Cloud Security Archives - ThreatsHub Cybersecurity News

ThreatList: Remote Workers Threaten 1 in 3 Organizations

March 25, 2019 TH Author Cloud Security, it department, Mobile Security, Most Recent ThreatLists, openvpn survey, password manager, poll, remote work policies, remote worker requirements, remote workers, risk, security incidents, Web Security

More than one-third of surveyed organizations (36 percent) said they have experienced a security incident because of a remote worker’s actions. READ MORE HERE…

Threatpost

Zero-Days in Counter-Strike Client Used to Build Major Botnet

March 14, 2019 TH Author belonard, botnet, Cloud Security, counter-strike, Malware, proxy servers, Trojan, version 1.6, Vulnerabilities, Zero-days

A full 39 percent of Counter-Strike 1.6 game servers on Steam were found to be malicious. READ MORE HERE…

Threatpost

Researcher Claims Iranian APT Behind 6TB Data Heist at Citrix

March 11, 2019 TH Author breach, citrix, Cloud Security, data breach, Hacks, iranian apt, iridium, network compromise, password spray, resecurity

IRIDIUM is an APT that uses proprietary techniques to bypass two-factor authentication for critical applications, according to security firm Resecurity. READ MORE HERE…

Threatpost

Citrix Falls Prey to Password-Spraying Attack

March 8, 2019 TH Author breach, citrix, Cloud Security, FBI, Hacks, internal network compromise, international cyberattack, password spraying

International cybercriminals likely exploited weak passwords on an internal network, the FBI said. READ MORE HERE…

Threatpost

‘Cloudborne’ IaaS Attack Allows Persistent Backdoors in the Cloud

February 26, 2019 TH Author bare metal, bmc firmware, Cloud Security, cloud servers, cloudborne, eclypsium, iaas, ibm softlayer, persistent backdoor, ransomware attacks, server reclamation, Vulnerabilities, Vulnerability

A known vulnerability combined with a weakness in bare-metal server reclamation opens the door to powerful, high-impact attacks. READ MORE HERE…

Threatpost

ThreatList: Latest DDoS Trends by the Numbers

February 7, 2019 TH Author Big Data, botnet, Chalubo, Cloud Security, crypto currency, DDoS, demonbot, Distributed Denial of Service, distributed denial of service attack, Hadoop, http flood, IoT, Kaspersky Lab, Malware, Mirai, Most Recent ThreatLists, Torii botnet, UDP Flood, Web Security

Trends in DDoS attacks show a evolution beyond Mirai code and point to next-gen botnets that are better hidden and have a greater level of persistence on devices – making them “far more dangerous.” READ MORE HERE…

Threatpost

What are Data Manipulation Attacks, and How to Mitigate Against Them

February 6, 2019 TH Author business data integrity, Cloud Security, data integrity, Data Manipulation, Data Manipulation Attack, endpoint protection, endpoint visibility, Hacks, infosec insider, MITRE ATT&CK Framework, supply chain attack, Tesla

Hackers don’t always steal data. Sometimes the goal is to manipulate the data to intentionally trigger external events that can be capitalized on. READ MORE HERE…

Threatpost

2019 Already Marred By Slew of Data Breach Incidents

January 31, 2019 TH Author breach, city of st. john, Cloud Security, credit card skimmer, data breach, discover card, Hacks, Malware, misconfigured server, parking system, Privacy, rubrik, state bank of india, third party system

So far, 2019 shows no signs of a decline in data incidents. READ MORE HERE…

Threatpost

Fighting Fire with Fire: API Automation Risks

January 24, 2019 TH Author Access Control Lists, ACLs, API Automation, API keys, Certificate Transparency logs, Cloud Security, DNS queries, Fierce.pl, Gitrob, infosec insider, JSON, OAuth token, SSL certificates, TLS cert, WAF inspection, Web Security, xml

A look at API attack trends such as the current (and failing) architectural designs for addressing security of these API transactions. READ MORE HERE…

← Previous