Google invests in Security + Microsoft's Log4Shell Update

Google invests in Security + Microsoft's Log4Shell Update

Cloud Security News this week 5 Jan 2022

  • Google has acquired security orchestration, automation and response (SOAR) provider, Siemplify. Neither company has disclosed any amounts however sources including Reuters report Google paid $500 million for Siemplify. Google has shared that Siemplify “will join Google Cloud’s security team to help companies better manage their threat response”. They shared in their announcement that “Providing a proven SOAR capability unified with Chronicle’s innovative approach to security analytics is an important step forward in their vision”. You can find more about this here
  • Microsoft in their updated Blog this week on this issue have noted “Exploitation attempts and testing have remained high during the last weeks of December”. They also stated that they had “observed many existing attackers adding exploits of these vulnerabilities in their existing malware kits and tactics, from coin miners to hands-on-keyboard attacks”. Microsoft mentions that “customers should assume broad availability of exploit code and scanning capabilities to be a real and present danger to their environments. And “this is expected to have a long tail for remediation, requiring ongoing, sustainable vigilance” . Microsoft have reported that the bulk of attacks have been related to mass scanning by attackers attempting to thumbprint vulnerable systems, as well as scanning by security companies and researchers. You can read their updated blog here.
  • Back in 2019 you probably heard about Autom Attack which targeted misconfigured docker APIs to gain network entry to set up a backdoor on the compromised host to do cryptomining. This cryptomining campaign has evolved in the last 3 years to improve on their defense evasion tactics to fly under the radar and avoid detection. You can see the blog and their findings here.
  • SEGA Europe have disclosed that they were storing sensitive data in an unsecured Amazon Web Services (AWS) S3 bucket. This was discovered during a cloud-security audit. Security Researcher Aaron Phillips with VPN Overview worked with SEGA Europe to secure the exposed data. You can view the full report here
  • Positive Security researchers have stumbled upon four vulnerabilities in Microsoft Teams. You can read more about the findings here and threatpost report here

Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

Instagram - Cloud Security News

If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:

- Cloud Security Podcast:

- Cloud Security Academy:

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(40)

Vulnerabilities discovered in AWS, GCP and Azure

Vulnerabilities discovered in AWS, GCP and Azure

Cloud Security News this week 26 Jan 2023 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) In...

26 Jan 20237min

Amazon S3 encrypts by default and The CircleCI Breach

Amazon S3 encrypts by default and The CircleCI Breach

Cloud Security News this week 14 Jan 2023 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) In...

14 Jan 20236min

New Cloud Vulnerability Database + Another Misconfigured S3 Bucket

New Cloud Vulnerability Database + Another Misconfigured S3 Bucket

Cloud Security News this week 14 July 2022 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) I...

14 Juli 20225min

Dell Embraces Multi-cloud + Hackers use stolen OAuth

Dell Embraces Multi-cloud + Hackers use stolen OAuth

Cloud Security News this week 11 May 2022 Brought to you this week by JupiterOne To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - C...

11 Maj 20226min

AWS Security Hub releases 5 new controls + Latest with Spring4shell

AWS Security Hub releases 5 new controls + Latest with Spring4shell

Cloud Security News this week 12 April 2022 Brought to you this week by Teleport To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - C...

13 Apr 20225min

What is Spring4shell? + Should we be concerned?

What is Spring4shell? + Should we be concerned?

Cloud Security News this week 30 March 2022 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) ...

7 Apr 20224min

Latest with Okta/Lapsus$ + Return of Log4J

Latest with Okta/Lapsus$ + Return of Log4J

Cloud Security News this week 30 March 2022 Brought you by - JupiterOne - Find out more about them at www.jupiterone.com/csp To read more about this week's stories head to https://cloudsecuritypodcast...

30 Mars 20226min

All you need to know about the Okta and Microsoft breach

All you need to know about the Okta and Microsoft breach

Cloud Security News this week 23 March 2022 Brought you by - JupiterOne - Find out more about them at www.jupiterone.com/csp - Hunters - Find out more about them at www.hunters.ai To read more about t...

23 Mars 20225min

Populärt inom Politik & nyheter

aftonbladet-krim
svenska-fall
tv4-nyheterna-story
p3-krim
rss-krimstad
motiv
de-fyras-gang
spar
flashback-forever
aftonbladet-daily
rss-expressen-dok
rss-sanning-konsekvens
rss-krimreportrarna
rss-flodet
rss-vad-fan-hande
politiken
rss-frandfors-horna
krimmagasinet
kungligt
svd-dokumentara-berattelser-2