Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.03.17
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Mimecast says SolarWinds hackers breached its network (Ars Technica, Mar 16 2021) Mimecast-issued certificate used to connect to customers’ Microsoft 365 tenants. Validate access to your S3 buckets before deploying permissions changes with IAM Access Analyzer (AWS Security Blog, Mar 10 […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.03.10
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Cloud has put security configuration errors in the spotlight (SC Media, Mar 04 2021) Capital One was hit with an $80 million fine because of a cloud misconfiguration. Today’s columnist, Carolyn Crandall of Attivo Networks, offers insights on how to identify […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.03.03
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Is Your Browser Extension a Botnet Backdoor? (Krebs on Security, Mar 01 2021) A company that rents out access to more than 10 million Web browsers so that clients can hide their true Internet addresses has built its network by paying […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.02.24
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Defending software build pipelines from malicious attack (UK Gov NCSC, Feb 18 2021) Compromise of your software build pipeline can have wide-reaching impact; here’s how to tackle the problem. Half of Apps Contain at Least One Serious Exploitable Vulnerability (Infosecurity Magazine, […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.02.17
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Helping users keep their org secure w/ phone’s built-in security key (Google, Feb 16 2021) “We want as many of our customers as possible to adopt this essential protection and to make them aware of potential risks they are exposed to […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.02.10
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Top 10 blog posts of 2020 (AWS Security Blog, Feb 09 2021) The top 10 posts of 2020 Use AWS Lambda authorizers with a third-party identity provider to secure Amazon API Gateway REST APIs How to use trust policies with IAM […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.02.03
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec 1/3 of businesses have cloud budget overruns of up to 40% (Help Net Security, Feb 02 2021) More than one-third of businesses have cloud budget overruns of up to 40 percent, and one in 12 companies exceed this number, a Pepperdata […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.01.27
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Google Says Chrome Cookie Replacement Plan Making Progress (SecurityWeek, Jan 26 2021) Google says it’s making progress on plans to revamp Chrome user tracking technology aimed at improving privacy even as it faces challenges from regulators and officials. Pwn2Own 2021: Hackers […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.01.20
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec CISA Warns Organizations About Attacks on Cloud Services (SecurityWeek, Jan 14 2021) In light of successful cyberattacks targeting organizations’ cloud services, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a series of recommendations on how businesses can improve their […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.01.13
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec An Absurdly Basic Bug Let Anyone Grab All of Parler’s Data (Wired, Jan 12 2021) The “free speech” social network also allowed unlimited access to every public post, image, and video. The Hacker Who Archived Parler Explains How She Did It […]