Technology

Cloud Threats Memo: State-sponsored Threat Actors Continue to Abuse Legitimate Cloud Services

Dec 19, 2022 By Paolo Passeri In Netskope

Threat actors exploiting cloud services are keeping me very busy in these final days of this troubled 2022. The main character of this Cloud Threats Memo is MuddyWater (also known as Earth Vetala, MERCURY, Static Kitten, Seedworm, and TEMP.Zagros), one of the most prolific cyber espionage groups, active since at least 2017, and believed to be a subordinate element within Iran’s Ministry of Intelligence and Security (MOIS).

Read Post

Netskope

Read more about Cloud Threats Memo: State-sponsored Threat Actors Continue to Abuse Legitimate Cloud Services

CrowdStrike Cloud Infrastructure Entitlement Management (CIEM)

Dec 19, 2022 By CrowdStrike In CrowdStrike

Identity theft and overly permissive accounts are major challenges faced by organizations in public and hybrid cloud environments. Learn how CrowdStrike Cloud Identity and Entitlement Management (CIEM) can increase the security of your cloud infrastructure while simplifying management across clouds.

View Video

CrowdStrike

Read more about CrowdStrike Cloud Infrastructure Entitlement Management (CIEM)

Cloud Native Security - A Complete Overview

Dec 19, 2022 By Cyber Security Journal In SSL2BUY

As the need for a new security strategy grows, we use cloud-native security platforms (CNSP). Cloud services like containers, serverless security, platform as a service (PaaS), and microservices are the building blocks of cloud-native architectures. Because these services are loosely coupled- that is, they are not hardwired to any infrastructure components developers can frequently make changes without harming other parts of the application or other team members’ projects.

Read Post

SSL2BUY

Read more about Cloud Native Security - A Complete Overview

Lateral Movement with CrackMapExec: A Tutorial

Dec 16, 2022 By Joe Dibley In Netwrix

CrackMapExec is an open-source tool that leverages Mimikatz to enable adversaries to harvest credentials and move laterally through an Active Directory environment. This blog post details how this tool works and offers a solution for defending against it.

Read Post

Netwrix

Read more about Lateral Movement with CrackMapExec: A Tutorial

Webinar: Introduction To Cloud Security & IAM Policy Configuration Level Review

Dec 15, 2022 By Appknox In Appknox

Through this webinar, we aim to help enterprises & individuals understand about cloud security and I-AM policy can play a role to build safe and secure mobile apps that garner trust. It will help you to prevent sensitive data loss and infrastructure exposure, resulting in fraud, reputation damage, and regulatory penalties.

View Video

Appknox

Read more about Webinar: Introduction To Cloud Security & IAM Policy Configuration Level Review

Snyk in 30: Open source security for Atlassian Bitbucket Cloud

Dec 15, 2022 By Marco Morales In Snyk

In our latest Snyk in 30, Jason Lane (Director of Product Marketing) and I (Marco Morales, Partner Solutions Architect) showcased Snyk Open Source with a focus on our integration with Bitbucket Cloud. They covered why open source security is vital for modern app development, along with tips on taking a holistic approach to application security that goes beyond just shifting left.

Read Post

Snyk

Read more about Snyk in 30: Open source security for Atlassian Bitbucket Cloud

Cloudflare Security Analytics, WAF Attack Score, and Uploaded Content Scanning

Dec 14, 2022 By Cloudflare In Cloudflare

Cloudflare Security Analytics, WAF Attack Score, and Uploaded Content Scanning further enhance Cloudflare security and WAF capabilities. Security Analytics brings together all Cloudflare security detection capabilities in one place to show a detailed understanding of a site's traffic and threats. WAF Attack Score via machine learning scores every request with a probability of it being malicious. Uploaded Content Scanning scans content being uploaded to your application for malicious content.

View Video

Cloudflare

Read more about Cloudflare Security Analytics, WAF Attack Score, and Uploaded Content Scanning

Defragging database security in a fragmented cloud world

Dec 14, 2022 By Chas Clawson In Sumo Logic

Security can often be distilled down to protecting data. And with microservice-driven applications, the approach to cloud database security has evolved quite dramatically. Beyond just securing data in the cloud, it’s now also difficult to know where the data resides, where the data is flowing, and how this data should be classified.

Read Post