What Happens When “Shadow IT” Goes Missing?
Last week I told about how a vulnerable cloud server was deployed, ignored, and then owned by an attacker, with Amazon catching this and the entire cycle complete in just over two weeks. It had an obvious cause: skipping part of the process in which unneeded cloud resources are shut down. But I said that […]
Cloud in the Crosshairs: Choose Carefully and Secure Your Cloud Servers
Learning Tree recently received an alarming message from Amazon reporting that an IaaS instance started for a course event “has been placing spam (unsolicited messages, typically advertisements) on websites hosting online discussions, such as Internet forums: check the information provided below by the abuse reporter.” What happened? In Learning Tree’s Cloud Security Essentials course we […]
What Happens When Your Cloud Server Gets Hacked?
Kevin Kell, another Learning Tree instructor, wrote a nice report about what happened when a Bitnami instance he was running in Amazon’s EC2 cloud for Learning Tree’s Amazon Web Services course. Read Kevin’s report for some details, or a page on my site for even more, but here is the short version: Several cloud servers […]
Simple Is Safer (There’s More To It, That’s Just The Safely Simple Summary)
The OpenBSD 5.4 release just came out. That’s what I run on my laptop, so as soon as I could I did the upgrade. Once I had downloaded the install/upgrade ISO image and burned it onto a CD, I started. Time to boot from the media and do a complete installation of the base operating […]
Google Compute Engine Revisited
It has been awhile since I have written anything about Google Cloud Computing. I started to take a look at Google Compute Engine over a year ago but I was stopped because it was in limited preview and I could not access it. It looks like GCE has been made generally available since May so […]