Cloud Security news & analysis | SC Media

Cloud Security News and Analysis

Security teams struggle with ransomware, cloud services

Ransomware, insecure internet-facing systems and attacks against cloud-based services are among the top threats facing industry this year, according to new and recent threat intelligence reporting.  The Q2 threat report released today by Rapid7 and detailing the latest tools and tactics used in cyber campaigns targeting the private sector, pegged the manufacturing sector as the…

APT 41

U.S. charges 7 alleged state-sanctioned Chinese hackers

The Department of Justice on Wednesday unsealed indictments secured between August 2019 and August 2020 of seven foreign nationals accused of a bevy of international hacking incidents. The five Chinese and two Malaysian defendants are alleged members of a group often called APT 41, Wicked Panda or Wicked Spider, which is known to commit economic…

Misconfigured servers contributed to more than 200 cloud breaches

Misconfigured storage services in 93 percent of cloud deployments have contributed to more than 200 breaches over the past two years, exposing more than 30 billion records, according to a report from Accurics, which predicted that cloud breaches are likely to increase in both velocity and scale. The researchers found that 91 percent of the…

cloud server

Phishing attack hid in Google Cloud Services

Details of a phishing attack concealed in Google Cloud Services point to a fast-growing trend that has hackers disguising malicious activities in cloud service providers. In a report released today, researchers at Check Point unravel, step-by-step, how even security-savvy professionals could be tricked by a well-disguised ruse, which kicked off with a PDF document containing…

Docker attackers devise clever technique to avoid detection

In what researchers say is a first, attackers are performing a new container attack technique in the wild, whereby they build their own malicious images on a targeted host instead of pulling preexisting ones from a public registry. This maneuver allows the adversaries to avoid static detection by scanners that are programmed to look for…

Cornerstone Payment Systems leaves database open, exposes 6.7M records

Cornerstone Payment Systems, which processes payments for pro-life groups, churches, ministries and other organizations with a similar Christian bent, left a database unprotected, exposing 6.7 million records from 2013 until the present. Information housed by the database included names, email addresses and physical addresses as well as card and merchant information, expiration dates and the…

Next post in Cloud Security