Remote Access Trojans target Public Cloud Infrastructure
Cloud Security Podcast19 Tammi 2022

Remote Access Trojans target Public Cloud Infrastructure

Cloud Security News this week 19 Jan 2022

  • Cisco Talos Researchers have shared in a blog last week that a trio of remote access Trojans (RATs)—Nanocore, Netwire and AsyncRAT—are being spread in a campaign that taps public cloud infrastructure and is primarily aimed at victims in the U.S., Italy and Singapore. According to the blog “Threat actors are increasingly using cloud technologies to achieve their objectives without having to resort to hosting their own infrastructure,” and “cloud services like Azure and AWS allow attackers to set up their infrastructure and connect to the internet with minimal time or monetary commitments. It also makes it more difficult for defenders to track down the attackers’ operations.” Read more about this here.
  • Netskope also released a blog last week about Malwares. Interestingly their research which surveyed millions of users worldwide from January 1, 2020 to November 30, 2021 found that Cloud-delivered malware is now more prevalent than web-delivered malware, accounting for 66%, up from 46% last year. They also found that Google Drive is the top app for most malware downloads and Cloud-delivered malware via Microsoft Office nearly doubled from 2020 to 2021. Read the report here
  • Vulnerability in AWS’s cloudformation service that was discovered and shared by Orca Security. Orca Security confirmed that AWS completely mitigated within 6 days of their submission.If you want to know more about their discovery, you can read it here
  • The US government is reportedly reviewing the cloud computing arm of Chinese ecommerce giant Alibaba to determine whether or not it poses a risk to national security.” As reported by Reuters, the Biden administration launched the probe to find out more about how Alibaba Cloud stores the data of US clients including personal information and intellectual property and to see if the Chinese government could gain access to it. You can read Reuters report here
  • Sysdig’s platform who were recently valued at 2.5 Billion have expanded their cloud security offering to Azure Cloud aswell. . You can find out more about them here

Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

Instagram - Cloud Security News

If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:

- Cloud Security Podcast:

- Cloud Security Academy:

Jaksot(344)

Vulnerabilities in AWS, GCP and Azure - Cloud Security News

Vulnerabilities in AWS, GCP and Azure - Cloud Security News

Cloud Security News this week - 22 September 2021 AWS, Google Cloud and Azure have all been busy last few weeks fixing and patching Vulnerabilities. In addition to Azure's OMIGOD flaws which we cove...

22 Syys 20212min

Cloud Security Careers: From University to Security Engineer at Atlassian

Cloud Security Careers: From University to Security Engineer at Atlassian

In this episode of the Virtual Coffee with Ashish edition, we spoke with Kaif Ahsan (@KaifAhsan1) is a Security Engineer at Atlassian (@Atlassian). Episode ShowNotes, Links and Transcript on Cloud Sec...

19 Syys 202146min

Cloud Security Careers: Getting an Entry Level GRC Role

Cloud Security Careers: Getting an Entry Level GRC Role

In this episode of the Virtual Coffee with Ashish edition, we spoke with Gerald Auger (@Linkedin- Gerald Auger) is a CyberSecurity PhD holder, Content Creator at Simply Cyber(@SimplyCyber) and a Cyber...

15 Syys 202145min

fwd:cloudsec conference this week, Vulnerabilities discovered in AWS - Cloud Security News

fwd:cloudsec conference this week, Vulnerabilities discovered in AWS - Cloud Security News

Cloud Security News this week - 15 September 2021 Oracle Chief Technology Officer and co-founder Larry Ellison told their investors this week that Oracle Cloud is superior to AWS when it comes to s...

15 Syys 20213min

Cloud Security Careers: From Executive Assistant to Head of Security

Cloud Security Careers: From Executive Assistant to Head of Security

In this episode of the Virtual Coffee with Ashish edition, we spoke with Lisa Hall (@Lisa_H_), the Head of Security, PagerDuty(@PagerDuty). Episode ShowNotes, Links and Transcript on Cloud Security Po...

12 Syys 202144min

IBM Launches Servers for Hybrid Cloud, Microsoft and Verizon bring 5G Edge Cloud Computing - Cloud Security News

IBM Launches Servers for Hybrid Cloud, Microsoft and Verizon bring 5G Edge Cloud Computing - Cloud Security News

Cloud Security News this week - 8 September 2021 Verizon, a multinational telecommunications giant and Microsoft have teamed up to bring on-prem, private 5G edge cloud computing to business. Their o...

8 Syys 20212min

Cloud Security Careers: Skills Required for an Associate Cloud Security Engineer

Cloud Security Careers: Skills Required for an Associate Cloud Security Engineer

In this episode of the Virtual Coffee with Ashish edition, we spoke with Zinet Kemal (Linkedin - Zinet-Kemal) is an Associate Cloud Security Engineer at Best Buy (@BestBuy) Episode ShowNotes, Links an...

5 Syys 202146min

Is your Microsoft Azure Cosmos Database Keys Secure? - Cloud Security News

Is your Microsoft Azure Cosmos Database Keys Secure? - Cloud Security News

Cloud Security News this week - 1 Sep, 2021 Last Thursday, on the 26th of August 2021 - Microsoft warned thousands of its cloud computing customers, including some of the world's largest companies. ...

1 Syys 20212min