Security researchers observed an attack campaign that targeted misconfigured Docker API ports with samples of Kinsing malware.According to Aqua Security, the campaign began when it capitalized on an unprotected Docker API port to run a Ubuntu container.The command used for creating the Ubuntu container included a shell script “d.sh.” By means of

Remedying the "garbage in, garbage out" problem requires an understanding of what is causing the problem in the first place.When using event logs to monitor for security violations and incidents, the quality of output is determined by the quality of the input. Much of the logging being used is subpar, and there has been little industry incentive to fix it. T

So this blogpost has been sitting in my drafts for indeed a very long time. And I am definitely late to the party, but hopefully the write up is still of some help to someone.Securing any cloud environment, for that matter, is a vast topic & it would be difficult to cover it all in one single blogpost. Hence, I would try to break it down as per a generic

Experts revealed that an unauthorized party compromised more than 200 million user records hosted somewhere within the U.S. in a Google Cloud database.  Many people are now so accustomed to cloud computing that they use it multiple times per day, whether to collaborate with co-workers, log into email accounts or do other everyday tasks. The convenience is

By David Fiser (Security Researcher) We discovered 8,000 Redis instances that are running unsecured in different parts of the world, even ones deployed in public clouds. These Redis instances have been found without Transport Layer Security (TLS) encryption and are not password protected. Redis, according to its developers, is originally intended to be used

San Francisco-based cloud security startup Panther Labs has launched the first stable version of its open-source security information and event management (SIEM) solution, Panther.Fully running on top of cloud-native services offered by AWS (including Lambda, ECS, DynamoDB, S3, Cognito, and more), the new solution promises a new approach to SIEM, aiming to p

Researchers found a piece of Raccoon Stealer that abuse of Google Cloud Services and leverages multiple delivery techniques. Racoon malware (aka Legion, Mohazo, and Racealer) is an info-stealer that recently appeared in the threat landscape that is advertised in hacking forums. The malware is cheap compared to similar threats, it is able

With additional insights/analysis from Augusto Remillano II and Don Ovid Ladores Raccoon emerged as Malware as a Service (MaaS) last April 2019. Despite its simplicity, Raccoon became popular among cybercriminals and was mentioned as a notable emerging malware in underground forums in a malware popularity report. The malware is capable of stealing login cred

Vulnerability title: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer DereferenceAuthor: Pietro OlivaCVE: CVE-2020-10231Vendor: TP-LINKProduct: NC200, NC210, NC220, NC230, NC250, NC260, NC450Affected version: NC200 <= 2.1.8 build 171109, NC210 <= 1.0.9 build 171214, NC220 <= 1.3.0 build 180105, NC230 <= 1.3.0 build 171205,

Palo Alto Networks on Tuesday announced that it has entered into a definitive agreement to acquire enterprise SD-WAN solutions provider CloudGenix for roughly $420 million.Palo Alto Networks’ Prisma Access solution enables organizations to protect remote networks and mobile users, and it provides secure access to enterprise applications.By acquiring CloudGen

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2020-03-25-1 iCloud for Windows 10.9.3iCloud for Windows 10.9.3 is now available and addresses thefollowing:libxml2Available for: Windows 10 and later via the Microsoft StoreImpact: Multiple issues in libxml2Description: A buffer overflow was addressed with improved sizevalidation.CVE-2020-3910: LGTM.com

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2020-03-25-2 iCloud for Windows 7.18iCloud for Windows 7.18 is now available and addresses the following:libxml2Available for: Windows 7 and laterImpact: Multiple issues in libxml2Description: A buffer overflow was addressed with improved sizevalidation.CVE-2020-3910: LGTM.comlibxml2Available for: Window

By now, many organizations have adopted the cloud in some way. We saw organizations moving whole servers over to the cloud at the beginning, but now we see small parts of a system being moved to the cloud and new cloud native offerings. We’ll use the analogies of Lincoln Logs and Legos to describe these deployment models.Infrastructure-as-a-Service (IaaS): W

Every malicious campaign needs a robust supporting infrastructure, and attackers are constantly evolving new ways to improve availability and resilience.Domain Generation Algorithms, Fast Flux Botnets, peer-to-peer protocols and anonymizers, are just few of the techniques that cyber-criminals have adopted to hide their command and control and malware distrib

Adobe has addressed a critical vulnerability in its Creative Cloud desktop application that can be exploited by hackers to delete arbitrary files. Adobe has fixed a critical vulnerability in its Creative Cloud desktop application that can be exploited by attackers to delete arbitrary files. Creative Cloud is a collection of 20+ desktop and mobile apps