Breaking Codefinger: 5 Steps to Take Now
By Yamit
Recently, an adversary named Codefinger showed it could hold victims ransom by encrypting their files in AWS S3 buckets using AWS’s own built-in capabilities to server side encrypt files using a custom provided key, referred to as SSE-C. In exchange for payment, the keys would be given back to the victim to decrypt their data. While this…