San Francisco-based cloud security startup Panther Labs has launched the first stable version of its open-source security information and event management (SIEM) solution, Panther.Fully running on top of cloud-native services offered by AWS (including Lambda, ECS, DynamoDB, S3, Cognito, and more), the new solution promises a new approach to SIEM, aiming to p

Researchers found a piece of Raccoon Stealer that abuse of Google Cloud Services and leverages multiple delivery techniques. Racoon malware (aka Legion, Mohazo, and Racealer) is an info-stealer that recently appeared in the threat landscape that is advertised in hacking forums. The malware is cheap compared to similar threats, it is able

With additional insights/analysis from Augusto Remillano II and Don Ovid Ladores Raccoon emerged as Malware as a Service (MaaS) last April 2019. Despite its simplicity, Raccoon became popular among cybercriminals and was mentioned as a notable emerging malware in underground forums in a malware popularity report. The malware is capable of stealing login cred

Vulnerability title: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer DereferenceAuthor: Pietro OlivaCVE: CVE-2020-10231Vendor: TP-LINKProduct: NC200, NC210, NC220, NC230, NC250, NC260, NC450Affected version: NC200 <= 2.1.8 build 171109, NC210 <= 1.0.9 build 171214, NC220 <= 1.3.0 build 180105, NC230 <= 1.3.0 build 171205,

Palo Alto Networks on Tuesday announced that it has entered into a definitive agreement to acquire enterprise SD-WAN solutions provider CloudGenix for roughly $420 million.Palo Alto Networks’ Prisma Access solution enables organizations to protect remote networks and mobile users, and it provides secure access to enterprise applications.By acquiring CloudGen

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2020-03-25-1 iCloud for Windows 10.9.3iCloud for Windows 10.9.3 is now available and addresses thefollowing:libxml2Available for: Windows 10 and later via the Microsoft StoreImpact: Multiple issues in libxml2Description: A buffer overflow was addressed with improved sizevalidation.CVE-2020-3910: LGTM.com

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2020-03-25-2 iCloud for Windows 7.18iCloud for Windows 7.18 is now available and addresses the following:libxml2Available for: Windows 7 and laterImpact: Multiple issues in libxml2Description: A buffer overflow was addressed with improved sizevalidation.CVE-2020-3910: LGTM.comlibxml2Available for: Window

By now, many organizations have adopted the cloud in some way. We saw organizations moving whole servers over to the cloud at the beginning, but now we see small parts of a system being moved to the cloud and new cloud native offerings. We’ll use the analogies of Lincoln Logs and Legos to describe these deployment models.Infrastructure-as-a-Service (IaaS): W

Every malicious campaign needs a robust supporting infrastructure, and attackers are constantly evolving new ways to improve availability and resilience.Domain Generation Algorithms, Fast Flux Botnets, peer-to-peer protocols and anonymizers, are just few of the techniques that cyber-criminals have adopted to hide their command and control and malware distrib

Adobe has addressed a critical vulnerability in its Creative Cloud desktop application that can be exploited by hackers to delete arbitrary files. Adobe has fixed a critical vulnerability in its Creative Cloud desktop application that can be exploited by attackers to delete arbitrary files. Creative Cloud is a collection of 20+ desktop and mobile apps

A critical vulnerability patched on Tuesday by Adobe in its Creative Cloud desktop application can be exploited by hackers to delete arbitrary files.Adobe Creative Cloud is a set of applications and services used for video editing, graphic design, photography and web development. The Creative Cloud desktop application allows users to easily manage their apps

As you migrate your enterprise to the public cloud or multicloud, you want to realize some of its inherent benefits regardless of what service model you utilize. Whether your goal is cost optimization, scalability or elasticity, the cloud can allow your enterprise to adopt newer, cutting-edge technologies to innovate your business without the burden of havin

This year, March 19 ushered in spring in the Northern Hemisphere — the first time since 1896 that the season has started so early. So why not take advantage of the season’s early arrival to do some spring cleaning, not only of your physical space, but of your data and systems, too? Digital spring cleaning can make your life easier and dramatically impr

Over half a million highly sensitive legal and financial documents have been leaked online by a US loans company after another cloud configuration error.Security researchers at vpnMentor led by Noam Rotem found the database in an unsecured Amazon Web Services (AWS) S3 bucket at the end of December.It appears to be linked to a smartphone app known as MCA Wiza

We have seen great strides in improving security tooling and processes over the past ten years. Via constantly maturing security models, security teams have become increasingly dependent upon an ever-more complex toolchain of products and services.But what happens when these systems fail. How much effort are we putting into planning and maintaining our secur