Cloud Security Alliance

AWS Ends SSE-C Encryption, and a Ransomware Vector

SSE-C stands (well, stood) for “Server Side Encryption- Customer-provided keys”. It allowed you to provide an encryption key when you put an object into S3. That key was used by S3 to encrypt the data ...
EDN

AWS Customers Can Enforce Control and Maintain Compliance with SafeNet Cloud-Based Encryption and Secure Key Management

SafeNet's encryption and key management solutions further enable AWS customers to move their most sensitive data and applications into the cloud while maintaining high levels of data protection.
CSOonline

Baffle to offer tenant-level data encryption to AWS users

Baffle has integrated homegrown key management capability with AWS server-side encryption, allowing SaaS applications to isolate and encrypt data at the customer level. SaaS applications running on ...
InfoQ

AWS Launches Amazon S3 Dual-Layer Server-Side Encryption with Keys Stored in AWS KMS

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Bleeping Computer

Ransomware abuses Amazon AWS feature to encrypt S3 buckets

A new ransomware campaign encrypts Amazon S3 buckets using AWS's Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption ...