InfoSec News Nuggets 1/14/2025
Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant's own server-side encryption with customer provided keys (SSE-C) to lock up victims' data before demanding a ransom payment for the symmetric AES-256 keys required to decrypt it. Halcyon threat hunters say they first spotted this criminal gang in December, and in recent weeks observed two such ransomware attacks…