- According to a research by Trend Micro, Elastic Computing Service (ECS) instances for Alibab Cloud are becoming an increasingly common target for financially motivated hackers with cryptomining goals. This increased targeting may be due to a few unique features of Alibaba Cloud. Alibaba ECS instances come with a preinstalled security agent and provides root access/ privileged control by default. There is a detailed article attached about this here
- JupiterOne (a Cyber Asset Management Platform ) and Cisco have announced the launch of Secure Cloud Insights, an expanded cloud security and security operations partnership designed to provide businesses with a range of cybersecurity services. This new solution is aimed at helping Cisco customers achieve a higher level of maturity with their digital transformation and security program. CEO of Jupiter One, Erkang Zheng calls it a game changing offering – that would provide increased visibility, efficiency, and speed to security operations, with combined context from situational awareness and structural data. We would be curious to know if you think the same.
- Those familiar with Palo Alto and their core cloud-security package, Prisma may be intrigued to know that they have launched Prisma 3.0. Prisma 3.0 can code security directly into SaaS applications and includes a cloud-access security broker (CASB) to control access to cloud resources. If you are not familiar with Prisma, its a cloud-based security bundle that includes access control, advanced threat protection, user-behavior monitoring, and other services that promise to protect enterprise applications and resources. Prisma 3.0 will now include support for infrastructure as code (IaC) scanning and code fixes that can be embedded into developer tools across the development lifecycle, pre-defined rules, application profiling, and automated policy creation to simplify and accelerate microsegmentation where needed. It will support agentless scanning that looks at cloud provider APIs and disk snapshots to determine vulnerabilities.
- Truffle Security has released an open source hacking tools called Driftwood designed to discover leaked, paired private and public keys which may be harmful. When an encryption key is leaked, its sometimes hard to know if the leak poses a security risk. You may remember from our news a few weeks ago that Truffle Security had also launched Truffle hog which finds API keys that accidentally made their way into javascript. Driftwood builds upon Truffle Hog and is available on Github. Truffle Security in their blog which is shared here. stated that With this tool they found the private keys for hundreds of Transport Layer Security certificates, and Secure Shell keys that would have allowed an attacker to compromise millions of endpoints/devices.
- Have you heard of Chicago Mercantile Exchange, well if you havent they are an exchange responsible for many crypto derivatives financial products. Google’s parent company Alphabet has made a 1 billion dollar investment + entered into 10-year strategic partnership with Google Cloud aimed at accelerating the exchange’s move to the Cloud. The exchange have till now run its IT systems and infrastructure in its own data centers and on-premises to keep them secure and running at peak performance. It would be interesting to see what it means for their performance and security given the overall interest of threat actors in the crypto currency domain
- The Federal government is going from a “Cloud First” to a “Cloud Smart” strategy to leverage cloud without compromising security. They quoted that “Cloud Smart is about equipping agencies with the tools and knowledge they need to make these decisions for themselves, rather than a one-size-fits-all approach.The shift will be from “buy before build” to “solve before buy,”. Under security they added that “Successfully managing cloud adoption risks requires collaboration” leaning into that shared responsibility model we hear often about with Cloud Security. The link to the document is here
