Microsoft accidentally internet-exposed for three weeks 250 million customer support records stored in five misconfigured Elasticsearch databases. While the company rapidly locked them down after being alerted, it's an embarrassing gaff for the technology giant, which has pledged to do better.
While secure coding has always been an imperative, in a cloud-based environment, BMC Software's Rick Bosworth says it is especially critical since the liability does not rest with cloud services providers for secure configuration.
A baby photo and video-sharing app called Peekaboo Moments is exposing sensitive logs through an exposed Elasticsearch database, a researcher has found. The data includes baby photos and videos, birthdates, location data and device information.
The cybersecurity outlook for 2020 and the new decade will be characterized by more advanced, targeted and coordinated attack vectors designed to exploit the cybersecurity skills shortage, along with congenitally poor security fundamentals and hygiene.
City of Gold Coast (CoGC) remains the second largest local government in Australia, based on the Gold Coast's resident population. With 3,900 staffers, CoGC provides a range of services, activities and facilities for residents and visitors including employment opportunities, events, libraries, city management, water...
How does one make cloud a prominent part of enterprise security strategy? Is the cloud inherently more secure than on-prem? These were among the discussion points of a recent Dallas executive roundtable. Alex Pitigoi of Nominet shares her takeaways from the event.
Although many governments have adopted "Cloud First" strategies with respect to their modernization efforts, are they transitioning to the cloud using "Cloud Smart" ? strategies Recent findings from the 2019 Unisys Cloud Success Barometer survey shows that 23% of government have embraced multi-cloud solutions,...
Many companies have already been hit by a ransomware attack- or will be. Technically astute hackers continue their ability to infiltrate ransomware so much, that Ransomware as a Service is now available on the darknet. In today's hyper connected world, it could be only a matter of time until 'something' happens. How...
The latest edition of the ISMG Security Report offers an in-depth analysis of how to prevent data exposure in the cloud. Plus: why PCI's new contactless payment standard lacks PINs, and how to go beyond the hype to accurately define "zero trust."
The enterprise has embraced the public cloud. But tension and misalignment between CloudOps and business stakeholders impedes your organization from achieving all that it can.
Moreover, customers expect speed, scale and business agility from the cloud. CloudOps require continuous governance of security,
The public cloud has reimagined the way business is done, embracing change, iterating and learning.
Thus, cyber attacks are focused on the public cloud because the pickings are easy: misconfigured cloud resources unwittingly expose billions of records to prying eyes. Automation has changed the game for hackers,...
Public cloud users are confused as to who owns their cloud security, when the reality is that cloud users must protect their data.
Download this infographic for an overview of the top challenges organizations face with cloud security.
Enterprises are accelerating their move to the public cloud, and expanding their use of multiple cloud services.
However, while the momentum around cloud migrations and cloud-native development continues to pick up steam, many operations teams lack the capabilities they need to efficiently and proactively manage...
Big data analytics and search tools give organizations the ability to analyze information faster than ever before. But too many organizations deactivate security controls built into Elasticsearch, Amazon S3 buckets and MongoDB when they deploy, leaving their data exposed, says Elastic's James Spiteri.