You have to consider cybersecurity at all points of a cloud migration
Human error and complex cloud deployments open the door to a wide range of cyber threats, according to Trend Micro. Cloud security issues Gartner predicts that by 2021, over …
misconfiguration
Organizations struggle with patching endpoints against critical vulnerabilities
Less than 50 percent of organizations can patch vulnerable systems swiftly enough to protect against critical threats and zero-day attacks, and 81 percent have suffered at …
Cloud misconfigurations surge, organizations need continuous controls
Nearly 33.4 billion records were exposed in breaches due to cloud misconfigurations in 2018 and 2019, amounting to nearly $5 trillion in costs to enterprises globally, …
Network complexity and lack of visibility contribute to misconfigurations and increased risk
Enterprises are slow to abandon manual processes, despite being short staffed, as the lack of automation, coupled with increasing network complexity risk and lack of …
Security flaw could turn load balancers into beachheads for cyber attacks
Cyber security provider F-Secure is advising organizations using F5 Networks’ BIG-IP load balancer, which is popular amongst governments, banks, and other large corporations, …
Capital One breach: Info on 106 million customers compromised, hacker arrested
Capital One, one of the largest banks in the United States by assets, has announced that it has suffered a massive data breach affecting the personal and financial information …
Magecart compromised 17,000+ sites through unsecured Amazon S3 buckets
We often hear about misconfigured Amazon S3 buckets exposing sensitive business and customer data, but there’s another present danger: Magecart attackers have been …
Unsecured Gearbest server exposes millions of shoppers and their orders
Chinese e-commerce giant Gearbest has exposed information and orders of millions of its customers through an unsecured Elasticsearch server, security researcher Noam Rotem and …
New security feature to prevent Amazon S3 bucket misconfiguration and data leaks
Hardly a week goes by that we don’t hear about an organization leaving sensitive data exposed on the Internet because they failed to properly configure their Amazon S3 …
Solving the cloud infrastructure misconfiguration problem
Security incidents involving cloud infrastructure have become a regular occurrence since many organizations began shifting their assets to the cloud. Many of these incidents …
Access misconfiguration opens 3D printers to remote attacks
Spurred by a report coming from a regular reader, SANS ISC handlers Richard Porter and Xavier Mertens searched for OctoPrint interfaces for 3D printers exposed online and …
Smart homes can be easily hacked via unsecured MQTT servers
The Internet of Things is full of security holes, and the latest one has been pointed out by Avast researcher Martin Hron: unsecured MQTT servers. What is MQTT? The Message …
