Security news that informs and inspires

Archive

18 results for tag Cloud:

Thousands of SaltStack Servers Patched, But Many Still Vulnerable

The number of servers vulnerable to the CVE-2020-11651 SaltStack flaw has dropped considerably, but several thousand are still unpatched.

Cloud

SaltStack Flaw Used in Numerous Attacks

Attackers are exploiting the CVE-2020-11651 flaw in SaltStack Salt to install coinmining scripts on exposed servers.

Cloud

BeyondProd Lays Out Security Principles for Cloud-Native Applications

First, it was Beyond Corp, to shift security away from the perimeter and onto individual users and devices. Now it is BeyondProd, to apply zero-trust principles to cloud-native applications and workloads that rely on microservices and communicate primarily over APIs.

Cloud, Containers, Google

AWS Adds New Protections Against SSRF, Other Web App Attacks

The new AWS IMDSv2 security feature mitigates common attacks that take advantage of SSRF, open WAFs, and open layer 3 firewalls.

Aws Security, Cloud

AWS Promises to Scan for Misconfigured Servers

Amazon Web Services will now scan customer environments for potentially misconfigured servers in the wake of Capital One's data breach. Even though many of these cloud-based data breaches weren't the fault of cloud service providers, many are stepping up to detect problems before they become security incidents.

Cloud, Amazon