Security researchers shook the industry to its core back in 2018 when they disclosed Meltdown and Spectre, two serious vulnerabilities found in virtually every computer processor. Pandora's box of processor security vulnerabilities had just been opened. One of the scariest parts is that these types of vulnerabilities are far more dangerous and effective when attackers use them … [Read more...]
2020 Security Predictions: Ransomware Targets the Cloud
Ransomware is now a billion-dollar industry for hackers, and over the last decade we’ve seen extremely virulent strains of this malware wreak havoc across all types of businesses. As with any big-money industry, ransomware will continue to evolve in order to maximize profits. In 2020, we believe ransomware will focus on the cloud. Recently, untargeted “shotgun blast” … [Read more...]
Cloud Utilization and Security
With total market capital up in the billions of dollars, it’s a no-brainer that companies want to participate in the exponential growth of cloud computing. Highlights for cloud computing include: Access is convenient - most people have Internet access nowadays, this is not to say that some don’t have access but the Internet is widely available via one mean or another … [Read more...]
Top Cloud Security Threats
This week over 44,000 people traveled to Las Vegas to attend AWS re:Invent, Amazon’s largest conference of the year. I spoke to a crowd of close to 500 people on Monday about top cloud security threats, along with my co-presenter, Boyan Dimitrov, from Sixth who presented on compliance and security automation. A short overview follows. For more information, watch the video and … [Read more...]
S3 Bucket Security: More Than ACLs and Policies
Many companies are suffering data breaches because attackers gain access to data in AWS S3 buckets. I don’t want to repeat all the news articles outlining all the S3 data breaches. A Google search will give many examples, and it seems like by the time I write this another one will be in the news. Instead, I’d like to jump to why these S3 bucket breaches are happening and how to … [Read more...]