I have been investigating an incident involving two EC2 instances on AWS that were infected with ransomware, cryptocurrency miners, and other types of malware. Sounds scary, right?! Well actually, the approaches that the attackers took to get onto the hosts do not appear to be that sophisticated, and this type of attack could occur in any environment, not just in the cloud. … [Read more...]
Top Cloud Security Threats
This week over 44,000 people traveled to Las Vegas to attend AWS re:Invent, Amazon’s largest conference of the year. I spoke to a crowd of close to 500 people on Monday about top cloud security threats, along with my co-presenter, Boyan Dimitrov, from Sixth who presented on compliance and security automation. A short overview follows. For more information, watch the video and … [Read more...]
The Seattle CTO Club ~ Sharing Security Information
Yesterday I had the honor of presenting some security information at the Seattle CTO Club. I loosely based the discussion on a similar presentation I gave last week at an event for Equinox IT, a WatchGuard partner, covering the cyber security landscape and top threats businesses face. Members of the group learned common attack patterns and discussed strategies for effectively … [Read more...]
Packet Capture on AWS ~ New Solutions to Old Problems
Security professionals often attach a packet capture security appliance to a span port on hardware network equipment to capture network packets in a data center. On AWS customers do not have access to span ports and physical networking equipment. This led some security professionals to believe it is not possible to implement a packet capture solution on AWS. In fact, packet … [Read more...]
Carbon Black Data Leaks – A Good Reminder to Protect Keys
A security firm published a blog post today explaining how they compromised an endpoint security system. The vendor, Carbon Black, responded in a blog post explaining that this feature is off by default and customers receive a warning when they turn it on. Setting aside the topic of responsible disclosure for the moment, take a look at this statement in the research firm’s … [Read more...]