Security News

The CIS Foundations Benchmarks are a part of the family of cybersecurity standards managed by CIS. CIS Benchmarks are consensus-based, vendor-agnostic secure configuration guidelines for the most commonly used systems and technologies. The CIS Foundations Benchmarks are intended for system and application administrators, security specialists, auditors, help desk, platform deployment, and/or DevOps personnel who plan to develop, deploy, assess, or secure solutions in the cloud.

SentinelOne researchers have unearthed a number of privilege escalation vulnerabilities in Eltima SDK, a library used by many cloud desktop and USB sharing services like Amazon Workspaces, NoMachine and Accops to allow users to connect and share local devices over network. The vulnerabilities affect both the cloud services and their end users.

The cloud services market size was valued at $264.80 billion in 2019, and is projected to reach $927.51 billion by 2027, growing at a CAGR of 16.4% from 2020 to 2027, according to ResearchAndMarkets. The services provided by the cloud computing technology are referred to as cloud services.

Researchers have found a number of high-security vulnerabilities in a library created by network virtualization firm Eltima, that leave about a dozen cloud services used by millions of users worldwide open to privilege-escalation attacks. The flaws are in the USB Over Ethernet function of the Eltima SDK, not in the cloud services themselves, but because of code-sharing between the server side and the end user apps, they affect both clients - such as laptops and desktops running Amazon WorkSpaces software - and cloud-based machine instances that rely on services such as Amazon Nimble Studio AMI, that run in the Amazon cloud.

Cybersecurity researchers have disclosed multiple vulnerabilities in a third-party driver software developed by Eltima that have been "Unwittingly inherited" by cloud desktop solutions like Amazon Workspaces, Accops, and NoMachine and could provide attackers a path to perform an array of malicious activities. "These vulnerabilities allow attackers to escalate privileges enabling them to disable security products, overwrite system components, corrupt the operating system, or perform malicious operations unimpeded," SentinelOne researchers said in a report shared with The Hacker News.

Researchers have discovered 27 vulnerabilities in Eltima SDK, a library used by numerous cloud providers to remotely mount a local USB device. This necessity also increased cloud providers utilizing Eltima's SDK that allow employees to mount local USB mass storage devices for use on their cloud-based virtual desktops.

Kafdrop is a management interface for Apache Kafka, which is an open-source, cloud-native platform for collecting, analyzing, storing and managing data streams. It connects and maps existing Kafka clusters automatically, Spectral researchers explained, allowing users to manage topic creation and removal, as well as "Understand the topology and layout of a cluster, drilling into hosts, topics, partitions, and consumers. It also allows you to sample and download live data from all topics and partitions, acting as a legitimate Kafka consumer."

We want to know what your biggest cloud security concerns and challenges are, and how your company is dealing with them. Weigh in with our exclusive poll!

State-backed adversaries expanded attacks against cloud platform company Zoho and its ManageEngine ServiceDesk Plus software, a help desk and asset management solution. Back in November, Unit 42 said it observed correlations between the tactics and tooling used in ADSelfService Plus campaigns and Threat Group 3390, also known as TG-3390 and Emissary Panda or APT27.

Oh! No! The wannabe wizard that went to school with a trainee Sith. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.