Blog

Rules and Best Practices Still Couldn’t Prevent the Docker Hub Breach

Rules and Best Practices Still Couldn’t Prevent the Docker Hub Breach

The recent Docker Hub breach hits home with anyone who develops and hosts code on Docker Hub, GitHub, or any other cloud-based repository. But while the magnitude of the damage was significant, it’s still remarkable that these kinds of breaches continue to happen. As of now, we know the Hub was not only exposed, but […]

Read More…

Do Data Leaks Have to Be So Common?

Do Data Leaks Have to Be So Common?

Just as you would protect your physical assets by locking the doors to your shop, the data that is stored and transacted in your cloud must also be secured like valuable assets. The problem, however, is that data changes, assets are spun up on the fly, and change is continuous. Data is used with such […]

Read More…

Silent But Deadly: Cloud Security and Cryptomining

Silent But Deadly: Cloud Security and Cryptomining

The cryptocurrency frenzy at the end of 2017 is well behind us, and the bubble has burst, but that doesn’t mean that you shouldn’t be paying attention to this anymore. Especially if you run any of your compute infrastructure in a public cloud provider, especially using Amazon’s AWS, there are potential risks that require continuous, […]

Read More…

Be Quick But Don’t Hurry: Container Security in Cloud Environments

Be Quick But Don’t Hurry: Container Security in Cloud Environments

It’s hard to argue against the benefits of containers and containerized applications running on cloud resources. Containers enable agile deployment capabilities, so require less coordination and oversight than on-premises or virtualization infrastructure and, in many cases, offer more flexibility. Advances in container orchestration, service meshing, and microservices mean applications are more portable and can be […]

Read More…

Evisort Elasticsearch server exposed confidential data

Latest Hacks: Legal Docs Exposed Through Unprotected Elasticsearch Server

Evisort, a legal document and contracts management service, exposed highly sensitive data through an unprotected Elasticsearch server. This kind of thing is happening with greater frequency as environments become numerous and complex and are coupled with powerful, easy to use software. In our latest Hack Report, learn how to implement access controls, proper authentication, user, […]

Read More…

Top Threats to Cloud Security

Top 10 Threats to Cloud Security: AWS Security Week New York

Last week I had the pleasure of attending my first AWS Security Week. This was held at the AWS New York City loft from April 15th – April 18th. The AWS Lofts are a cool place for people to come to hang out, meet, code, etc. – all free of charge. AWS frequently hosts weeks […]

Read More…

The Basics of Configuration Compliance

The Basics of Configuration Compliance

The public cloud has enabled customers to move fast and adapt to changing needs by allowing them to quickly spin up infrastructure programmatically or with just a few clicks. This has allowed companies to grow quickly, and for technological advancements to be implemented rapidly. However, as simple as it is to stand up infrastructure it’s […]

Read More…

Microsoft's Hotmail and MSN Accounts Compromised Through User Credentials

Latest Hacks: Microsoft’s Hotmail, MSN Compromised With User Credentials

Microsoft has admitted that email accounts for MSN.com and Hotmail, both services owned and managed by Microsoft, have had their accounts compromised sometime between January 1 and March 28, 2019. It appears that attackers were able to identify user’s email addresses, email folder names, email subject lines, and the email addresses of those with whom […]

Read More…

Cryptojacking Campaign Targets Exposed Kubernetes Clusters

Cryptojacking Campaign Targets Exposed Kubernetes Clusters

Reports on in-the-wild attacks on Kubernetes clusters are somewhat sparse. This coupled with multiple attack vectors prompted us to deploy Kubernetes honeypots with very loose security controls to catch real-world attacks. Our hypothesis was that an attack would happen quickly through the insecure API and that the attacker would abuse the cluster to deploy coinminers. […]

Read More…

Why Process-to-Process Visibility Is So Important

Why Process-to-Process Visibility Is So Important

One of the challenges in securing processes operating in cloud environments is the visibility limitations imposed either by the cloud service provider or the customer’s solution architecture. In the case of the cloud service provider, because the environment is shared by everyone who has access to that cloud service, including many thousands of their customers […]

Read More…

Stratics Networks Robocaller Database Exposed on AWS

Stratics Networks Robocaller Database Exposed on AWS

If robocalls raise your blood pressure and cause you to scream things your mother would not be proud of, you may want to avoid breakable items because now there is even MORE of a reason to be angry. Toronto-based Stratics Networks invented “ringless voicemails” which are used by telemarketers to autodial massive lists of numbers […]

Read More…

The New School of Security: Using the Cloud to Secure the Cloud

The New School of Security: Using the Cloud to Secure the Cloud

Legacy security was built on the premise of a moat; keep people and data away from the infrastructure, and they can’t attack it. Firewalls, intrusion detection systems, or intrusion prevention systems –  these tools delivered “network-centric” solutions and aimed to keep access at a safe distance. Originally, firewalls performed the task of preventing unwanted, and […]

Read More…

Millions of Facebook User records on Unprotected AWS S3 Buckets

Facebook Exposes User Data Through Unprotected AWS S3 Buckets

Two repositories of unprotected Facebook user data sitting in Amazon S3 buckets have been discovered. More than 540 million files with personal data were exposed, potentially leaking hundreds of millions of records about users, including their names, passwords, comments, interests, and likes. The data sets had been uploaded to Amazon’s cloud system by two different […]

Read More…

File Integrity Monitoring: Using Lacework’s SaaS Solution for SaaS Environments

File Integrity Monitoring: Using Lacework’s SaaS Solution for SaaS Environments

One of the critical distinctions about Lacework is in our approach. While all cloud security vendors talk about things like security posture and identification of threats, we have actually constructed a methodology that is tactically applied to finding issues, alerting on them, and preventing issues. We also realize that the best way to deliver security […]

Read More…