Cloud Security News Cloud Security Podcast Team
-
- News
Your weekly digest of what you need to know in the world of Cloud Security. We do the hard work for you, so you are always across the important bits.
Brought to you by the team behind the much loved Cloud Security Podcast
-
Vulnerabilities discovered in AWS, GCP and Azure
Cloud Security News this week 26 Jan 2023
To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/
Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News
Nick Frichette has reported a vulnerability that impacts Cloud Trail event logging service. Cloudtrail is what users use in AWS to monitor their API activity so that they can detect any suspicious activity and understand the impacts after a security event. The vulnerability discovered that there is a method to bypass CloudTrail logging for specific IAM API requests via undocumented APIs. . You can read more about this vulnerability here
Duo Sreeram KL and Sivanesh Ashok found a SSRF Vulnerability in GCP, which when exploited could make users click onto a malicious URL allowing attacks to gain control of an authorisation token and the user’s GCP projects.
CircleCI delivered and have released an incident report which details what happened, how to know if you were impacted, what may help your teams, what they learnt and what they will do next.
Corsha, which is API Identity and Access Management software company has released a report - It’s Time To Get Honest About Secrets Management Corsha State of API Secrets Management Report, 2023.
Orca security have reported that they found instances where different services were vulnerable to a (you guessed it) Server Side Request Forgery (SSRF) attack. They shared that 2 of the vulnerabilities did not require authentication, meaning that they could be exploited without even having an Azure account.The vulnerabilities were found in Azure Twin Explorer, Azure Functions, Azure API Management Service and Azure Machine Learning Service. You can read their blog here to find out more
Techcrunch has reported this week that Dell has acquired an israeli cloud orchestration startup Cloudify for allegedly $100M. Cloudify helps with the management of containers and workloads across hybrid environments. Dell has not publically mad this announcement but Techcrunch has shared that they notice a form they have lodged to indicate this. -
Amazon S3 encrypts by default and The CircleCI Breach
Cloud Security News this week 14 Jan 2023
To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/
Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News
According to recent study published by IEEE which I found interesting (which is the Institute of Electrical and Electronics Engineers around since 1963 apparently), “cloud computing (40%), 5G (38%), metaverse (37%), electric vehicles (EVs) (35%), and the Industrial Internet of Things (IIoT) (33%) will be the five most important areas of technology of 2023”
Late December, a security engineer at CircleCI received an email notification about a potential attack on his CircleCI account thanks to an AWS CanaryToken placed by him. On Jan 4th, CircleCI advised to rotate any and all secrets stored in CircleCI and published a blog outlining the various ways to do it.
AWS announced on 5 Jan 2023, that Amazon S3 will now automatically apply server-side encryption for each new object. This has been welcomed by AWS users as a good compliance tick and also would assist with those pesky S3 bucket breaches which are still all too common.
Unit 42 researchers from Palo Alto Networks recently released a report about Automated Libra, the cloud threat actor behind the freejacking campaign PurpleUrchin, reporting that they had created more than 130,000 accounts on free or limited-use cloud platforms such as Heroku and GitHub.
Google has released reports sharing that API endpoints are increasing under attack mostly (no surprises here) due to API misconfigurations. According to their reports, many companies are intending to expand their real-time monitoring of API servers and using (AI/ML) systems to better discover flaws and detect attacks. -
New Cloud Vulnerability Database + Another Misconfigured S3 Bucket
Cloud Security News this week 14 July 2022
To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/
Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News -
Dell Embraces Multi-cloud + Hackers use stolen OAuth
Cloud Security News this week 11 May 2022
Brought to you this week by JupiterOne
To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/
Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News -
AWS Security Hub releases 5 new controls + Latest with Spring4shell
Cloud Security News this week 12 April 2022
Brought to you this week by Teleport
To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/
Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News -
What is Spring4shell? + Should we be concerned?
Cloud Security News this week 30 March 2022
To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/
Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News