Tag Archive for: cloud

Security News This Week: The Cloud Company at the Center of a Global Hacking Spree

/in


Between a cascade of indictments against former US president Donald Trump, a tumultuous 2024 election season (in which Trump is a main character), and the rapid rise of generative artificial intelligence, 2024 is shaping up to be a complete nightmare.

At the center of it will be a rise in personalized disinformation. Not only will there be more BS to sift through thanks to tools like ChatGPT and Google’s Bard, but the disinformation will likely be more effective, and even tailored to target specific groups with frightening consequences. Of course, some of this could be fixed with new regulations. But the US Congress still hasn’t figured out how to tackle privacy, and regulating AI will only be more difficult.

In addition to disinformation, people keep figuring out new ways to break through the guardrails that generative AI tools have in place to stop malicious activities. The latest is something called an “adversarial attack,” which researchers at Carnegie Mellon University found can be carried out simply by attaching a string of nonsense-looking instructions to the end of certain prompts entered into tools like ChatGPT. While it’s possible to block specific attack strings, nobody yet knows how to fix this flaw entirely.

AI might be the new frontier for security researchers. But regular ol’ platforms are still a wealth of terrible vulnerabilities. The latest is the Points platform, which provides the underlying tech for dozens of major travel rewards programs. Researchers recently discovered flaws in the Points API that exposed people’s private information. And a bug in a Points administrator website could have allowed an attacker to give themselves unlimited airline miles and hotel points. But don’t get any big ideas, hackers—all the flaws have since been fixed.

The Points bugs aren’t the only ones patched recently. If you use Apple iOS, Google Android, or Microsoft products, check our list of the recent security updates you’ll want to install right now.

But that’s not all. Each week, we round up the security and privacy stories we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

A single cloud firm has…

Source…

SSH Remains Most Targeted Service in Cado’s Cloud Threat Report

/in


IN SUMMARY

  1. Botnet agents dominate the malware landscape, comprising 40.3% of all traffic.
  2. SSH remains the most targeted service, representing 68.2% of observed samples.
  3. A staggering 97.5% of threat actors target vulnerabilities in a single specific service.

Cado Security, a pioneer in cloud forensics and incident response solutions, has released the much-anticipated Cado Security Labs 2023 Cloud Threat Findings Report. The report uncovers groundbreaking insights into the evolving cloud threat landscape, highlighting the escalating risk of cyberattacks in the wake of widespread cloud service adoption.

Headed by Chris Doman, CTO, and Co-Founder, of Cado Security Labs; their discoveries have exposed novel cloud-based malware and threat techniques, including the infamous Denonia, the first-known malware designed explicitly for AWS Lambda environments.

The report, which the company shared with Hackread.com, is crucial since Cado Security Labs employs honeypot infrastructure to capture real-time cloud attacker telemetry, providing timely insights into emerging attack patterns, and swiftly disseminating crucial findings throughout the security community.

As cloud technologies continue to shape the modern business landscape, organizations must grasp the depth of emerging cloud threats. Cado’s report arms the security community with the knowledge required to counter these latest threats effectively.

According to Cado’s press release, key findings from the report are as follows:

  1. Botnet agents dominate the malware landscape, comprising 40.3% of all traffic, playing a significant role in the Russia-Ukraine war’s hacktivist-driven DDoS attacks.
  2. SSH (Secure Shell Protocol) remains the most targeted service, representing 68.2% of observed samples. Redis follows at 27.6%, while the exploitation of Log4Shell vulnerability declines to a mere 4.3%.
  3. A staggering 97.5% of opportunistic threat actors target vulnerabilities in a single specific service, suggesting attackers focus on exploiting known weaknesses.

It is worth noting that last month, Nokia also released its Threat Intelligence Report for 2023. In this report, the company issued a warning about the…

Source…

Security Breach: How Cloud Apps are Elevating Malware Threats

/in


Netskope Threat Labs, a leading provider of threat analysis and cyber defense strategies for cloud-based vulnerabilities, recently published their most recent Threat Labs Report. Findings specific to manufacturing include:

  • Cloud-delivered malware increased from 32 percent to 66 percent in the past twelve months, led by downloads from popular apps like Microsoft OneDrive, Google Drive and Gmail.
  • The report showed that 94 percent of users downloaded data from an average of 17 different cloud apps each month.
  • Over the past twelve months, the number of users uploading to cloud apps in manufacturing increased 27 percent.
  • Emotet, AgentTesla, and BlackBasta were among the top malware and ransomware groups targeting manufacturing in the past twelve months.
  • Malware described as file-based exploits saw a significant uptick in use by these black hat organizations.

Our guest for today’s episode is Netskope’s Threat Labs Director Ray Canzanse. He offers some insight on how the industrial sector can continue to utilize the cloud without negatively impacting security.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at [email protected].

To download our latest report on industrial cybersecurity,  The Industrial Sector’s New Battlefield, click here.

Source…

In Other News: Security Firm Hit by Investor Lawsuit, Satellite Hacking, Cloud Attacks

/in


SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.

Here are this week’s stories:

Researchers analyze satellite security

Researchers in Germany have analyzed several satellites and discovered various types of vulnerabilities, as well as the lack of protection mechanisms such as encryption and authentication. They showed how an attacker could disrupt communications with ground control, and take control of a satellite’s systems. 

However, satellite hacking is not easy and manufacturers are counting on security through obscurity in hopes of preventing hacker attacks. The researchers worked with the European Space Agency, universities involved in the development of satellites, and a commercial company to conduct their work. 

Advertisement. Scroll to continue reading.

Microsoft expands Security Service Edge (SSE), renames Azure AD

Microsoft has added two new identity-centric capabilities to its Security Service Edge (SSE) solution. The new Entra Internet Access and Entra Private Access will secure access to internet, SaaS and Microsoft 365 applications, and private apps and resources. In addition, to simplify naming, the tech giant is renaming Azure AD to Entra ID, without changing APIs, capabilities, licensing, or sign-in URLs. 

Introducing passwordless authentication on GitHub.com

GitHub this week announced the public beta availability of passkey authentication on GitHub.com, allowing users to sign in with biometric credentials, without having to enter their password. Users can enable passkeys authentication from the Settings menu, by navigating to the ‘feature preview’ tab.

Two-factor authentication vulnerability patched in Drupal 

A vulnerability affecting a two-factor authentication…

Source…