Cloud Security Archives - Page 3 of 4

Zoom patches vulnerability that could allow eavesdropping

Cloud Security, Messaging Security, Password Management, Security Updates & Patches, Uncategorized, Vulnerabilities & Exploits / Frank Crast / January 28, 2020 / Checkpoint, Cloud, eavesdropping, Meeting ID, Password, Vulnerabilities, Zoom

Remote conferencing service company, Zoom, has patched a vulnerability that could allow a bad actor to eavesdrop on your company’s online meetings.

Zoom patches vulnerability that could allow eavesdropping Read More »

Adobe Creative Cloud database exposed over 7 million user records

Cloud Security, Configuration Management, Data Breach, Password Management / Frank Crast / October 29, 2019 / Creative Cloud, ElasticSearch

Security researchers discovered an unsecured Adobe Creative Cloud Elasticsearch database that exposed nearly 7.5 million user records.

Adobe Creative Cloud database exposed over 7 million user records Read More »

Top 3 AWS security configuration mistakes

Cloud Security, Cybersecurity Articles, Server Security, System Hardening / Frank Crast / September 21, 2019 / Amazon, AWS, botnet, Cloud, DevOps, GoldBrute, GoScanSSH, Palo Alto Networks, Port 22, Port 3389

Cloud security experts from Palo Alto Networks have warned about three critical misconfigurations that are most common in most organizations and have contributed to the majority of cloud attacks.

Top 3 AWS security configuration mistakes Read More »

Office 365 third-party risks and configuration guidance

Cloud Security, Configuration Management, Cybersecurity Articles, Third-Party Security, Vulnerabilities & Exploits / Frank Crast / May 21, 2019 / CISA, Cloud, O365, Office 365, third party

A new security report highlights some of the risks organizations face when moving to the cloud and potential configuration vulnerabilities.

Office 365 third-party risks and configuration guidance Read More »

Crypto miners exploit vulnerable Docker hosts

Application Security, Cloud Security, Vulnerabilities & Exploits / Frank Crast / March 5, 2019 / API, CVE-2019-5736, Docker, Imperva

Security researchers from Imperva have found thousands of Docker hosts exposed to a new vulnerability and exposed remote Docker API. The new research describes the threat along with sample scripts and what can be done about it.

Crypto miners exploit vulnerable Docker hosts Read More »

Online casino data leak exposes 108 million bets, personal data

Cloud Security, Data Breach, Data Privacy / Frank Crast / January 21, 2019 / Casino, Data Breach, ElasticSearch, Privacy

A massive data leak from an ElasticSearch server has exposed information on over 108 million bets, as well as personal information, deposits and withdrawals. The server was not configured with any password or authentication required to protect the data.

Online casino data leak exposes 108 million bets, personal data Read More »

Nearly 800M email records exposed in massive data breach

Cloud Security, Data Breach, Password Management / Frank Crast / January 17, 2019 / Cloud, Collection 1, Database, email, MEGA, passwords, Troy Hunt

A massive data breach dubbed “Collection #1” exposed nearly 800 million email addresses and millions of passwords. Security expert Troy Hunt was alerted of the leaked data made available for free download from popular MEGA cloud storage service. The data consisted of over 12,000 separate files and more than 87GB of data.

Nearly 800M email records exposed in massive data breach Read More »

AWS S3 error exposes data on 31K GoDaddy servers

Cloud Security, Configuration Management, Identity & Access Management / Frank Crast / August 10, 2018 / Amazon, AWS, Cloud, configuration management, GoDaddy, S3, server

Cybersecurity firm UpGuard has discovered an error in Amazon AWS bucket configuration that led to the exposure of internal GoDaddy infrastructure data.

AWS S3 error exposes data on 31K GoDaddy servers Read More »