BLOG

SubjectData Blog and News

Cyber Security
noreply@blogger.com Unknown

17-Year-Old 'Mastermind', 2 Others Behind the Biggest Twitter Hack Arrested

Three young individuals — 17, 19, and 22-year-old — have reportedly been arrested for being the alleged mastermind behind the recent Twitter hack that simultaneously targeted several high-profile accounts as part of a massive bitcoin scam. According to the U.S. Department of Justice, Mason Sheppard, aka “Chaewon,” 19, from the United Kingdom, Nima Fazeli, aka

Read More »
Cyber Security
Amendaze Thomas

AWS achieves FedRAMP JAB High and Moderate provisional authorization across nine additional services in AWS US Regions

We are pleased to announce that Amazon Web Services (AWS) has achieved FedRAMP JAB authorization on an additional nine AWS services. These services provide capabilities that enable your organization to: Assemble and deploy serverless architectures in powerful new ways using AWS Serverless Application Repository Simplify application delivery and complete workload migration to the cloud using

Read More »
Cyber Security
noreply@blogger.com Swati Khandelwal

EU sanctions hackers from China, Russia, North Korea who're wanted by the FBI

The Council of the European Union has imposed its first-ever sanctions against persons or entities involved in various cyber-attacks targeting European citizens, and its member states. The directive has been issued against six individuals and three entities responsible for or involved in various cyber-attacks, out of which some publicly known are ‘WannaCry‘, ‘NotPetya‘, and ‘Operation

Read More »
Cyber Security
noreply@blogger.com Ravie Lakshmanan

New Attack Leverages HTTP/2 for Effective Remote Timing Side-Channel Leaks

Security researchers have outlined a new technique that renders a remote timing-based side-channel attack more effective regardless of the network congestion between the adversary and the target server. Remote timing attacks that work over a network connection are predominantly affected by variations in network transmission time (or jitter), which, in turn, depends on the load

Read More »
Cyber Security
Marta Taggart

Over 150 AWS services now have a security chapter

We’re happy to share an update on the service documentation initiative that we first told you about on the AWS Security Blog in June, 2019. We’re excited to announce that over 150 services now have dedicated security chapters available in the AWS security documentation. In case you aren’t familiar with the security chapters, they were

Read More »
Cyber Security
noreply@blogger.com Ravie Lakshmanan

Zoom Bug Allowed Snoopers Crack Private Meeting Passwords in Minutes

Popular video conferencing app Zoom recently fixed a new security flaw that could have allowed potential attackers to crack the numeric passcode used to secure private meetings on the platform and snoop on participants. Zoom meetings are by default protected by a six-digit numeric password, but according to Tom Anthony, VP Product at SearchPilot who

Read More »
Cyber Security
noreply@blogger.com Unknown

Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems

A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide—including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system. Dubbed ‘BootHole‘ and tracked as CVE-2020-10713, the reported vulnerability resides in the GRUB2 bootloader, which, if exploited, could potentially let attackers

Read More »
Cyber Security
Min Hyun

Logical separation: Moving beyond physical isolation in the cloud computing era

We’re sharing an update to the Logical Separation on AWS: Moving Beyond Physical Isolation in the Era of Cloud Computing whitepaper to help customers benefit from the security and innovation benefits of logical separation in the cloud. This paper discusses using a multi-pronged approach—leveraging identity management, network security, serverless and containers services, host and instance

Read More »
Cyber Security
noreply@blogger.com The Hacker News

Is Your Security Vendor Forcing You To Move to the Cloud? You Don't Have To!

Many endpoint security vendors are beginning to offer their applications only in the cloud, sunsetting their on-premise offerings. This approach may be beneficial to the vendor, but many clients continue to need on-premise solutions. Vendors that sunset on-premise solutions force clients that prefer on-premise solutions to either change their operating environment and approach or change

Read More »
Cyber Security
noreply@blogger.com Swati Khandelwal

Industrial VPN Flaws Could Let Attackers Target Critical Infrastructures

Cybersecurity researchers have discovered critical vulnerabilities in industrial VPN implementations primarily used to provide remote access to operational technology (OT) networks that could allow hackers to overwrite data, execute malicious code, and compromise industrial control systems (ICS). A new report published by industrial cybersecurity company Claroty demonstrates multiple severe vulnerabilities in enterprise-grade VPN installations, including

Read More »
Scroll to Top