Cloud Security

Pro-Ocean cryptojacking malware targets cloud applications

A new Pro-Ocean cryptojacking malware targets popular cloud applications including ApacheMQ, Oracle Weblogic and Redis. The malware contains four modules that execute to hide, mine cryptocurrency, watchdog and infect systems.

Pro-Ocean cryptojacking malware targets cloud applications Read More »

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers

Security firm FireEye has published new Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers, also known as UNC2452.

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers Read More »

CISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated)

The Cybersecurity and Infrastructure Security Agency (CISA) has warned the recent compromise by threat actors of SolarWinds poses a ‘grave risk’ to critical infrastructure, government and private sector organizations.

CISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated) Read More »

GADOLINIUM threat actors use cloud services and open source tools in cyberattacks

Security experts from Microsoft have observed a cyber threat actor dubbed GADOLINIUM that uses new attack techniques via cloud services and open source tools.

GADOLINIUM threat actors use cloud services and open source tools in cyberattacks Read More »

Guidance for CISOs to improve remote worker security, free access to small business online collaboration tools

In the wake of Coronavirus / COVID-19 pandemic, Microsoft has issued sound guidance for security leaders to improve remote worker security. Tech companies are also offering small businesses free access to online collaboration tools during the outbreak.

Guidance for CISOs to improve remote worker security, free access to small business online collaboration tools Read More »

NSA: Guidance to mitigate cloud vulnerabilities

The National Security Agency (NSA) has released guidelines to help organizations mitigate cloud vulnerabilities. The NSA document includes four classes of vulnerabilities at most risk to threat actors.

NSA: Guidance to mitigate cloud vulnerabilities Read More »