Over half a million highly sensitive legal and financial documents have been leaked online by a US loans company after another cloud configuration error. Security researchers at vpnMentor led by Noam Rotem found the database in an unsecured Amazon Web Services (AWS) S3 bucket at the end of December. It…
Recognize anybody you know? (Anonymized) photos leaked from PhotoSquared’s unsecured S3 bucket IMAGE: vpnMentor No, likely not. No thanks to the leaky photo app they dribbled out of for that, though. After coming across thousands of photos seeping out of an unsecured S3 storage bucket belonging to a photo app…
Security experts are warning that widespread Docker registry misconfigurations could be exposing countless organizations to critical data theft and malicious attacks. Palo Alto Networks’ Unit 42 research group focused on one of the most popular platforms around for managing containers. Docker registries are servers designed to store and organize the…
Tens of thousands of cannabis users in the US have had their personal information leaked by a misconfigured cloud bucket, according to researchers. Over 85,000 files including more than 30,000 records with sensitive personally identifiable information (PII) were exposed when software firm THSuite apparently left an Amazon Web Services (AWS)…
A digital consultancy has accidentally leaked the personal details of thousands of US defense contractor employees after yet another misconfiguration of cloud infrastructure, it has emerged. Washington DC-based IMGE accidentally exposed the names, phone numbers, home and email addresses of more than 6000 Boeing staff, according to The Daily Beast….
The European Union Agency for Cybersecurity (ENISA) today published a report containing recommendations to establish an EU-wide cybersecurity certification scheme for cloud service providers. The report was created by the Cloud Service Provider Certification Working Group (CSPCERT WG) at the request of the European Commission. Instead of proposing a completely new certification…
Third-party libraries, container components and even remote workers represent a major supply chain risk to organizations as they head into a new decade, according to Trend Micro. The security giant’s new 2020 predictions report, The New Norm, warned of a growing cloud attack surface, as hackers focus their efforts on…
A new study has found that more than half of organizations believe detecting insider threats is harder following migration to the cloud. The 2020 Insider Threat Report published today found that a lack of visibility into anomalous activity, especially in the cloud, and manual SIEM workloads have increased the risk of insider…
Adobe has become the latest company to be caught leaving an Elasticsearch database full of customer data exposed on the internet. Discovered on 19 October by data hunter Bob Diachenko and security company Comparitech, the unsecured database contained the email addresses of nearly 7.5 million customers of Adobe’s Creative Cloud,…
Trend Micro has announced the acquisition of Australian start-up Cloud Conformity, in a deal which will see it expand its cloud security portfolio to include mitigations for customer misconfigurations. Following the reported $70m deal, Trend Micro is offering the Cloud Security Posture Management (CSPM) company’s solution immediately to its global…
Researchers have discovered another unsecured Elasticsearch database, this time exposing data on thousands of travelers including US military and government employees. The research team at vpnMentor discovered the online database hosted on AWS infrastructure, on September 13. It belonged to Autoclerk, a reservations management system now owned by hotel chain…
Microsoft is a mercurial company that often changes the name of a product for no obvious good reason. That only partly explains why the solution now known as OneDrive has previously been called Windows Live Folders, Windows Live SkyDrive and just plain SkyDrive. It changed to OneDrive in 2014 after…
10/8/2019 REDWOOD SHORES, Calif. — Oracle today announced plans to hire nearly 2,000 employees worldwide to work on its growing Oracle Cloud Infrastructure business. The new roles, which include software development, cloud operations, and business operations, will support…
REDWOOD SHORES, Calif., Oct. 8, 2019 /PRNewswire/ — Oracle today announced plans to hire nearly 2,000 employees worldwide to work on its growing Oracle Cloud Infrastructure business. The new roles, which include software development, cloud operations, and business operations, will support Oracle’s rapidly expanding infrastructure customer base, and come as…
Interacting with your Google Cloud Platform can be done from the Linux terminal window. How to install Google Cloud SDK on Linux for easy remote access to your Google Cloud Platform Interacting with your Google Cloud Platform can be done from the Linux terminal window. If you’ve dipped your toes…
Oracle today announced plans to hire nearly 2,000 employees worldwide to work on its growing Oracle Cloud Infrastructure business. The new roles, which include software development, cloud operations, and business operations, will support Oracle’s rapidly expanding infrastructure customer base, and come as the company rolls out new product innovations and…
A new global study from Thales and the Ponemon Institute has exposed a disparity between the rapid growth of data stored in the cloud and organizations’ approaches to cloud security. The firms surveyed more than 3000 IT and IT security practitioners in Australia, Brazil, France, Germany, India, Japan, the UK…
A hacking group that appears to be linked to the Iranian government attempted to break into US President Donald Trump’s re-election campaign but were unsuccessful, sources familiar with the operation told Reuters on Friday. Microsoft Corp said earlier on Friday in a blog post that it saw “significant” cyber activity…
This year’s Carbon Black Connect cyber security conference, held in London last week, had a little something for everyone. While keynote speeches were devoted to how the cloud will “revolutionise” the way IT security is delivered to end-user customers, delegates heard elsewhere how a change of perception about who hackers…
As it has emerged over the past few years, the cloud has really revolutionized business and allowed us to do amazing things with web-delivered technologies. However, one of the biggest issues around the cloud has always been, and still is, cybersecurity. (Read The Truth About Cybersecurity.) The cloud brings with…
