Cloud Security · DevSecOps · Security

Misconfigured AWS S3 Buckets Still Rising

I run this search periodically and I watch the climbing numbers of results with alarm. I ran it just now and it returned 143,000 results, up nearly 50% from a year ago. At this point, I believe that its incumbent on AWS to do something to stop spamming my data across the interwebz. The problem… Continue reading Misconfigured AWS S3 Buckets Still Rising

Cloud Security · Security

Just How Big A Problem Is Shadow IT

Its not a problem until its a problem… Mickey Fox This should be enough to give you a bit of heartburn. The average large enterprise as 1200 various cloud services (including PaaS and SaaS offerings) that are in use and 98% of them are unsanctioned and unvetted SaaS apps according to the Enterprise Strategy Group.… Continue reading Just How Big A Problem Is Shadow IT

Security

OWASP Top 10 – Still The Same After a Decade

The year is closing and its now time to reflect back on the hot mess that was 2020. The only thing missing so far is having Umbrella Corp handing out the COVID vaccine and kicking off the zombie apocalypse. We have survived fires, earth quakes, volcanoes, floods, murder hornets, giant globe spanning dust storms and… Continue reading OWASP Top 10 – Still The Same After a Decade

Security · Social Media Engineering · Supply Chain Hacking

China Uses Hacking to Target Dissidents and Protesters

China went so far as to create fake security tools to collect data to target dissidents and protesters. This included a fake antivirus software that actually installed, instead of removed, trojans on to anyone foolish enough to install Anvisoft. They also created a data mining platform called SonarX to mine social media and gaming accounts… Continue reading China Uses Hacking to Target Dissidents and Protesters

Security

Messaging Service Telegram Used to Track, Trap and Torture Iranian Dissidents

When COVID hit and contract tracing in the EU and North American became “a thing”, I warned everyone that this was not a good idea. When Google and Apple made it a feature on smart phones, I warned everyone that this was not a good idea. Now we have proof as to how this is… Continue reading Messaging Service Telegram Used to Track, Trap and Torture Iranian Dissidents