HackDig : Dig high-quality web security articles for hacker

Cisco addresses a critical vulnerability in Cloud Services Platform (CSP)

Cisco patched critical and high severity vulnerabilities in several products, including the Cloud Services Platform (CSP). Cisco patched critical and high severity vulnerabilities in several products, including the Cloud Services Platform (CSP), the Firepower Extensible Operating System (FXOS) and NX-OS software, and some Small Business IP phones. The most s
Publish At:2017-10-22 06:06 | Read:97 | Comments:0 | Tags:Breaking News Hacking CISCO Cloud Services Platform Krack Cl

DevOpsSec: A Big Step in Cloud Application Security

Why it's time for DevOps and security teams to bury the hatchet -- and not in each other's back. In 2010, when I said, "I think the cloud is our opportunity to get ahead of cyberthreats" at a Washington, DC, speaking event, I literally heard a gasp in the audience. And for the next five years, I was "that guy" on security panel discussions who defended the
Publish At:2017-10-03 21:20 | Read:249 | Comments:0 | Tags: Cloud

Zimperium Mobile Threat Detection Available in Oracle Cloud

In recent weeks we have been discussing some of the ways Zimperium delivers mobile threat defense (MTD) at scale. As the only true enterprise-class MTD solution available, we take that role seriously. So we are pleased to deliver another option for enterprises to implement mobile threat defense and take advantage of available infrastructure and resources. Yo
Publish At:2017-09-28 20:35 | Read:121 | Comments:0 | Tags:Partners Oracle Cloud

ESA-2017-119: EMC Elastic Cloud Storage Undocumented Account Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256ESA-2017-119: EMC Elastic Cloud Storage Undocumented Account VulnerabilityEMC Identifier: ESA-2017-119CVE Identifier: CVE-2017-8021Severity Rating: CVSS Base Score: 9.4 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H)Affected products: * EMC Elastic Cloud Storage all versions prior to 3.1Summary: EMC Elastic Cloud St
Publish At:2017-09-27 05:40 | Read:215 | Comments:0 | Tags: Cloud Vulnerability

Chevron's Jump to the Cloud is a Journey

Enterprises entertaining a move to the cloud should brace themselves for a challenging path of discovery. Enterprises that embrace a move to the cloud should prepare themselves for a run into the unknown, advises Gretchen Myers, Chevron's team lead for security strategy and emerging technologies.Myers, who spoke this week at the ISC(2) Security Congress in A
Publish At:2017-09-26 22:35 | Read:222 | Comments:0 | Tags: Cloud

APPLE-SA-2017-09-25-2 iCloud for Windows 7

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-09-25-2 iCloud for Windows 7iCloud for Windows 7 is now available and addresses the following:SQLiteAvailable for: Windows 7 and laterImpact: An application may be able to execute arbitrary code withsystem privilegesDescription: A memory corruption issue was addressed with improvedmemory handling.C
Publish At:2017-09-26 11:15 | Read:189 | Comments:0 | Tags: Cloud

A ‘Star Trek’ Darkly: To Boldly, Securely and Easily Go to the Cloud

For the past 50 years, “Star Trek” has served as our template for tomorrow. While there are still hurdles to overcome before we can traverse the stars at warp speed, many of Gene Roddenberry’s visions of advanced technology have come to life. The first tricorders Bones and Captain Kirk fantastically flipped open in “Star Trek: The Ori
Publish At:2017-09-26 09:56 | Read:123 | Comments:0 | Tags:Cloud Security Identity & Access Cloud Cloud Identity Servic

The Cloud Security Risks Hidden in Plain Sight

There are two popular attitudes about cloud security, and both of them are wrong. One belief is that putting data in the cloud amounts to putting it on the public internet for anyone to access. Therefore, the only way to keep data safe is to keep it at home and out of the cloud altogether. The opposite belief is that cloud providers cover their own bases wel
Publish At:2017-09-22 13:40 | Read:242 | Comments:0 | Tags:Cloud Security Risk Management Access Management Cloud Cloud

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making breaches, it’s becoming clear that the greatest risks to an organization might come down to a simple
Publish At:2017-09-21 19:15 | Read:208 | Comments:0 | Tags:Advanced Threats Cloud Security Data Protection Software & A

Viacom's Secret Cloud Keys Exposed

The entertainment giant is the latest company to misconfigure its Amazon Web Services S3 cloud storage bucket.A misconfigured Amazon Web Services (AWS) S3 bucket recently put Viacom's keys to its cloud kingdom at risk, according to UpGuard, which made the discovery. The Viacom incident is the latest AWS S3 misconfiguration issue to strike a company.The cloud
Publish At:2017-09-20 00:40 | Read:230 | Comments:0 | Tags: Cloud

Internet-Connected Toys: Cute, Cuddly and Inherently Insecure

After the FBI issued a warning on internet-connected toys in July, researchers began digging into these devices to assess their functions as they relate to cybersecurity. But before describing what one of these toys can do, it might be helpful to explain how they work at a very high level. Typical Components of Internet-Connected Toys The first component of
Publish At:2017-09-18 17:25 | Read:169 | Comments:0 | Tags:Cloud Security Mobile Security Cloud Cloud Applications Conn

Public, Hybrid Cloud Security Fears Abound

Most CISOs say encryption is the most effective security tool for data in the public cloud, but only one in six encrypt all data stored there.The transition to the public cloud is a major concern for security leaders, but many haven't adopted the tools to address their biggest fears.Security firm Bitdefender polled 1,051 IT security pros to learn more about
Publish At:2017-09-16 22:50 | Read:206 | Comments:0 | Tags: Cloud

Green Security Technology: The New Corporate Color?

From carbon-neutral clouds to net-zero data centers to completely renewable power, green technology is rapidly becoming a viable option for global corporations hoping to both improve long-term outlooks and align operations with changing consumer sentiment. Consider current projects by companies such as Salesforce, Apple and Toyota. According to Greentech Med
Publish At:2017-09-15 15:35 | Read:238 | Comments:0 | Tags:CISO Cloud Security Cognitive Artificial Intelligence (AI) C

SEC Consult SA-20170914-0 :: Authenticated Command Injection in Ubiquiti Networks UniFi Cloud Key

SEC Consult Vulnerability Lab Security Advisory < 20170914-0 >======================================================================= title: Authenticated Command Injection product: Ubiquiti Networks UniFi Cloud Key vulnerable version: Firmware version <=0.6.4 fixed version: Firmware version >=0.6.9 CVE number
Publish At:2017-09-14 22:30 | Read:263 | Comments:0 | Tags: Cloud

Cloud Security's Shared Responsibility Is Foggy

Security is a two-way street. The cloud provider isn't the only one that must take precautions.The slew of data leakage incidents involving Amazon Web Services this summer made for good headlines, but what should security professionals learn from them? Despite the good work by the UpGuard researchers who discovered unsecured AWS S3 buckets, it's hard to say
Publish At:2017-09-14 15:25 | Read:140 | Comments:0 | Tags: Cloud

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud