Cloud Security - Securezoo

Threat actor deploys malicious OAuth apps on compromised cloud tenants to spread spam

Access Control, Authentication, Cloud Security, Cybersecurity Attacks, Messaging Security / By Frank Crast / September 25, 2022 September 25, 2022 / AAD, Cloud, MFA, Microsoft, Oauth

Microsoft has been monitoring a threat actor deploying malicious OAuth apps on compromised cloud tenants to spread spam.

Report: Linux malware and cloud misconfigurations top cybersecurity threats

Cloud Security, Container Security, Cybersecurity Attacks, Malware / By Frank Crast / September 5, 2022 September 5, 2022 / BlackCat, Cheerscrypt, Cloud, Containers, Conti, ESXi, Linux, LockBit, LockBit 2.0, MaaS, malware, RaaS, Ransomware, Trend Micro

A new report published by Trend Micro revealed that Linux malware and cloud misconfigurations make up some of the top cybersecurity threats facing organizations over the first half of 2022.

Microsoft exposes and disables Polonium activity targeting Israeli organizations

Cloud Security, Cybersecurity Attacks / By Frank Crast / June 7, 2022 June 7, 2022 / CreepyBox, CreepyDrive, CVE-2018-13379, Iran, Lebanon, Microsoft, MOIS, MSTIC, OneDrive, Polonium

Microsoft has exposed and disabled a Lebanon-based Polonium cyber activity targeting Israeli organizations.

Denonia malware targets AWS Lambda

Cloud Security, Cybersecurity Attacks, Malware / By Frank Crast / April 8, 2022 April 8, 2022 / AWS, Cado Labs, Cryptocurrency, Cryptomining, Denonia, Lambda, XMRig

A first of its kind malware dubbed Denonia has been targeting Amazon Web Services (AWS) Lambda, an event-driven, serverless computing platform.

cyber security, internet, hacking-3400555.jpg

DevSecOps best practices to secure cloud-native and microservices-based applications

Application Security, Cloud Security, Configuration Management, Cybersecurity Articles, Vulnerabilities & Exploits / By Frank Crast / March 12, 2022 March 13, 2022 / CI/CD, Cloud, Cybersecurity Threat Center, DevOps, DevSecOps, NIST, Service Mesh, SP 800-204C

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-204C “Implementation of DevSecOps for a Microservices-based Application with Service Mesh.” The guidelines include many best practices on how organizations and secure their CI/CD pipeline and enhance the software delivery processes.

NIST SP 800-204C: Implementation of DevSecOps for a Microservices-based Application with Service Mesh

Application Security, Cloud Security, Configuration Management, Standards & Guidelines / By Frank Crast / March 8, 2022 March 26, 2022 / DevSecOps, NIST, SP 800-204C

he National Institute of Standards and Technology (NIST) has issued the NIST SP 800-204C “Implementation of DevSecOps for a Microservices-based Application with Service Mesh.”

CISA: Take these urgent steps to protect your organization against potential critical cybersecurity threats

Cloud Security, Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / January 20, 2022 January 20, 2022 / CISA, Cloud, Cybersecurity Threat Center, MFA

The Cybersecurity and Infrastructure Security Agency (CISA) has published a new CISA Insights guideline document with steps organizations can take against potential critical cybersecurity threats.

Microsoft issues new guidance on OMI vulnerabilities within Azure VM Management extensions

Cloud Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / September 18, 2021 September 18, 2021 / Azure, Cloud, CVE-2021-38645, CVE-2021-38647, CVE-2021-38648, CVE-2021-38649, Microsoft, OMI, PaaS

Microsoft has published new guidance on Open Management Infrastructure (OMI) vulnerabilities within Azure virtual management (VM) Management extensions.

Pro-Ocean cryptojacking malware targets cloud applications

Cloud Security, Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / February 1, 2021 February 1, 2021 / ApacheMQ, CVE-2016-3088, CVE-2017-10271, Mining, Oracle Weblogic, Pro-Ocean, rootkit, Unit 42, Watchdog, WebLogic

A new Pro-Ocean cryptojacking malware targets popular cloud applications including ApacheMQ, Oracle Weblogic and Redis. The malware contains four modules that execute to hide, mine cryptocurrency, watchdog and infect systems.

SQL Server malware “MrbMiner” attacks

Cloud Security, Cybersecurity Attacks, Malware, Network Security / By Frank Crast / January 25, 2021 February 1, 2021 / Cryptocurrency, Cryptomining, Database, MrbMiner, SQL Server

Security researchers have identified the source of a SQL Server malware “MrbMiner” attacks allegedly tied to an Iranian software firm.