Remote Access Trojans target Public Cloud Infrastructure

Remote Access Trojans target Public Cloud Infrastructure

Cloud Security News this week 19 Jan 2022

  • Cisco Talos Researchers have shared in a blog last week that a trio of remote access Trojans (RATs)—Nanocore, Netwire and AsyncRAT—are being spread in a campaign that taps public cloud infrastructure and is primarily aimed at victims in the U.S., Italy and Singapore. According to the blog “Threat actors are increasingly using cloud technologies to achieve their objectives without having to resort to hosting their own infrastructure,” and “cloud services like Azure and AWS allow attackers to set up their infrastructure and connect to the internet with minimal time or monetary commitments. It also makes it more difficult for defenders to track down the attackers’ operations.” Read more about this here.
  • Netskope also released a blog last week about Malwares. Interestingly their research which surveyed millions of users worldwide from January 1, 2020 to November 30, 2021 found that Cloud-delivered malware is now more prevalent than web-delivered malware, accounting for 66%, up from 46% last year. They also found that Google Drive is the top app for most malware downloads and Cloud-delivered malware via Microsoft Office nearly doubled from 2020 to 2021. Read the report here
  • Vulnerability in AWS’s cloudformation service that was discovered and shared by Orca Security. Orca Security confirmed that AWS completely mitigated within 6 days of their submission.If you want to know more about their discovery, you can read it here
  • The US government is reportedly reviewing the cloud computing arm of Chinese ecommerce giant Alibaba to determine whether or not it poses a risk to national security.” As reported by Reuters, the Biden administration launched the probe to find out more about how Alibaba Cloud stores the data of US clients including personal information and intellectual property and to see if the Chinese government could gain access to it. You can read Reuters report here
  • Sysdig’s platform who were recently valued at 2.5 Billion have expanded their cloud security offering to Azure Cloud aswell. . You can find out more about them here

Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

Instagram - Cloud Security News

If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:

- Cloud Security Podcast:

- Cloud Security Academy:

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(40)

Vulnerabilities discovered in AWS, GCP and Azure

Vulnerabilities discovered in AWS, GCP and Azure

Cloud Security News this week 26 Jan 2023 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) In...

26 Jan 20237min

Amazon S3 encrypts by default and The CircleCI Breach

Amazon S3 encrypts by default and The CircleCI Breach

Cloud Security News this week 14 Jan 2023 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) In...

14 Jan 20236min

New Cloud Vulnerability Database + Another Misconfigured S3 Bucket

New Cloud Vulnerability Database + Another Misconfigured S3 Bucket

Cloud Security News this week 14 July 2022 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) I...

14 Jul 20225min

Dell Embraces Multi-cloud + Hackers use stolen OAuth

Dell Embraces Multi-cloud + Hackers use stolen OAuth

Cloud Security News this week 11 May 2022 Brought to you this week by JupiterOne To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - C...

11 Mai 20226min

AWS Security Hub releases 5 new controls + Latest with Spring4shell

AWS Security Hub releases 5 new controls + Latest with Spring4shell

Cloud Security News this week 12 April 2022 Brought to you this week by Teleport To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - C...

13 Apr 20225min

What is Spring4shell? + Should we be concerned?

What is Spring4shell? + Should we be concerned?

Cloud Security News this week 30 March 2022 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) ...

7 Apr 20224min

Latest with Okta/Lapsus$ + Return of Log4J

Latest with Okta/Lapsus$ + Return of Log4J

Cloud Security News this week 30 March 2022 Brought you by - JupiterOne - Find out more about them at www.jupiterone.com/csp To read more about this week's stories head to https://cloudsecuritypodcast...

30 Mar 20226min

All you need to know about the Okta and Microsoft breach

All you need to know about the Okta and Microsoft breach

Cloud Security News this week 23 March 2022 Brought you by - JupiterOne - Find out more about them at www.jupiterone.com/csp - Hunters - Find out more about them at www.hunters.ai To read more about t...

23 Mar 20225min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
fotballpodden-2
forklart
stopp-verden
popradet
det-store-bildet
nokon-ma-ga
rss-gukild-johaug
lydartikler-fra-aftenposten
hanna-de-heldige
rss-ness
rss-espen-lee-usensurert
rss-penger-polser-og-politikk
aftenbla-bla
dine-penger-pengeradet
ukrainapodden
ta-dokumentar
frokostshowet-pa-p5