A prior Secplicity blog post explored the potential of cloud security. Automation is one of the most important reasons to move applications to the cloud. By design, third-party cloud platforms can automate manual tasks to deploy, monitor and maintain systems. The AWS Architecting for the Cloud whitepaper explains best practices for cloud applications driven by automation. How … [Read more...]
Search Results for: automation
Azure Linux VMs Vulnerable Due to Pre-Installed Agents
Update 1: OMI agent is not installed on Azure FireboxV/Cloud instances (September 17th, 2021): We reviewed our FireboxV/Cloud instance for Azure and confirmed that the OMI agent cannot be installed on the image. We recommend reviewing the additional guidance Microsoft published on September 16th, 2021 for securing the OMI affected resources/tools. Original Post … [Read more...]
Supply Chain Attacks Through an IDE
David Dworken, a Google security researcher, presented a recent Defcon talk about how he found over 30 vulnerabilities in various Integrated Development Environments (IDEs) over the course of a few months of research. Many believe that source code on its own is benign as long as you don’t compile and run it, but as Dworken proved, simply loading code into an IDE can cause … [Read more...]
Securing Industry 4.0: Four Danger Zones and How to Protect Them
Implementing reliable security across increasingly complex company networks has become a daunting task for IT teams in the manufacturing sector. Malicious hackers are constantly coming up with newer and nastier ways to infiltrate even the smartest industrial technologies. According to recent research from IBM, destructive cyberattacks capable of rendering victim systems … [Read more...]
Security Researcher Track: 103
As a security researcher, there are many things to keep in mind when conducting “daily routines,” if such a thing even exists. The computer science industry and related technologies are vast and nearly bottomless, there is just so much to learn that being able to cover everything wouldn’t really be realistic. Don’t get me wrong, strive to learn all that you can, but working on … [Read more...]