Cloud Security

Alliance Issues Guidance for Cloud-Based SIEM Services

The non-profit Cloud Security Alliance today released guidelines for the nascent Security as a Service (SecaaS) specialization within the broader realm of cloud computing. The goal, the group says, is to help companies and consumers gain a better handle on how best to evaluate, build and deploy off-premise Security Information and Event Management systems as they grow in popularity.

Critical Flaw Reported in CloudStack

The Apache Software Foundation is warning users about a configuration problem in the open-source CloudStack platform that could allow an attacker to take a number of unwanted actions, including deleting all of the virtual machines on a system.

Dropbox Users Cry “Spam!” Company Investigates

Support forums frequented by users of the online storage service Dropbox were alive with reports of spam e-mail messages sent to supposedly secret, Dropbox-affiliated addresses. The reports have raised the dark spectre of a data leak at the cloud based personal storage firm.

With Wikileaks founder Julian Assange anxiously awaiting word from the government of Ecuador on his request for political asylum, a security researcher warns that the country’s Ministry of Foreign Affairs, which is handling the Assange asylum request, is using a video conferencing system that is vulnerable to online snooping.

We write often about attacks linked to massive botnets like Cutwail, Sality and others. But what   does botnet activity really look like, were  you to visualize it? Security firm Unveillance has put together this short (five minute) video to help explain.

This week’s revelations about leaks of user passwords from the professional networking site LinkedIn, dating Web site and music site suggest that even tech-savvy firms are slow to accept that hashes -a once-reliable technology for storing data online – now offer scant protection for sensitive data.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.