Security News

Protecting sensitive data and mission critical applications spread across multiple on- and off-prem cloud environments and different service providers is a tough gig for busy security professionals. The SANS 2022 Cloud Security Exchange on Thursday 25th August aims to do just that, providing an online forum for cloud providers, end user organisations and consultants to put their heads together and build better defenses for their cloud workloads.

In this Help Net Security video, Christophe Tafani-Dereeper, Cloud Security Researcher and Advocate at DataDog, talks about Stratus Red Team, an open-source project for adversary emulation and validation of threat detection in the cloud. The tool supports common AWS and Kubernetes attack techniques.

As practically every organization shifts from managing their data in network-based data centers to storing it in the cloud, cloud data security policies are created to secure this data in a cloud environment. Development teams leverage the benefits of data in the cloud to generate a growing amount of cloud data stores and tools, to keep up with innovation.

60% of IT and security leaders are not confident in their organization's ability to ensure secure cloud access, even as adoption continues to grow across a diverse range of cloud environments, according to research from the Ponemon Institute. This Help Net Security video shows how zero trust can increase the security of your digital transformation.

A new vulnerability found in GoLang-based applications allows a threat actor to bypass validations under certain conditions and gain unauthorized access to cloud-native applications, Oxeye researchers have found. The source of "ParseThru" - as the newly discovered vulnerability has been dubbed - is the use of unsafe URL parsing methods built in the language.

Different cloud providers and private cloud platforms may offer similar capabilities but different ways of implementing security controls, along with disparate management tools. Old Security Tools No Longer Effective in the Cloud Security tools not born in the cloud are ill-equipped to protect applications running in the cloud for many reasons.

A US managed service provider NetStandard suffered a cyberattack causing the company to shut down its MyAppsAnywhere cloud services, consisting of hosted Dynamics GP, Exchange, Sharepoint, and CRM services. According to an email sent to MyAppsAnywhere customers shared on Reddit, the company detected signs of a cyberattack on Tuesday morning and quickly shut down cloud services to prevent the attack's spread. "As of approximately 11:30 AM CDT July 26, NetStandard identified signs of a cybersecurity attack within the MyAppsAnywhere environment. Our team of engineers has been engaged on an active incident bridge ever since working to isolate the threat and minimize impact."

The 8220 cryptomining group has expanded in size to encompass as many as 30,000 infected hosts, up from 2,000 hosts globally in mid-2021. "8220 Gang is one of the many low-skill crimeware gangs we continually observe infecting cloud hosts and operating a botnet and cryptocurrency miners through known vulnerabilities and remote access brute forcing infection vectors," Tom Hegel of SentinelOne said in a Monday report.

60% of IT and security leaders are not confident in their organization's ability to ensure secure cloud access, even as adoption continues to grow across a diverse range of cloud environments, according to research from the Ponemon Institute. The Global Study on Zero Trust Security for the Cloud surveyed nearly 1,500 IT decision makers and security professionals worldwide to examine the pain points they experience in securing cloud environments and how zero trust security methods can enable digital transformation.

A cryptomining gang known as 8220 Gang has been exploiting Linux and cloud app vulnerabilities to grow their botnet to more than 30,000 infected hosts. The group is a low-skilled, financially-motivated actor that infects AWS, Azure, GCP, Alitun, and QCloud hosts after targeting publicly available systems running vulnerable versions of Docker, Redis, Confluence, and Apache.