Security News

As many as 196 hosts have been infected as part of an aggressive cloud campaign mounted by the TeamTNT group called Silentbob. "The botnet run by TeamTNT has set its sights on Docker and Kubernetes environments, Redis servers, Postgres databases, Hadoop clusters, Tomcat and Nginx servers, Weave Scope, SSH, and Jupyter applications," Aqua security researchers Ofek Itach and Assaf Morag said in a report shared with The Hacker News.

Only 22% of IT professionals reported that more than 60% of their sensitive data in the cloud is encrypted. According to the findings, on average, only 45% of cloud data is currently encrypted.

A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal. "The attack consists of Python code that loads an XMRig Miner directly into memory using memfd, a known Linux fileless technique," security researchers Avigayil Mechtinger, Oren Ofer, and Itamar Gilad said.

Google Cloud's AML AI represents an advancement in the fight against money laundering. In this Help Net Security interview, Anna Knizhnik, Director, Product Management, Cloud AI, Financial Services, at Google Cloud, explains how Google Cloud's AML AI outperforms current systems, lowers operational costs, enhances governance, and improves the customer experience by reducing false positives and minimizing compliance verification checks.

The Council's inaugural Cloud Data Management Benchmark Report, based on responses from more than 250 data professionals in more than 30 countries across the globe, found that less than half of the companies it polled trust cloud security and reliability enough to store their more crucial data there. The EDM Council benchmark study found that among the companies polled, cloud data management is still in the early stages, with respondents characterizing the status of their data management for cloud-deployed data in "Developmental" or "Defined" stages and few at the "Achieved" or "Enhanced" stages of maturity.

Cybersecurity researchers have unearthed an attack infrastructure that's being used as part of a "Potentially massive campaign" against cloud-native environments. "This infrastructure is in early stages of testing and deployment, and is mainly consistent of an aggressive cloud worm, designed to deploy on exposed JupyterLab and Docker APIs in order to deploy Tsunami malware, cloud credentials hijack, resource hijack, and further infestation of the worm," cloud security firm Aqua said.

Thales cloud security study shows that 79% of organizations have more than one cloud provider and 75% of companies said they store at least 40% of their sensitive data in the cloud. While Thales, in its 2023 Cloud Security Study, found that well over a third of businesses experienced a data breach in their cloud environment last year versus 34% in 2021, organizations are increasingly caching sensitive data in multiple cloud environments.

To overcome these challenges, IT organizations are turning to hybrid solutions to leverage the benefits of the cloud and the mainframe. An astounding 93% of respondents strongly agree with the sentence, "I believe my organization needs to embrace a hybrid infrastructure model that spans from mainframe to cloud."

Since cloud security implies a shared responsibility between the customers and the cloud provider, IT teams and decision-leaders must have a clear understanding of the types of cloud services more vulnerable to cyberattacks. Another security consideration that emerges when businesses are moving their information system to the cloud is identifying the cases where the risks outweigh the rewards.

Asia In Brief Japan's government last Friday rebuked Fujitsu for shabby cloud security. Fujitsu operates a cloud called "FENICS" and in February 2023 admitted that in December 2022 it had detected network misconfigurations that allowed unauthorized remote access to the service.