Here\u2019s all the ways an abandoned cloud instance can cause security issues | CyberScoop<\/title> <meta name=\"description\" content=\"Research released Tuesday by watchTowr shows how easy an old storage bucket can be repurposed by malicious attackers.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/abandoned-cloud-aws-s3-buckets-security-risk-watchtowr\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Here\u2019s all the ways an abandoned cloud instance can cause security issues\"> <meta property=\"og:description\" content=\"Research released Tuesday by watchTowr shows how easy an old storage bucket can be repurposed by malicious attackers.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/abandoned-cloud-aws-s3-buckets-security-risk-watchtowr\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2025-02-04T11:00:00+00:00\"> <meta property=\"article:modified_time\" content=\"2025-02-04T00:34:26+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues-2.jpg\"> <meta property=\"og:image:width\" content=\"8000\"> <meta property=\"og:image:height\" content=\"5000\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Greg Otto\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@gregotto\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1732206022g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1738612907g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1738186663g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=811a4fffdf449a472805\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/83379\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.7.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=83379\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fabandoned-cloud-aws-s3-buckets-security-risk-watchtowr%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fabandoned-cloud-aws-s3-buckets-security-risk-watchtowr%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-83379 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/abandoned-cloud-aws-s3-buckets-security-risk-watchtowr\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"5.12\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Nominations can be submitted for the 2025 CyberScoop 50 awards!<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.376558603491\">\n<div class=\"single-article__header-content\" readability=\"34.414507772021\">\n<p> Research released Tuesday by watchTowr shows how easy an old storage bucket can be repurposed by malicious attackers. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/83379\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"400\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues.jpg?resize=640%2C400&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues-2.jpg 8000w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues-2.jpg?resize=300,188 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues-2.jpg?resize=768,480 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues-2.jpg?resize=1024,640 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues-2.jpg?resize=1536,960 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues-2.jpg?resize=2048,1280 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues-2.jpg?resize=600,375 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues-2.jpg?resize=269,168 269w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues-2.jpg?resize=539,337 539w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues-2.jpg?resize=1080,675 1080w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues-2.jpg?resize=1349,843 1349w\" sizes=\"(max-width: 1080px) 100vw, 1080px\"><figcaption> (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"59.145507170109\"><body readability=\"120.3784562212\"><\/p>\n<p>There is a line of thought among the public that \u201cthe internet is forever.\u201d A security company published research Tuesday that showed why \u201cforever\u201d can be a security nightmare. <\/p>\n<p>Over the course of four months, cybersecurity researchers at watchTowr monitored and ultimately took control of what they referred to as <a href=\"https:\/\/labs.watchtowr.com\/8-million-requests-later-we-made-the-solarwinds-supply-chain-attack-look-amateur\">\u201cabandoned\u201d digital infrastructure<\/a>, focusing on <a href=\"https:\/\/docs.aws.amazon.com\/AmazonS3\/latest\/userguide\/Welcome.html\">Amazon Web Services S3 buckets<\/a> previously used by various entities ranging from governments and Fortune 500 companies to universities and cybersecurity firms.<\/p>\n<p>Once researchers identified a rudimentary way to take ownership of the approximately 150 neglected Amazon assets, they discovered those assets were still being pinged for data by all types of government entities and businesses. Over a two-month period, the S3 buckets received more than 8 million HTTP requests for all sorts of files, including software updates, pre-compiled (unsigned) Windows, Linux, and macOS binaries, virtual machine images, JavaScript files, <a href=\"https:\/\/docs.aws.amazon.com\/AWSCloudFormation\/latest\/UserGuide\/Welcome.html\">CloudFormation<\/a> templates, and SSLVPN server configurations.<\/p>\n<p>The findings emphasize that neglected cloud infrastructure, particularly with outdated configurations, leaves sensitive networks vulnerable to unauthorized access, and setting the stage for highly damaging supply chain attacks. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cWe believe that in the wrong hands, the research we have performed could have led to supply chain attacks that out-scaled and out-impacted anything we as an industry have seen so far \u2014 or put more clearly, we would\u2019ve embarrassed <a href=\"https:\/\/cyberscoop.com\/tag\/cozy-bear\/\">Cozy Bear<\/a> and made their SolarWinds adventures look amateurish and insignificant,\u201d the blog reads. <\/p>\n<p>Supply chain attacks, though not new, remain a formidable challenge. Real-world examples like <a href=\"https:\/\/cyberscoop.com\/tag\/solarwinds\/\">the SolarWinds incident<\/a> or the <a href=\"https:\/\/cyberscoop.com\/tag\/moveit-transfer\/\">MOVEit breach<\/a> have demonstrated the extensive impact that such attacks can have. The watchTowr investigation reveals that even unsophisticated attackers have the potential to inflict similar disruptions by hijacking neglected resources, including unverified software update links embedded in official government and corporate materials. <\/p>\n<p>WatchTowr researchers listed a slew of entities that communicated with the neglected assets: government networks in the United States (including NASA, numerous laboratories, and state governments), the United Kingdom, Poland, Australia, South Korea, Turkey, Taiwan, Chile, and other countries; military networks; Fortune 500 and Fortune 100 companies; a major payment card network; a major industrial product company; global and regional banks and financial services organizations; universities around the world; instant messenger software companies; cybersecurity technology companies; casinos; and many others.<\/p>\n<p>WatchTowr\u2019s researchers went to lengths to describe how the issues they uncovered were not done to single out Amazon Web Services or the original owners of the cloud infrastructure, but to highlight systemic weaknesses rooted in the mass adoption and subsequent abandonment of these resources. WatchTowr reached out to AWS over the course of the research, and the tech giant ended up sinkholing the infrastructure after WatchTowr turned it over. <\/p>\n<p>\u201cWe will not entertain any conversation or speculation that we targeted any organization,\u201d the company wrote. \u201cIt is clear that, like expired and abandoned domain names, this issue is prolific and not representative of any one organization\u2019s approach to infrastructure or cybersecurity in isolation. Any conclusion that you come to around any individual organization\u2019s security posture as a result of this research would be incorrect, misguided, and likely due to your own bias.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Among some of the individual security issues the research uncovered are: <\/p>\n<ul class=\"wp-block-list\">\n<li>An abandoned S3 bucket in a 2012 CISA advisory, informing the public of a patch to software that\u2019s used for monitoring and controlling heating and cooling systems in large buildings or communities. A malicious actor could have re-registered the cloud instance to distribute malware or perform some other nefarious activity. CISA removed the instance after being contacted by watchTowr.<\/li>\n<\/ul>\n<p>\u201cIt is an incredible example of how this challenge is ubiquitous and not limited to only the unenlightened \u2014 even security professionals inside governments trip up here,\u201d the researchers wrote. <\/p>\n<ul class=\"wp-block-list\">\n<li>A dataset analysis revealed multiple abandoned S3 buckets tied to unnamed SSL VPN appliance vendors, which were still being targeted for fetching deployment templates and configurations. If a malicious actor were to gain access to these configurations, they can impersonate legitimate users, access internal resources, conduct man-in-the-middle attacks, redirect communications, and manipulate the network with full control.<\/li>\n<li>Researchers found that systems were using Vagrant, a tool for automating virtual machine setup, to source virtual machine images from abandoned S3 buckets, a practice they found highly alarming due to the security risks involved. By using these untrusted sources, attackers could insert malicious code or users, enabling potential attacks such as credential theft, ransomware deployment, and unauthorized system access.<\/li>\n<\/ul>\n<p>Researchers further determined that the window of opportunity for attackers to take advantage of these abandoned assets is wide open, due to the origin date of the uncovered buckets. Another S3 bucket researchers found related to the emscripten project \u2014 a very popular open-source WebAssembly compiler \u2014 has been open partly due to an ignored GitHub commit made in 2015. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cIt is very scary to think that the \u2018window of exploitation\u2019 for this issue is so large \u2014 it seems reasonable to assume that at any point in (we are educated-guessing) those nine years, attackers were given the opportunity to claim this abandoned S3 bucket and start serving malware, subsequently compromising hosts,\u201d the researchers wrote. <\/p>\n<p>Researchers at watchTowr said they had many more examples of neglected digital resources, each presenting potential avenues for exploitation. However, they believe the research points to a systemic issue with the way organizations of all sizes have embraced the broader concept of cloud computing.<\/p>\n<p>\u201cThe reality is that there is a \u2018simple\u2019 root cause of all this strife. It\u2019s not Amazon, S3, or even \u2018the cloud,\u2019\u201d the researchers wrote. \u201cThe root cause stems from a mindset that has grown as friction to acquiring Internet infrastructure \u2014 be it S3 buckets, domain names, IP addresses, or whatever \u2014 has lessened. This mindset lulls us in and persuades us that Internet infrastructure is \u2018easy come, easy go.\u2019 In a world where registering a domain name costs a mere few dollars, and registering an Internet resource like an S3 bucket takes even less, it takes very little to inadvertently commit to maintaining a finite resource.\u201d<\/p>\n<p>You can read the full report on <a href=\"https:\/\/labs.watchtowr.com\/8-million-requests-later-we-made-the-solarwinds-supply-chain-attack-look-amateur\">watchTowr\u2019s website<\/a>. <\/p>\n<p> <\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.5190548780488\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/02\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues-1.jpg?w=640&ssl=1\" alt=\"Greg Otto\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Greg Otto<\/h4>\n<p> Greg Otto is Editor-in-Chief of CyberScoop, overseeing all editorial content for the website. Greg has led cybersecurity coverage that has won various awards, including accolades from the Society of Professional Journalists and the American Society of Business Publication Editors. Prior to joining Scoop News Group, Greg worked for the Washington Business Journal, U.S. News & World Report and WTOP Radio. He has a degree in broadcast journalism from Temple University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/abandoned-cloud-aws-s3-buckets-security-risk-watchtowr\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Here\u2019s all the ways an abandoned cloud instance can cause<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1064,1891,78,452,1073,256,3662,3663,3547,3440],"tags":[1065,1893,86,454,1076,262,3664,3665,3666,3441],"class_list":["post-7192","post","type-post","status-publish","format-standard","hentry","category-amazon-web-services-aws","category-cloud-computing","category-cybersecurity","category-cybersecurity-and-infrastructure-security-agency-cisa","category-open-source","category-research","category-s3-bucket","category-ssl","category-vpn-gateway","category-watchtowr-labs","tag-amazon-web-services-aws","tag-cloud-computing","tag-cybersecurity","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-open-source","tag-research","tag-s3-bucket","tag-ssl","tag-vpn-gateway","tag-watchtowr-labs"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/amazon-web-services-aws\/\" rel=\"category tag\">Amazon Web Services (AWS)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cloud-computing\/\" rel=\"category tag\">cloud computing<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/open-source\/\" rel=\"category tag\">open source<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/s3-bucket\/\" rel=\"category tag\">S3 bucket<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ssl\/\" rel=\"category tag\">SSL<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vpn-gateway\/\" rel=\"category tag\">VPN gateway<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/watchtowr-labs\/\" rel=\"category tag\">watchTowr Labs<\/a>","tag_info":"watchTowr Labs","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7192","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7192"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7192\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7192"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7192"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7192"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7192,"date":"2025-02-04T05:00:00","date_gmt":"2025-02-04T11:00:00","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=83379"},"modified":"2025-02-04T05:00:00","modified_gmt":"2025-02-04T11:00:00","slug":"heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/02\/04\/heres-all-the-ways-an-abandoned-cloud-instance-can-cause-security-issues\/","title":{"rendered":"Here\u2019s all the ways an abandoned cloud instance can cause security issues"},"content":{"rendered":"