Cloud Security News, Articles and Updates

Wide open Apache Airflow server at Universal Music Group contractor exposes FTP, SQL, AWS credentials

Researchers at the Kromtech Security Center, who discovered the unprotected server, said that because Airflow is wide open by default, organizations need to take steps to safeguard servers.

TeenSafe app exposes data on more than 10K accounts

Anyone who ran across the exposed server could access Apple IDs, user ID and passwords stored in plaintext.

GDPR: It's (just about) here

Like many college students who cram the night before a test - and some writers who test the limits of their editors' patience with their procrastination - many companies have pushed off GDPR compliance, believing either it doesn't apply to them, it's too costly or overwhelming or they can afford to wait and see just how serious regulators are about admonishing and fining companies who falter on privacy. Big mistake.

Fitbit teams up with Google

Fitbit and Google have inked a deal that will have the fitness device vendor upload data to Google's Cloud Healthcare API to it can be made accessible by healthcare providers.

SCOTUS dropped Microsoft case citing passage of CLOUD Act, but questions remain

The federal government and Microsoft have clashed for years after the U.S. asked for access to the emails belonging to one individual linked to a narcotics investigation back in December 2013 and stored on a server in Ireland.

Microsoft adds ransomware protection, recovery tools to Office 365

Microsoft has rolled out a series of new tools to protect its Office 365 Home and 365 Personal customers from a variety of cyberthreats, including ransomware.

5 Questions to ask cloud services providers about security

Ask prospective cloud servers these five questions germane to security.

Multiple vulnerabilities including remote execution spotted in WDMyCloud products

A GulfTech researcher spotted multiple vulnerabilities In Western Digital's MyCloud products, some of which could lead to remote code execution and unauthorized access.

Cloud-based docs the new frontier for phishing attacks

Ever on the lookout for a new avenue of attack, cybercriminals had figured out a method of using Google App Scripts to automatically download malware hosted in Google drive to any computer.

The professional cybersecurity groups

As cybersecurity has grown in importance within organizations, professional development has become a greater priority. These groups stand out as they educate and elucidate.

National Credit Federation unsecured AWS S3 bucket leaks credit, personal data

The exposed data -- a whopping 111 GB worth - allegedly affects tens of thousands of consumers.

McAfee inks deal to acquire Skyhigh Networks

McAfee has agreed to acquire Skyhigh Networks in move that McAfee believes will help boost its presence in the cloud access security broker market.

Unsecured AWS server exposed classified military intel

UpGuard Director of Cyber Risk Research Chris Vickery came across an Amazon Web Services S3 cloud storage bucket within the AWS "inscom" subdomain, and set to public, on September 27.

Amazon Web Services launches hosting service for Secret-level government documents

Amazon Web Services has launched a new cloud-based hosting service that can accommodate government intelligence, files and work product classified as Secret or below.

Misconfigured Amazon S3 server leaks Australian Broadcasting Corporation

As misconfigured Amazon servers continue to leak sensitive data, Australian Broadcasting Corporation (ABC) is the latest culprit of administrators not properly securing their cloud servers.

Office 365 joke: KnockKnock, Who's there? Botnet malware

Microsoft's already battered Office 365 is once again being targeted, this time by KnockKnock, a botnet attack designed to specifically victimize the office productivity software suite.

Top 10 Security Challenges for 2017

The first half of 2017 has not exactly been a ride in the park for cybersecurity professionals.

Millions of Dow Jones customer records exposed due an internal error

A misconfigured database on an Amazon S3 server may have exposed the data of between two and four million Dow Jones & Co. customers, a report on the incident stated.

Data breach at Oklahoma U impacts 30K students

Lax privacy settings in a campus file-sharing network led to an unintentional exposure of the educational records of thousands of students at the University of Oklahoma.

Here comes the cloud...and it's all right

When it comes to cloud data storage the jury has handed in its verdict and the case is closed. The cloud is the future home for data storage for almost every company and organization, both large and small.

Mixed response from IT security pros following release of Cybersecurity Executive Order

The president's executive order on cybersecurity has drawn immediate, if mixed reactions, from cybersecurity pros who either praise it for providing much-needed guidance or criticize it for falling short.

First Look: Joe Security Joe Sandbox Cloud

From time to time we run across a product or service, purely serendipitously, that knocks our virtual socks off. Joe Sandbox Cloud is one such product.

Data of up to 1M auto loan customers across U.S. exposed

An unsecured database left exposed on an Amazon server revealed PII of up to one million applicants for car loans.

Data siphoned via Bose wireless headphones constitutes wiretapping, lawsuit charges

Bose, the audio equipment manufacturer, was sued in a federal court in Chicago earlier this week for selling user data without permission.