HackDig : Dig high-quality web security articles for hacker

What to Know About IAM In the Cloud Before Implementation

Identity management is a complex topic that has been making its way into the cloud and enhancing the prospect for companies to federate and engage with previously unavailable identity services.By embracing security services in the cloud, or security as a service (SECaaS), enterprises are able to streamline and take advantage of more flexible services that th
Publish At:2017-08-17 08:59 | Read:266 | Comments:0 | Tags: Cloud

Cisco CloudCenter Orchestrator Vulnerability

This vulnerability gives an unauthenticated, remote attacker the ability to install Docker containers to the system, and could potentially allow him to attain escalated privileges, such as root. This was made possible by a misconfiguration that makes the Docker management port accessible to attackers, and allows them to submit Docker containers to the Cisco
Publish At:2017-08-17 08:57 | Read:192 | Comments:0 | Tags: Cloud Vulnerability

Public Cloud Storage Offering Scalability and Performacne

Using public cloud storage services lets organizations offload management tasks and the costs associated with supporting physical hardware to an external provider. An organization's data is stored in the provider's data center and the provider manages and maintains all facets of the data center, including power, cooling and server maintenance. As a result, o
Publish At:2017-08-17 08:56 | Read:249 | Comments:0 | Tags: Cloud

Update - Using AWS Organizations to Secure Your Cloud Accounts

AWS Organizations was designed to allow cloud administrators working in Amazon Web Services (AWS) to manage accounts more securely and efficiently. Essentially, AWS Organizations creates custom policies that can be applied to users/groups to manage security, create better automation and simplify billing. There is some overlap with AWS IAM (Identity and Acces
Publish At:2017-08-17 08:55 | Read:240 | Comments:0 | Tags: Cloud

Comparing the Leading Public Cloud Storage Providers

Amazon, Microsoft and Google dominate the public cloud market when it comes to addressing an organization's budget, security requirements, and infrastructure and business needs.Other niche and large public cloud service providers -- including IBM, Virtustream, Rackspace and NTT Communications -- provide beneficial services as well, but they don't have the sa
Publish At:2017-08-17 08:55 | Read:198 | Comments:0 | Tags: Cloud

IDaaS Vendors: IBM Cloud Identity Service Named Market Leader in Six Recent Analyst Reports

Not one, not two, but six of the most recent analyst reports evaluating the major Identity and Access Management-as-a-Service (IDaaS) vendors positioned IBM Cloud Identity Service as an overall market leader in cloud-based identity and access management (IAM). The market is crowded with both startups and large IDaaS vendors, making this is a big win for IBM
Publish At:2017-08-16 09:00 | Read:132 | Comments:0 | Tags:Cloud Security Identity & Access Security Services Cloud Ide

Best Practices for Developing and Securing a Microservices Architecture

Co-authored by Chris Craig. To match the ongoing shift to cloud as a means of increasing agility when delivering services, the architectures supporting these services are also evolving. The cloud IT space is full of terminology such as infrastructure-as-code, highly scalable architectures and microservices architecture — a methodology that is gathering sig
Publish At:2017-08-15 11:45 | Read:203 | Comments:0 | Tags:Cloud Security Cloud Cloud Adoption Cloud Computing Cloud Se

Cloud Security and the New Cold War: Corporate Strategies for Winning Digital Battles

Thirty years ago, the Cold War threatened to spill over from high-level espionage into full-blown warfare between the world’s two great superpowers. But there could be a new conflict on the horizon. Nature recently highlighted “The Darkening Web,” a new book by Alexander Klimburg, program director at The Hague Centre for Strategic Studies
Publish At:2017-08-11 15:05 | Read:286 | Comments:0 | Tags:Cloud Security Cloud Connected Devices Data Breach Data Prot

Risky Business: Why Enterprises Can't Abdicate Cloud Security

It's imperative for public and private sector organizations to recognize the essential truth that governance of data entrusted to them cannot be relinquished, regardless of where the data is maintained.The recent reports that Verizon and Dow Jones left their respective Amazon Web Services platforms exposed to unauthorized access should serve as a wakeup call
Publish At:2017-08-07 16:05 | Read:266 | Comments:0 | Tags: Cloud

SEC Consult SA-20170804-1 :: Ubiquiti Networks UniFi Cloud Key authenticated command injection

SEC Consult Vulnerability Lab Security Advisory < 20170804-1 >======================================================================= title: Authenticated Command Injection product: Ubiquiti Networks UniFi Cloud Key vulnerable version: Firmware v0.6.1 fixed version: Firmware v0.6.4 CVE number: impact: Hi
Publish At:2017-08-04 21:30 | Read:700 | Comments:0 | Tags: Cloud

Is Cloud Security a Safe Bet for Highly Sensitive Government Data?

Security is the primary focus of any government agency. One of the most obvious pitfalls of these agencies moving highly sensitive data to the cloud is that they surrender control to a third party. Moreover, nothing on the internet is truly secure, and all data is vulnerable to attacks and threats. The exposure footprint to those threats is staggering unde
Publish At:2017-07-28 21:55 | Read:249 | Comments:0 | Tags:Cloud Security Data Protection Government Cloud Adoption Clo

SEC Consult SA-20170727-0 :: Ubiquiti Networks UniFi Cloud Key multiple critical vulnerabilities

SEC Consult Vulnerability Lab Security Advisory < 20170727-0 >======================================================================= title: Authenticated Command Injection & Cloud User Weak Crypto & Privilege Escalation product: Ubiquiti Networks UniFi Cloud Key vulnerable version: Firmware v0.5.9/0.
Publish At:2017-07-28 04:50 | Read:332 | Comments:0 | Tags: Cloud

Who Is Responsible for Cloud Security?

When implementing cloud projects, security is one of the most important issues. It requires companies to identify and understand the risks inherent to digitization, public networks and outsourcing of infrastructure components. Companies still fear that their data is insecure with cloud systems. IT professionals want to apply the same level of security to t
Publish At:2017-07-24 17:25 | Read:248 | Comments:0 | Tags:Cloud Security Data Protection Identity & Access Cloud Cloud

APPLE-SA-2017-07-19-7 iCloud for Windows 6.2.2

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-07-19-7 iCloud for Windows 6.2.2iCloud for Windows 6.2.2 is now available and addresses thefollowing:libxml2Available for: Windows 7 and laterImpact: Parsing a maliciously crafted XML document may lead todisclosure of user informationDescription: An out-of-bounds read was addressed through improved
Publish At:2017-07-20 22:21 | Read:232 | Comments:0 | Tags: Cloud

Cloud Security Is Not an Either/Or

Now that cloud has become pervasive, organizations and individuals everywhere need to think about cloud security. To say that data is either fully secure or vulnerable in the cloud would be far too simplistic. Two Schools of Thought There are two widespread but opposite beliefs surrounding security in the public cloud: Abandon all hope! When you send dat
Publish At:2017-07-20 21:00 | Read:311 | Comments:0 | Tags:Cloud Security Cloud Cloud Computing Data Breach Human Facto

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud