This week over 44,000 people traveled to Las Vegas to attend AWS re:Invent, Amazon’s largest conference of the year. I spoke to a crowd of close to 500 people on Monday about top cloud security threats, along with my co-presenter, Boyan Dimitrov, from Sixth who presented on compliance and security automation. A short overview follows. For more information, watch the video and … [Read more...]
Configuration Management to the Rescue: Patching and S3 Buckets
I recently wrote a two-part series of articles for Dark Reading on the technical and organizational challenges that make patching hard in large organizations like Equifax. The same types of issues factor into the recent rash of AWS S3 Bucket breaches I examined in a prior Secplicity blog post. In each of these scenarios, someone in the organization is responsible for updating a … [Read more...]
Carbon Black Data Leaks – A Good Reminder to Protect Keys
A security firm published a blog post today explaining how they compromised an endpoint security system. The vendor, Carbon Black, responded in a blog post explaining that this feature is off by default and customers receive a warning when they turn it on. Setting aside the topic of responsible disclosure for the moment, take a look at this statement in the research firm’s … [Read more...]
Hacking Door Locks and Car Locks (Or Anything Wireless)
When a wireless device of any kind sends data from one location to another, the device needs to protect the data just as if it was traveling over a wired network. Unfortunately, that is often not the case as several security researchers proved at Black Hat and Def Con. Tools exist that allowed the researchers to capture data traveling over different types of wireless protocols … [Read more...]
Auto-Blocking Suspicious Hosts Found in Traffic Logs
Many attackers and hosts infected with malware try to infect other hosts by scanning networks for open ports exposed to the Internet. After finding an open port, a malicious third party will attack software running on that port using known vulnerabilities. These published software flaws can cause damage or allow unauthorized access to hosts and networks. Often vendors publish … [Read more...]