Cloud Security This Week – September 28, 2018
New from Lacework
A roundup of three major cybersecurity breaches. This is becoming common, and not just for people who live the world of cybersecurity. It’s a harbinger of our connected world, and one that keeps delivering headlines.
Webcast replay that explains how to:
- Assess your AWS configuration for compliance and security best practices
- Ensure the protection of AWS accounts and S3 buckets
- Continuously monitor your workloads
From inability to scale, to creation of false positives, and limits on file integrity monitoring, here are ten reasons why VPC flow logs just won’t keep your cloud secure.
Because clouds are dynamic and operate at a blindingly fast pace you need as much insight as you can get in order to recognize where threats are, what they are, and to get some context about how they can hurt you. Once you do that, you’re on your way to knowing what’s known and having an idea that you might not know what you don’t know.
News and Perspectives on Cloud Security
Cybersecurity is “job one” for businesses, consumers and governments around the world today, and technology companies are “the first line of defense,” according to Microsoft president Brad Smith.
A 37-year-old man from Latvia was sentenced to 14 years in prison for facilitating cybercrime by creating and running a service named Scan4You that allowed malware authors to check the detection rates of their malicious code. Scan4You is what security researchers and malware authors refer to as a “counter-anti-virus” or a “no-distribute-scanner.”
It is being reported that data potentially belonging to thousands of Canadians allegedly made its way onto buy-and-sell website Craigslist. The information was contained on servers and hard drives formerly owned by Vancouver-based computer retailer NCIX.
Two major international ports fell victim to cyber-attacks within the span of a week, putting the shipping industry on alert for a possible threat actor targeting the entire sector.