Cloud

Pierluigi Paganini May 27, 2024
The Impact of Remote Work and Cloud Migrations on Security Perimeters

Organizations had to re-examine the traditional business perimeter and migrate to cloud-based tools to support distributed workforces. What is the impact? The almost overnight shift to remote work, driven by the COVID-19 pandemic, has profoundly impacted how businesses use technology. Organizations across the globe had to adapt and adapt quickly.  They had to re-examine the […]

Pierluigi Paganini January 19, 2023
Critical Microsoft Azure RCE flaw impacted multiple services

Researchers found a new critical remote code execution (RCE) flaw impacting multiple services related to Microsoft Azure. Researchers from Ermetic found a remote code execution flaw, dubbed EmojiDeploy, that impacts Microsoft Azure services and other cloud services including Function Apps, App Service and Logic Apps. The issue is achieved through CSRF (Cross-site request forgery) on the ubiquitous […]

Pierluigi Paganini January 31, 2021
New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

The Rocke group is using a new piece of cryptojacking malware dubbed Pro-Ocean to target Apache ActiveMQ, Oracle WebLogic, and Redis installs. The cybercrime group Rocke is using a new piece of cryptojacking malware called Pro-Ocean to target vulnerable Apache ActiveMQ, Oracle WebLogic, and Redis intalls. The malware is an evolution of a Monero cryptocurrency […]

Pierluigi Paganini December 19, 2020
NSA warns of cloud attacks on authentication mechanisms

The US National Security Agency (NSA) warns of two techniques abused by threat actors for escalating attacks from local networks to cloud infrastructure. The US National Security Agency has published a security advisory that describes two techniques abused in recent attacks against cloud infrastructure. The attack techniques are abused by hackers are using to escalate […]

Pierluigi Paganini October 27, 2016
CloudFanta Malware Steals Banking Information Via Cloud Storage Apps

Watch out, threat research labs Netskope spotted the CloudFanta Malware Stealing Banking Information Via Cloud Storage Apps. Threat Research Labs, Netskope, published a detailed research on the malware “CloudFanta” campaign, suspect since July 2016 to steal more than 26,000 worth of email credentials. CloudFanta benefits from the ‘SugarSync’ – a cloud storage app – to […]

Pierluigi Paganini July 19, 2016
cuteRansomware leverages Google Docs to avoid detection

A newly strain of ransomware dubbed cuteRansomware leverages on a Google Doc to host the decryption key and command-and-control features. A recently discovered strain of ransomware, dubbed cuteRansomware, shows that your enterprise isn’t the only one thinking about cloud transition. Modern day hackers are loving the Cloud too. The cuteRansomware was discovered by Netskope security firm which observes an increase […]

Pierluigi Paganini December 10, 2015
ZeroDB, the end-to-end encrypted database, goes open source

The End-to-end encrypted database ZeroDB becomes open source and its code is available on GitHub, try it and contribute to the community with your experience. While politicians and experts are debating around encryption, the End-to-end encrypted database ZeroDB becomes open source and its code is available on GitHub. ZeroDB is an end-to-end encrypted database in […]

Pierluigi Paganini August 27, 2015
The US government created new rules for Cloud Providers

A new set of rules was created by the Department of Defense (DoD) for Cloud Providers to report security holes when dealing with US government data. A new set of rules was created by the Department of Defense (DoD) of the US government for how the cloud providers should report the security issues that involve […]

Pierluigi Paganini March 01, 2015
Shadow Cloud Services a serious risk for Government Networks

Cloud Security Alliance revealed that shadow cloud service used by employees and unmanaged by IT can pose a major security problem for organizations. Last month, Cloud Security Alliance found out that shadow cloud service used by employees and unmanaged by IT can pose a major security problem for organizations. Based on the survey, mostly half […]

Pierluigi Paganini July 28, 2014
Hackers exploit cloud services to build Money-Mining Botnet

Two security experts will present at the next BlackHat conference how to exploit cloud services to build Money-Mining Botnet. Cloud computing is becoming the paradigm most abused by cybercrime, cloud architectures represent privileged targets of cyber criminals that desire to steal data they contain or to abuse their resources to conduct cyber attacks. Two researchers, Rob […]