Amazon Simple Storage Service (S3) is exposed via additional channels and APIs, which create new security blind spots that hackers are waiting to exploit. Traditional services, although moving to the cloud, are not cloud native and not agile. Traditional tools dynamically scan files with sandbox technology. Sandboxes are slow and not designed for real-time and cannot be adjusted to support it. These limitations open S3 buckets to attackers using simple evasion techniques, which easily circumvent the detection methods of these solutions. Organizations must be savvy when selecting the right S3 bucket protection at the speed of speed of their business.
Source: https://www.helpnetsecurity.com/2021/08/04/aws-s3-security-risk/