Cloud Security Archives - ThreatsHub Cybersecurity News

Microsoft Beefs Up Wi-Fi Protection

May 24, 2019 TH Author Cloud Security, Cryptography, Man in the Middle, Microsoft, MitM, Mobile Security, public hotspot, security notifications, tkip, Vulnerabilities, Web Security, wep, Wi-Fi security, windows 10 update, WPA2, WPA3

The Windows 10 update that’s rolling out addresses insecure Wi-Fi hotspots with new user notifications. READ MORE HERE…

Read more

Goodbye Passwords: Hello Identity Management

May 23, 2019 TH Author breach, Cloud Security, Credential and Access Management, Featured, forecast, forrester research, gartner, Government, IAM, ICAM, IDaaS, Identity and access management, identity as a service, Identity Management and Governance, IMG, IoT, PAM, Privacy, Privileged Access Management

As passwords are increasingly viewed as security liabilities, Identity Management solutions are picking up the slack. READ MORE HERE…

Read more

Sharing Threat Intelligence: Time for an Overhaul

May 20, 2019 TH Author Cloud Security, Featured, Hacks, information sharing, infosec insider, ISAC, Malware, silos, threat intelligence, tony lauro, vertical industries, Vulnerabilities, Web Security, web traffic inspection

All too often, information-sharing is limited to vertical market silos; to build better defenses, it’s time to take a broader view beyond the ISAC. READ MORE HERE…

Read more

Slack Bug Allows Remote File Hijacking, Malware Injection

May 20, 2019 TH Author Cloud Security, download hijacking, hyperlink attack, information disclosure, Malware, malware injection, patch, remote exploitation, Slack, unauthenticated user, Vulnerabilities, Vulnerability, Web Security

An attacker can supply a malicious hyperlink in order to secretly alter the download path for files shared in a Slack channel. READ MORE HERE…

Read more

ScarCruft APT Adds Bluetooth Harvester to its Malware Bag of Tricks

May 13, 2019 TH Author bluetooth harvester, campaign, Cloud Security, darkhotel overlap, espionage, information exfiltration, Malware, Mobile Security, North Korea, ROKRAT, scarcruft, Vulnerabilities, Web Security

In its latest observed campaign, there were also overlaps in victimology with the DarkHotel APT. READ MORE HERE…

Read more

Alpine Linux Docker Images Shipped for 3 Years with Root Accounts Unlocked

May 9, 2019 TH Author Alpine Docker, Alpine Linux Docker, Cloud Security, container, CVE-2019-5021, empty password in configuration file, github, Linux PAM, NULL password, Vulnerabilities, Web Security

Alpine Linux Docker images available via the Docker Hub contained a critical flaw allowing attackers to authenticate on systems using the root user and no password. READ MORE HERE…

Read more

Ladders, SkyMed Leak Employment, Medical Data for Millions

May 2, 2019 TH Author AWS, breach, Cloud Security, cloud storage, Elasticsearch, employment data, ladders, medical data, misconfiguration, personally identifiable information, Privacy, skymed

One of the misconfigured Elasticsearch databases showed evidence of a ransomware attack. READ MORE HERE…

Read more

Cisco Warns of Critical Nexus 9000 Data Center Flaw

May 2, 2019 TH Author aci, Application Centric Infrastructure (ACI) Mode Switch Software, Cisco, Cloud Security, critical flaw, CVE-2019-1804, Data Center, default ssh key pair, Editor's Picks, nexus 9000, remote attacker, SDN, software-defined networking, switch, Vulnerabilities, Vulnerability

Part of a slew of patches from the networking vendor, the CVSS 9.8 bug allows remote takeover of a vulnerable device. READ MORE HERE…

Read more

Researchers Compromise Netflix Content in Widevine DRM Hack

April 30, 2019 TH Author Cloud Security, Cryptography, DRM, Encryption, fidus, hack, Hacks, Netflix, piracy, stranger things, widevine

A bug in the popular anti-piracy framework allows a side-channel attack on premium content. READ MORE HERE…

Read more

The Next Enterprise Challenge: How Best to Secure Containers and Monolithic Apps Together, Company-wide

April 30, 2019 TH Author cloud, Cloud Security, container security, devops, Docker, Kubernetes, Security, serverless

Submitted by: Adam Boyle, Head of Product Management, Hybrid Cloud Security, Trend Micro When it comes to software container security, it’s important for enterprises to look at the big picture, taking into account how they see containers effecting their larger security requirements and future DevOps needs. Good practices can help security teams build a strategy that…
The post The Next Enterprise Challenge: How Best to Secure Containers and Monolithic Apps Together, Company-wide appeared first on . Read More HERE…

Read more

← Previous