How to Rein In Your Unmanaged Cloud in 4 Steps

The prevalence of migration to the cloud highlights the catch-22 of cybersecurity: the security vs. convenience tradeoff. But it doesn’t have to be this way ...

10 Security Blunders that should stay in 2019

Cyber attacks are inevitable, regardless of the size of a business or the sector it operates in. Cyber criminals will try their luck with any business connected to the internet. But as ...

4 Questions to Take Your Cloud Security Posture Management (CSPM) to the Next Level

Data breaches through mismanagement and misconfigurations in the cloud are becoming commonplace. Gartner has predicted that “through 2022, at least 95% of cloud security failures will be the customer’s fault.” In fact, ...
Misconfigured ElasticSearch Cluster Exposed Over 90 Million Records

Misconfigured ElasticSearch Cluster Exposed Over 90 Million Records

A security researcher found a misconfigured ElasticSearch cluster that exposed over 90 million personal and businesses data records. On 1 July, GDI Foundation member and an independent security researcher Sanyam Jain found ...
Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners

Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners

Docker is a technology that allows you to perform operating system level virtualization. An incredible number of companies and production hosts are running Docker to develop, deploy and run applications inside containers ...
Apple Fixes MacOS High Sierra Root Access Vulnerability

Apple Fixes MacOS High Sierra Root Access Vulnerability

Apple has released an emergency fix for an embarrassing vulnerability that allowed people to access the highest privileges account on Mac computers without a password. The vulnerability was disclosed by a user ...
cloud

Insecure Storage Buckets Expose 1.8 Billion Online Posts Scraped for U.S. Military

A Pentagon contractor left three storage buckets publicly accessible on Amazon’s S3 service, exposing more than 1.8 billion online posts collected since 2009. The messages, posted by people from around the world, ...
DAM

All of Yahoo’s 3 Billion Accounts Compromised in 2013

The massive data breach announced by Yahoo in December was believed to have affected around 1 billion accounts, but it turns out it actually affected the company’s entire user base of around ...
Criminals Use Jackpotting Attack

Like Equifax, Thousands of Companies Use Vulnerable Apache Struts Versions

U.S. credit monitoring bureau Equifax has been heavily criticized for its failure to patch a known critical vulnerability in the Apache Struts web development framework, an oversight that led to a massive ...