cloud security - The Stack (Page 2)

Novel cloud attack pivoted from K8s to Lambda, pulled IAM keys from Terraform

A recent attack tracked by researchers at cloud security company Sysdig saw the attackers use an exposed Kubernetes container to move laterally to the victim’s AWS account – gaining initial access by exploiting a public-facing service in a self-managed Kubernetes cluster hosted inside an AWS cloud account. The company'...

The Stack March 01, 2023

Pentagon CIOs slapped over cloud security by auditors days before 3TB of emails exposed

Department of Defense

Pentagon CIOs slapped over cloud security by auditors days before 3TB of emails exposed

Days before the exposure this week of over three terabytes of military emails owing to misconfigured Azure services, the US Department of Defense (DoD)’s Inspector General had warned Pentagon CIOs that their teams were not properly reviewing documentation designed to ensure military cloud security – and running systems with unmitigated...

Edward Targett February 24, 2023