Cloud Security Archives - Page 3 of 4

Zoom patches vulnerability that could allow eavesdropping

Cloud Security, Messaging Security, Password Management, Security Updates & Patches, Uncategorized, Vulnerabilities & Exploits / By Frank Crast / January 28, 2020 / Checkpoint, Cloud, eavesdropping, Meeting ID, Password, Vulnerabilities, Zoom

Remote conferencing service company, Zoom, has patched a vulnerability that could allow a bad actor to eavesdrop on your company’s online meetings.

Adobe Creative Cloud database exposed over 7 million user records

Cloud Security, Configuration Management, Data Breach, Password Management / By Frank Crast / October 29, 2019 / Creative Cloud, ElasticSearch

Security researchers discovered an unsecured Adobe Creative Cloud Elasticsearch database that exposed nearly 7.5 million user records.

Top 3 AWS security configuration mistakes

Cloud Security, Cybersecurity Articles, Server Security, System Hardening / By Frank Crast / September 21, 2019 / Amazon, AWS, botnet, Cloud, DevOps, GoldBrute, GoScanSSH, Palo Alto Networks, Port 22, Port 3389

Cloud security experts from Palo Alto Networks have warned about three critical misconfigurations that are most common in most organizations and have contributed to the majority of cloud attacks.

Office 365 third-party risks and configuration guidance

Cloud Security, Configuration Management, Cybersecurity Articles, Third-Party Security, Vulnerabilities & Exploits / By Frank Crast / May 21, 2019 / CISA, Cloud, O365, Office 365, third party

A new security report highlights some of the risks organizations face when moving to the cloud and potential configuration vulnerabilities.

Crypto miners exploit vulnerable Docker hosts

Application Security, Cloud Security, Vulnerabilities & Exploits / By Frank Crast / March 5, 2019 / API, CVE-2019-5736, Docker, Imperva

Security researchers from Imperva have found thousands of Docker hosts exposed to a new vulnerability and exposed remote Docker API. The new research describes the threat along with sample scripts and what can be done about it.

Online casino data leak exposes 108 million bets, personal data

Cloud Security, Data Breach, Data Privacy / By Frank Crast / January 21, 2019 / Casino, Data Breach, ElasticSearch, Privacy

A massive data leak from an ElasticSearch server has exposed information on over 108 million bets, as well as personal information, deposits and withdrawals. The server was not configured with any password or authentication required to protect the data.

Nearly 800M email records exposed in massive data breach

Cloud Security, Data Breach, Password Management / By Frank Crast / January 17, 2019 / Cloud, Collection 1, Database, email, MEGA, passwords, Troy Hunt

A massive data breach dubbed “Collection #1” exposed nearly 800 million email addresses and millions of passwords. Security expert Troy Hunt was alerted of the leaked data made available for free download from popular MEGA cloud storage service. The data consisted of over 12,000 separate files and more than 87GB of data.