Security News

LemonDuck, a cross-platform cryptocurrency mining botnet, is targeting Docker to mine cryptocurrency on Linux systems as part of an active malware campaign. With compromised cloud instances becoming a hotbed for illicit cryptocurrency mining activities, the findings underscore the need to secure containers from potential risks throughout the software supply chain.

Cybercriminals are finding new ways to target cloud environments. To up their game, attackers are adopting more advanced and sophisticated methods to target sensitive and vulnerable cloud native environments.

According to a recent Pew Research survey, 64 percent of Americans are choosing to remain in either a fully remote or hybrid working environment, forcing businesses to grapple with the increasing complexity that comes with migrating and scaling workloads in the cloud. Qa survey respondents rank visibility into cloud data-in-motion as the top security factor globally.

In a September 2021 report from the nonprofit Cloud Security Alliance, nearly 70 percent of respondents - comprising 1,090 IT and security professionals - reported that their company's cloud security, IT operations and developer teams are misaligned on security policies and/or enforcement strategies. March 2021: The arts-and-crafts retailer Hobby Lobby left 138GB of sensitive customer information, source code for the company's app, and employee names and email addresses open to the public internet because of a cloud misconfiguration in its Amazon Web Services cloud database.

Microsoft will pay more - up to $26,000 more - for "High-impact" bugs in its Office 365 products via its bug bounty program. The new "Scenario-based" payouts to the Dynamics 365 and Power Platform Bounty Program and M365 Bounty Program aim to incentivize bug hunters to focus on finding vulnerabilities with "The highest potential impact on customer privacy and security," Microsoft said late last week.

Cloud computing and virtualization technology firm VMWare on Thursday rolled out an update to resolve a critical security flaw in its Cloud Director product that could be weaponized to launch remote code execution attacks. "An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server," VMware said in an advisory.

Atlassian has finally revealed the exact cause of an ongoing cloud services outage the company estimates could impact some of its customers for up to two more weeks. When we first reported on this outage, Atlassian told us that a routine maintenance script blocked some customers' access to their data after "Unintentionally" disabled the sites of roughly 400 out of its over 200,000 customers.

In this video for Help Net Security, Zur Ulianitzky, Head of Research at XM Cyber, talks about the top attack techniques used by threat actors to compromise critical assets in enterprise and cloud environments. Based on a research of attack techniques exploiting vulnerabilities, misconfigurations and mismanaged or stolen credentials to compromise critical assets, the most impactful technique turned out to be the used of compromised domain credentials, which allow the attacker to spread throughout the enterprise environments.

While the details vary by service, the concept is basically the same: you remain responsible for maintaining general security hygiene, ensuring the cloud security controls are properly configured, and protecting your data on the system. Over the course of two decades, cloud computing has transformed the way people use the internet for work and play.

If you're a cloud service vendor, you should be prepared to answer this question from your customers: How can you prove your security and privacy practices are truly secure? An external review validates your existing security practices.