All news with #amazon inspector tag

Amazon Inspector: Org-wide Management via AWS Organizations

🔒 Amazon Inspector can now be enabled, configured, and managed centrally across your AWS Organization using a new Inspector policy type in AWS Organizations. Administrators designate a delegated admin, enable the Inspector policies policy type, and create policies that specify scan types (Amazon EC2, ECR, Lambda standard, Code Scanning, Code Security) and Regions. Once attached to a root, OU, or account, the policy automatically enables Inspector for all covered accounts — including new accounts that join or move into covered OUs — ensuring consistent vulnerability scanning coverage and reducing operational overhead.

Amazon Inspector: 150,000 npm Packages in Token Farming

🔍 Amazon Inspector researchers identified and reported over 150,000 npm packages tied to a coordinated tea.xyz token farming campaign that automatically generated and published packages to harvest blockchain rewards. The team combined rule-based detection with AI and worked directly with the Open Source Security Foundation (OpenSSF) to assign MAL‑IDs and submit packages for removal. The campaign caused registry pollution and reveals a new reward-driven supply chain abuse vector that can obscure legitimate software and consume infrastructure resources.

Defending Against npm Supply Chain Threats and Worms

🔒 In September, attackers used stolen maintainer credentials to inject malicious payloads into widely used npm packages such as chalk and debug, followed by the self‑propagating Shai‑Hulud worm that harvested npm tokens, GitHub PATs, and cloud credentials. The compromised packages and postinstall scripts allowed silent interception of cryptocurrency activity and automated propagation across developer environments. AWS recommends immediate actions: audit dependencies, rotate secrets, inspect CI/CD pipelines for unauthorized workflows or injected scripts, and use Amazon Inspector to detect malicious packages and share validated intelligence with OpenSSF.

Planning and Running an AWS Security Hub POC Guide

🔒 This post explains how to plan and implement an AWS Security Hub proof of concept (POC) to evaluate unified cloud security operations. It outlines steps to define success criteria, configure integrations with GuardDuty, Amazon Inspector, Macie, and Security Hub CSPM, and to prepare, enable, and validate the deployment. The guidance recommends using overlapping trial periods, adopting the OCSF standard for normalized findings, and leveraging automation and ticketing integrations to measure operational impact.

Security Services Available in AWS Dedicated Local Zones

🛡️ This post explains how organizations can use AWS security services while keeping data within Dedicated Local Zones. It describes the AWS Nitro System for hardware-enforced isolation, AWS KMS with an external key store option, and continuous protection from Amazon Inspector and GuardDuty. It also covers certificate management via ACM, DDoS mitigation with AWS Shield, and centralized auditing through CloudTrail.