and “WRITE”access on public S3 buckets. READ access can reveal object names without necessarily revealing their contents, while WRITE access could allow anyone to modify or delete objects and use a customer’s AWS resources. AWS also rolled out a new control that enables admins to mandate that all objects in a bucket are encrypted by default. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe