Security News

A malicious cryptocurrency miner and DDoS worm that has been targeting Docker systems for months now also steals Amazon Web Services credentials. The worm still scans for open Docker APIs, then spins up Docker images and install itself in a new container, but it now also searches for exploitable Kubernetes systems and files containing AWS credentials and configuration details - just in case the compromised systems run on the AWS infrastructure.

The Michigan institution announced its plan on July 28, which calls for testing coordinated by Testing Centers of America and the use of a health monitoring app called Aura Sequential Testing. "All students will utilize Aura, an app developed by Nucleus Healthcare, that organizes the College's COVID-19 testing and public health approach," Albion said in a statement.

Amazon Web Services, an Amazon.com company, announced the general availability of Amazon Braket, a fully managed AWS service that provides a development environment to help customers explore and design quantum algorithms. Customers can use Amazon Braket to test and troubleshoot quantum algorithms on simulated quantum computers running on computing resources in AWS to help them verify their implementation.

Trend Micro has demonstrated the strength of its collaboration with AWS since 2012 with a deep understanding of customer use cases and by integrating with leading AWS security services at launch. Most recently, Trend Micro Cloud One offerings have been natively integrated with AWS Control Tower and AWS Systems Manager Distributor.

Nutanix announced general availability of Nutanix Clusters on AWS, extending the flexibility and ease of use of the company's hyperconverged infrastructure software, along with all Nutanix products and services, to bare metal Amazon Elastic Compute Cloud instances on Amazon Web Services. With this announcement, Nutanix delivers hybrid cloud infrastructure - one that allows businesses to accelerate their digital initiatives and optimize spending, priorities further amplified in the age of COVID. Nutanix offers a single stack that integrates compute and storage, provides unified operations across private and public clouds, integrated networking with AWS, and license portability from private to public clouds, thus addressing key technical and operational challenges of the hybrid cloud era.

Has the onslaught of lackluster webinars over the past few months left you wanting more? Are you seeking practical, relevant, and usable information and advice on how to stay secure in the cloud? Well, you're in luck! DivvyCloud, the leading provider of cloud and container security and compliance, is partnering with AWS to offer an incredible opportunity to anyone who's interested in making the most out of the native security controls within AWS. This is an important topic because avoiding a data breach has been and continues to be a significant hurdle for any organization seeking to innovate securely in the cloud. As Gartner states, "Through 2022, at least 95 percent of cloud security failures will be the customer's fault." Appropriate use of native security controls in AWS and other CSPs is fundamental to managing cloud risk and avoiding costly breaches.

Extending the observability provided by the Threat Stack Cloud Security Platform to AWS Fargate tasks can help Threat Stack customers detect threats and maintain compliance across all areas of their cloud infrastructure. The Threat Stack Cloud Security Platform collects and correlates security telemetry from the cloud management console, host, containers, orchestration, managed container services and applications, giving Threat Stack customers a view into their entire cloud environment.

StrongBox IT released its flagship application firewall - Modshield SB, now available in the AWS Marketplace on a cloud subscription model and a Bring Your Own License model. A feature-rich, scalable and cost-effective application firewall, Modshield SB is designed to provide protection against all major attack vectors.

Misconfigured AWS S3 storage buckets exposing massive amounts of data to the internet are like an unexploded bomb just waiting to go off, say experts. The team at Truffle Security said its automated search tools were able to stumble across some 4,000 open Amazon-hosted S3 buckets that included data companies would not want public - things like login credentials, security keys, and API keys.

Amazon Web Services on Tuesday announced the general availability of a fully managed service designed to help customers identify potentially fraudulent online activities. Leveraging machine learning, the Amazon Fraud Detector can spot payment and identity fraud almost instantly.