Hackers are exploiting a remote code execution vulnerability in Elasticsearch, according to one researcher who published logs from a honeypot he built showing 8,000 attempts to exploit the bug.
Browsing Category: Cloud Security
Email delivery service provider SendGrid admitted that hackers had accessed several internal systems, refuting reports earlier this month that the attack was an isolated incident.
Google engineers have spent the last several years moving many of the company’s online services to encrypted links. Gmail is HTTPS by default, and Google search is done over SSL for much of the world. Now the company is working to move its ad-serving and ad-buying platforms to HTTPS, as well. Google’s ad networks are pervasive[…]
Gitrob, an open source intelligence tool, helps security analysts search Github organization repositories for files not meant for public consumption.
SANS Internet Storm Center reports attacks against SMTP servers using Shellshock exploits to create a DDoS botnet.
NIST this week published a draft document SP800-125a that makes recommendations for hypervisor security in virtualized environments based on architectural platform choices and configuration options.
Dropbox officials on Monday said that a large cache of usernames and passwords posted online and alleged to have come from the company’s users are not related to Dropbox customer accounts. A spate of media reports reported yesterday that attackers had stolen several million sets of credentials from Dropbox and posted them online. The claim of[…]
SAP recently pushed out patches to address seven vulnerabilities in three different lines of software that could have opened those running the systems up to complete compromise.
In a move that will essentially double the number of SSL-protected sites on the Web in the space of 24 hours, CloudFlare on Monday said that it was enabling SSL for all of its more than two million customers for free. The new service is called Universal SSL, and the company is making it available[…]
Microsoft today launched the Microsoft Online Services Bug Bounty Program which will pay out a minimum of $500 for vulnerabilities found in its cloud services such as Office 365.