Microsoft Kills 18 Azure Accounts Tied to Nation-State Attacks
Posted on Friday September 25, 2020
An APT group has started heavily relying on cloud services like Azure Active Directory and OneDrive, as well as open-source tools, to obfuscate its attacks.
Google Cloud Buckets Exposed in Rampant Misconfiguration
Posted on Tuesday September 22, 2020
A too-large percentage of cloud databases containing highly sensitive information are publicly available, an analysis shows.
SecOps Teams Wrestle with Manual Processes, HR Gaps
Posted on Friday September 18, 2020
Enterprise security teams are "drowning in alerts."
Security Takeaways from the Great Work-from-Home Experiment
Posted on Friday September 18, 2020
As the pandemic drags on and remote workforces stay remote, zero-trust and other lessons learned should come to the fore.
APT41 Operatives Indicted as Sophisticated Hacking Activity Continues
Posted on Thursday September 17, 2020
Five alleged members of the China-linked advanced threat group and two associates have been indicted by a Federal grand jury, on dozens of charges.
Data Breaches Expose Vets, COVID-19 Patients
Posted on Tuesday September 15, 2020
Social engineering and employee mistakes lead to breach Veteran's Administration and the National Health Service.
QR Codes Serve Up a Menu of Security Concerns
Posted on Tuesday September 15, 2020
QR code usage is soaring in the pandemic -- but malicious versions aren't something that most people think about.
MFA Bypass Bugs Opened Microsoft 365 to Attack
Posted on Tuesday September 15, 2020
Vulnerabilities ‘that have existed for years’ in WS-Trust could be exploited to attack other services such as Azure and Visual Studio.
Cloud Leak Exposes 320M Dating-Site Records
Posted on Monday September 14, 2020
A misconfigured, Mailfire-owned Elasticsearch server impacted 70 dating and e-commerce sites, exposing PII and details such as romantic preferences.
A Practical Guide to Securing the Cloud in Times of Crisis
Posted on Monday September 14, 2020
Our speakers provide a deep dive into the current state of cloud security and how to avoid disruption and chaos during times of crisis.