HackDig : Dig high-quality web security articles for hacker

Hands-on AWS S3 Bucket Account Takeover

As we have seen in the first part of AWS Penetration Testing Series the Basics of AWS S3 Bucket Penetration Testing in which we explained about what is Amazon S3 bucket and for the different purposes it can be used, in the second part Hands-on AWS S3 Bucket Vulnerabilities we learned about vulnerabilities in AWS S3 Bucket and in this part we will see h
Publish At:2020-04-04 13:55 | Read:75 | Comments:0 | Tags:Cloud Security News SecureLayer7 Services AWS Penetration Te

Panther Labs Launches Open-Source Cloud-Native SIEM

San Francisco-based cloud security startup Panther Labs has launched the first stable version of its open-source security information and event management (SIEM) solution, Panther.Fully running on top of cloud-native services offered by AWS (including Lambda, ECS, DynamoDB, S3, Cognito, and more), the new solution promises a new approach to SIEM, aiming to p
Publish At:2020-04-01 09:53 | Read:147 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security Cloud

AWS Security Service 'Amazon Detective' Now Generally Available

AWS on Tuesday announced the general availability of Amazon Detective, a service that makes it easier for customers to investigate security issues.Unveiled in December 2019, Amazon Detective is designed to automatically collect data from the customer’s AWS environment and uses that data to create interactive visualizations that can be highly useful for analy
Publish At:2020-04-01 09:53 | Read:164 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security

Palo Alto Networks to Acquire CloudGenix for $420 Million

Palo Alto Networks on Tuesday announced that it has entered into a definitive agreement to acquire enterprise SD-WAN solutions provider CloudGenix for roughly $420 million.Palo Alto Networks’ Prisma Access solution enables organizations to protect remote networks and mobile users, and it provides secure access to enterprise applications.By acquiring CloudGen
Publish At:2020-03-31 14:55 | Read:113 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security Management & Strategy

Effective Data Security Begins With a Strong Tech Foundation

Data is the engine of the modern economy. Whether it consists of customer data, intellectual property, market insights or financial information, these types of sensitive data enable the most successful businesses to thrive. It’s no surprise, then, that securing that critical data is increasingly a strategic priority for organizations around the globe.
Publish At:2020-03-31 08:26 | Read:104 | Comments:0 | Tags:CISO Data Protection Chief Information Officer (CIO) Chief I

Zettaset Launches Software-Defined Encryption for Kubernetes Environments

Kubernetes-specialist Zettaset has introduced software-defined encryption for Kubernetes-managed containers, improving DevSecOps, enhancing data protection, and enabling compliance.The use of Kubernetes is growing. A January 2020 survey by the Cloud Native Computing Foundation (CNCF) found that 78% of respondents are using a Kubernetes container orchest
Publish At:2020-03-30 12:22 | Read:152 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security Data Protection

ZenKey: How Major Mobile Carriers Are Teaming Up to Eliminate Passwords

ZenKey Links Mobile Phones Directly to Carrier APIs and Avoids Users Having to Use Passwords After Authenticating a PhoneFour major U.S. carriers are developing a new single sign-on variant they believe will do away with the need for passwords. Their solution is new mobile app called ZenKey that securely ties the user's device to the carrier, and t
Publish At:2020-03-24 12:13 | Read:183 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Fraud & Identity The

Do You Know Your Responsibilities When It Comes to Container Security?

As you migrate your enterprise to the public cloud or multicloud, you want to realize some of its inherent benefits regardless of what service model you utilize. Whether your goal is cost optimization, scalability or elasticity, the cloud can allow your enterprise to adopt newer, cutting-edge technologies to innovate your business without the burden of havin
Publish At:2020-03-24 07:55 | Read:253 | Comments:0 | Tags:Cloud Security Application Development Application Security

UK Printing Company Exposed Military Documents

Cybersecurity researchers say UK-based document printing and binding company Doxzoo exposed hundreds of gigabytes of information, including documents related to the US and British military, by leaving an AWS S3 bucket unprotected.vpnMentor researchers claim they have discovered 343GB worth of files on an AWS server belonging to Doxzoo. They say the company w
Publish At:2020-03-20 13:22 | Read:387 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Identity & Access Cloud Secu

7 Spring Cleaning Tasks to Improve Data Security

This year, March 19 ushered in spring in the Northern Hemisphere — the first time since 1896 that the season has started so early. So why not take advantage of the season’s early arrival to do some spring cleaning, not only of your physical space, but of your data and systems, too? Digital spring cleaning can make your life easier and dramatically impr
Publish At:2020-03-20 10:40 | Read:227 | Comments:0 | Tags:Data Protection Mobile Security Application Security Cloud C

4 Principles That Should Define Your Evolving Security Operations Model

I recently had the opportunity to speak at a security conference where I presented the operating models that an organization can embrace when managing cyberthreats and the guiding principles associated with them. It was a great chance to share some of my experiences with the greater community and foster intellectual curiosity around an increasingly important
Publish At:2020-03-20 09:20 | Read:201 | Comments:0 | Tags:CISO Risk Management Security Services Cloud Security Cybert

Tech Companies Partner to Securely Connect IoT to Cloud

Thales, Telstra, Microsoft, and Arduino this week announced a partnership aimed at enabling the secure connection of IoT devices to the cloud.Delivering end-to-end connectivity between devices and cloud platforms, the solution enables “instant and standardized mutual authentication” over cellular networks.Moreover, it is fully compliant with the GSMA IoT SAF
Publish At:2020-03-17 17:07 | Read:180 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security Management & Strategy

Financial Services Firms Exposed 500,000 Sensitive Documents

Researchers say two financial services companies have exposed over 500,000 sensitive legal and financial documents by storing them in an unprotected AWS S3 bucket.vpnMentor’s research team discovered the exposed database in December 2019. An investigation revealed that the files appeared to be connected to a merchant cash advance mobile app named MCA Wizard
Publish At:2020-03-17 17:07 | Read:228 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security Data Protection

Grow Your Business With an Evolving Cloud Security Strategy

We have all heard the castle-and-moat analogy to describe traditional centralized approaches to cybersecurity. As cloud security becomes increasingly important in the modern landscape, I think we should add one more component to the analogies we use to think about security: fog. Sometimes the fog is so thick that you can barely see what is in front of you or
Publish At:2020-03-17 10:37 | Read:153 | Comments:0 | Tags:Cloud Security Security Intelligence & Analytics Business Co

Inadvertent Insider Threats Present a Unique Challenge to Organizations

According to the recent X-Force Threat Intelligence Index 2020, more than 8.5 billion records were exposed due to breaches in 2019, of which 86 percent were due to misconfigured assets. These issues affected only half of the records breached in 2018, and as the 2017 report stated, 70 percent of the 2.9 billion records lost that year were due to misconfigurat
Publish At:2020-03-13 11:46 | Read:375 | Comments:0 | Tags:CISO Cloud Security Cloud Cloud Services Cloud Services Prov

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud