%20(3)-1.png?quality=high&width=1900&height=1250&name=CSS%20-%20Blog%20(Featured%20Images)%20(3)-1.png)
%20(1).png?width=2000&height=1125&name=CSS%20-%20Blog%20(Featured%20Images)%20(1).png)
Public S3 Bucket Exposure: Misconfiguration Risks in 2025
Casmer Labs, the threat research team within Cloud Storage Security, continues to observe cases in 2025 where sensitive data is exposed through publicly accessible cloud storage. In these cases, exposure typically comes from configuration, not intrusion. A storage resource such as an Amazon S3 bucket is left open to the internet and contains real customer data, financial records, or other regulated information.
%20(1920%20x%201080%20px)%20(15).png?width=1920&height=1080&name=Copy%20of%20Blue%20White%20Gradient%20Modern%20Professional%20Business%20General%20LinkedIn%20Banner%20(750%20x%20750%20px)%20(1920%20x%201080%20px)%20(15).png)
%20(1920%20x%201080%20px)%20(19).png?width=387&height=258&name=Copy%20of%20Blue%20White%20Gradient%20Modern%20Professional%20Business%20General%20LinkedIn%20Banner%20(750%20x%20750%20px)%20(1920%20x%201080%20px)%20(19).png)
Nov 4, 2025
What is DSPM in Cyber Security and How to Choose the Right Cloud DSPM Platform
Year after year, more data moves into the cloud. In fact, this year, over 200 zettabytes of data have landed in cloud storage repositories. The nature of that data hasn’t changed — Social Security numbers, cardholder information, intellectual property — but the surface area and accessibility have. Cloud storage’s inherent convenience introduces new risks: attack paths, misconfigurations, insider behavior, and compliance gaps. These challenges demand attention not just with tools, but with architectural clarity and operational readiness. This piece explains what DSPM is, why it matters at the data layer, and what to look for without the buzzwords. TL;DR DSPM discovers and classifies sensitive data in cloud storage, validates storage controls, monitors risky activity, and delivers audit-ready, actor–time–object evidence. Use DSPM alongside CSPM, CNAPP, and DLP to close the blind spot across Amazon S3, EBS, EFS, FSx, and similar services. When evaluating DSPM tools, prioritize coverage depth, in-tenant architecture, ML-based anomaly detection, evidence quality, and predictable pricing.
Cloud Storage Security%20(1920%20x%201080%20px)%20(18).png?width=387&height=258&name=Copy%20of%20Blue%20White%20Gradient%20Modern%20Professional%20Business%20General%20LinkedIn%20Banner%20(750%20x%20750%20px)%20(1920%20x%201080%20px)%20(18).png)
Nov 4, 2025
Proactive Malware Protection for Amazon EFS with Cloud Storage Security
TL:DR Cloud Storage Security brings malware protection to Amazon EFS by scanning files in place inside your AWS account with multiple engines. You can schedule or run on demand scans, apply tag quarantine or delete actions, and stream findings to CloudWatch and your SIEM without moving data outside your environment.
Cloud Storage Security%20(1920%20x%201080%20px)%20(17).png?width=387&height=258&name=Copy%20of%20Blue%20White%20Gradient%20Modern%20Professional%20Business%20General%20LinkedIn%20Banner%20(750%20x%20750%20px)%20(1920%20x%201080%20px)%20(17).png)
Oct 13, 2025
CSS Founder Becomes 7th Person to Visit Challenger Deep and Surpass Kármán line
October 13, 2025 - Aaron Newman, founder and CEO at Cloud Storage Security (CSS), has become the seventh person in history to visit both the maximum known depth on Planet Earth and the barrier to outer space.
Cloud Storage Security%20(1920%20x%201080%20px)%20(15).png?width=387&height=258&name=Copy%20of%20Blue%20White%20Gradient%20Modern%20Professional%20Business%20General%20LinkedIn%20Banner%20(750%20x%20750%20px)%20(1920%20x%201080%20px)%20(15).png)
Oct 2, 2025
Public S3 Bucket Exposure: Misconfiguration Risks in 2025
Casmer Labs, the threat research team within Cloud Storage Security, continues to observe cases in 2025 where sensitive data is exposed through publicly accessible cloud storage. In these cases, exposure typically comes from configuration, not intrusion. A storage resource such as an Amazon S3 bucket is left open to the internet and contains real customer data, financial records, or other regulated information. When an S3 bucket is publicly readable, often called an S3 bucket misconfiguration, anyone with the URL can download its contents. That is a cloud data exposure event even if there is no exploit, malware, or credential theft involved.
Casmer Labs%20(1920%20x%201080%20px)%20(12).png?width=387&height=258&name=Copy%20of%20Blue%20White%20Gradient%20Modern%20Professional%20Business%20General%20LinkedIn%20Banner%20(750%20x%20750%20px)%20(1920%20x%201080%20px)%20(12).png)
Sep 30, 2025
Massive Data Breach Could Affect 10% of Texas-Based Truckers
Casmer Labs, the threat research team within Cloud Storage Security, has continued to observe cases in 2025 where sensitive data became exposed through publicly accessible cloud storage. These exposures are typically caused by configuration, not intrusion. A storage resource such as an Amazon S3 bucket is left open to the internet and ends up holding real personal and compliance documentation. In these situations, no exploit is required. If an S3 bucket allows public read or list access, anyone who can locate it can download its contents. That is a cloud data exposure event even if there was no malware, credential theft, or lateral movement. One recent case involving AJT Compliance LLC shows how severe this can get.
Casmer Labs%20(1920%20x%201080%20px)%20(10).png?width=387&height=258&name=Copy%20of%20Blue%20White%20Gradient%20Modern%20Professional%20Business%20General%20LinkedIn%20Banner%20(750%20x%20750%20px)%20(1920%20x%201080%20px)%20(10).png)
Sep 17, 2025
TransUnion 2025: Third-Party App Abuse, OAuth Access, and 4.46M Affected
Casmer Labs is the internal threat research team within Cloud Storage Security. We track significant activity in cybersecurity, cloud security, and cloud data security. Our goal is to document what occurred, how it occurred, and which controls are relevant.
Casmer Labs%20(1920%20x%201080%20px)%20(9).png?width=387&height=258&name=Copy%20of%20Blue%20White%20Gradient%20Modern%20Professional%20Business%20General%20LinkedIn%20Banner%20(750%20x%20750%20px)%20(1920%20x%201080%20px)%20(9).png)
Sep 12, 2025
August Threat Report: Qilin Attacks Inotiv & Nissan, NFCU Exposes 378TB
Casmer Labs is the internal threat research team within Cloud Storage Security. We monitor activity in cybersecurity, cloud security, and cloud data security. Our role is to document material incidents and explain where organizations are still exposed.
Casmer Labs%20(1920%20x%201080%20px)%20(8)-2.png?width=387&height=258&name=Copy%20of%20Blue%20White%20Gradient%20Modern%20Professional%20Business%20General%20LinkedIn%20Banner%20(750%20x%20750%20px)%20(1920%20x%201080%20px)%20(8)-2.png)
Sep 5, 2025
World’s Largest Credit Union Leaks 378GB of Data
Cloud Growth and Escalating Risk Cloud computing has reshaped how organizations store, manage, and secure information. The global public cloud market has accelerated from roughly one hundred fifty six billion dollars in 2020 to projections in the hundreds of billions of dollars for 2025, with some estimates approaching nine hundred billion dollars in total cloud spend. At the same time, overall data volume continues to increase. Industry analysts expect that more than one hundred zettabytes of information will reside in cloud infrastructure by the end of 2025. That would account for a significant share of global digital data. As more data moves to the cloud, the risk surface changes. Applications, workflows, and regulated data are distributed across multiple accounts, regions, and services. Each storage location such as an Amazon S3 bucket, an EBS snapshot, or an EFS file system has its own configuration model. A single misconfiguration can expose internal information at scale.
Casmer Labs%20(1920%20x%201080%20px)%20(8).png?width=387&height=258&name=Copy%20of%20Blue%20White%20Gradient%20Modern%20Professional%20Business%20General%20LinkedIn%20Banner%20(750%20x%20750%20px)%20(1920%20x%201080%20px)%20(8).png)
Aug 13, 2025
FTX Japan Breach Exposes 26M Records via Amazon S3 Error
By late 2024 the public cloud had become the default platform for building and running new applications, business workflows, and data processing pipelines. Cloud adoption continued to accelerate through 2025. Industry forecasts place overall cloud spend in the hundreds of billions of dollars by the end of 2025. Analysts also estimate that more than one hundred zettabytes of data will reside in cloud infrastructure by the end of 2025, representing a significant portion of global digital data. As more workloads move, more data follows. Customer records, payment history, internal analytics output, compliance evidence, audit logs, and operational reports are all copied into cloud storage. That data does not live in a single place. It is replicated across object storage, snapshots, file systems, analytics buckets, and backup archives in multiple regions and accounts. Every storage location, for example an Amazon S3 bucket, an Azure Blob container, or a Google Cloud Storage bucket, has dozens of configuration options. A single misconfiguration can make internal data publicly reachable without any exploit.
Casmer Labs
