Browsing tag
Threat actors are actively incorporating public cloud services from Amazon and Microsoft into their malicious campaigns to deliver commodity remote access trojans (RATs) such as Nanocore, Netwire, and AsyncRAT to siphon sensitive information from compromised systems. The spear-phishing attacks, which commenced in October 2021, have primarily targeted entities located in the U.S., Canada, Italy, and […]
Multiple reports have recently emerged about serious security flaws affecting cloud deployments. This time, digital forensics experts at security firm Palo Alto Networks reported a critical server-side vulnerability in Jira, an issue tracking product of Atlassian Corp. which, if exploited, could expose users’ stored data. To be precise, this is a server-side request forgery vulnerability […]
In today’s corporate environment, businesses and organizations rely heavily on services. This is especially true for their IT department, whose proprietary system and infrastructures can be costly to build. “As-a-service” products range in various types across all industries, and security as a service is one such product. What Is Security as a Service (SECaaS)? Security […]
The massive data breach at Capital One – America’s seventh-largest bank, according to revenue – has challenged many common assumptions about cloud computing for the first time. Ironically, the incident, which exposed some 106 million Capital One customers’ accounts, has only reinforced the belief that the cloud remains the safest way to store sensitive data. […]
Cloud Computing Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code. Cloud computing is the shared responsibility of Cloud provider and client who earn the service from the provider. Due to impact of the infrastructure , Penetration Testing not allowed in SaaS Environment. […]
Box is a cloud management system as like AWS S3 buckets, to manage and access your data. You can place the files in the Box storage and it can be shared to anyone through links. The data leak is not due to a bug or vulnerability, the problem is with the account administrators who created […]
DDoS and Malware attacks are nowadays frequently launching by cybercriminals and the cloud service are also targeting to compromise the exfiltrate the sensitive data. Since we are storing very important and sensitive files in the cloud, we have to make sure the files will be stored completely in the encrypted format. And the cloud service providers are […]
Google’s Cloud Next 2018 conference being held in San Francisco on July 24-26 plans to highlight its best cloud defenses and how to neutralize hacker-initiated malware. The two-factor authentication widget Titan, which is on top of the list for Google and it will be in the market by later this year. It consists of a […]
Are hackers smarter and more creative than cyber guardians? This is becoming the eternal question of the digital age. While we would like to think the protection of customer passwords and personal credentials is the job of IT experts, reports of recent data breaches now suggest we are losing the battle against online criminals. The situation […]
Bit9, a company that provides high profile network security and software solution to the United States government and many other firms all over the country was compromised, as a result the unknown hackers installed a malware on the security provider’s website which was found targeting its daily users and costumers into hacking attempts. The company […]