I read with some surprise the interview with Zscaler’s CEO, Jay Chaudry, in CRN where he stated that the “network firewalls will go the way of the mainframe,” that “the network is just plumbing” and that Zscaler proxy overlay architecture will replace it with its “application switchboard.” Well, our joint history in network security teaches us a very different lesson. This is my take.
Welcome to the second DDoS threat report of 2023. DDoS attacks, or distributed denial-of-service attacks, are a type of cyber attack that aims to disrupt websites (and other types of Internet properties) to make them unavailable for legitimate users by overwhelming them with more traffic than they can handle — similar to a driver stuck in a traffic jam on the way to the grocery store.
Netskope Threat Labs is tracking phishing campaigns that are abusing several free cloud services to host their websites and collect user information. These campaigns host their phishing sites in AWS Amplify which is available to free-tier users. Some phishing campaigns also abuse Telegram and Static Forms to collect users’ credentials. These phishing attacks aim to steal banking, webmail, and Microsoft 365 credentials, as well as victims’ card payment details.
The most famous data breaches–the ones that keep security practitioners up at night–involved the leak of millions of user records. Companies have lost names, addresses, email addresses, Social Security numbers, passwords, and a wealth of other sensitive information. Protecting this data is the highest priority of most security teams, yet many teams still struggle to actually detect these leaks.
With digital transformation having taken a front seat over the past 3 years due to a global shift in how people do business, cloud reliance and breaches have skyrocketed. According to G2, half of all organizations are currently cloud native or cloud enabled. It’s not just a matter of accomplishing work, either – it’s storage for vital digital assets.
Implementing an AWS multi-account strategy is a popular approach that helps organizations to manage their cloud resources efficiently. In my previous post, I discussed our reasons for implementing an AWS multi-account strategy, our journey, and some of the benefits we gained as an organization. However, implementing this strategy can come with its fair share of challenges.