I have been investigating an incident involving two EC2 instances on AWS that were infected with ransomware, cryptocurrency miners, and other types of malware. Sounds scary, right?! Well actually, the approaches that the attackers took to get onto the hosts do not appear to be that sophisticated, and this type of attack could occur in any environment, not just in the cloud. … [Read more...]
Top Cloud Security Threats
This week over 44,000 people traveled to Las Vegas to attend AWS re:Invent, Amazon’s largest conference of the year. I spoke to a crowd of close to 500 people on Monday about top cloud security threats, along with my co-presenter, Boyan Dimitrov, from Sixth who presented on compliance and security automation. A short overview follows. For more information, watch the video and … [Read more...]
S3 Bucket Security: More Than ACLs and Policies
Many companies are suffering data breaches because attackers gain access to data in AWS S3 buckets. I don’t want to repeat all the news articles outlining all the S3 data breaches. A Google search will give many examples, and it seems like by the time I write this another one will be in the news. Instead, I’d like to jump to why these S3 bucket breaches are happening and how to … [Read more...]
The Seattle CTO Club ~ Sharing Security Information
Yesterday I had the honor of presenting some security information at the Seattle CTO Club. I loosely based the discussion on a similar presentation I gave last week at an event for Equinox IT, a WatchGuard partner, covering the cyber security landscape and top threats businesses face. Members of the group learned common attack patterns and discussed strategies for effectively … [Read more...]
Packet Capture on AWS ~ New Solutions to Old Problems
Security professionals often attach a packet capture security appliance to a span port on hardware network equipment to capture network packets in a data center. On AWS customers do not have access to span ports and physical networking equipment. This led some security professionals to believe it is not possible to implement a packet capture solution on AWS. In fact, packet … [Read more...]
