AWS Cloudgoat and mitigation strategies Part 2 This is part 2 of the series on AWS Cloudgoat Scenarios and the mitigation strategies. In this part, we cover Scenarios 2 and 3: Scenario 2: Privilege escalation via AWS Lambda (lambda_privesc) Scenario 3: Misconfigured EC2 Reverse Proxy to S3 Breach (cloud_breach_s3)...
Read More
Introduction As cloud computing is becoming mainstream, the security concerns associated with it has been increasing as well.Most of the public cloud users understand that this is a shared responsibility between the cloud provider and the users as well. According to Gartner, 95% of all cloud security failures are due to misconfigurations. We thought that this would be a good way to highlight...
Read More
More than 200,000 websites using WordPress with unpatched open-source code snippets allows attackers to take over WordPress sites due to missing referrer checks on the import menu. (Figures are based on the number of active installations in the WordPress Library). Wordfence researchers explained that “The plugin developer protected nearly all endpoints of this plugin with WordPress “nonces” for greater security. However, the...
Read More
The Learning Lab is a premier learning enrichment centre in Singapore that embraces technology to allow interactions between teachers, students, and parents to extend beyond classrooms. WebOrion is an All-in-One Web Security & Performance Suite that fortifies, accelerate and monitor your websites. Built by our team of experienced security professionals, we believe in having a holistic approach to securing your...
Read More
WebOrion is used by a global logistics company with headquarters in Singapore to protect and detect website defacement. Delivered in partnership with Trustwave’s Security Operations Centre (SOC) in Singapore, WebOrion equips analysts with the capability to provide continuous website monitoring service with real-time alert upon detection of illegal modification in the website’s asset. The monitoring suite is deployed in Software-as-a-Service (SaaS)...
Read More
The AWS Summit Singapore brings together the cloud computing community to connect, collaborate and learn about AWS. Cloudsine was recognized as an AWS Technology Partner and an AWS Consulting Partner last year. During the Summit, we showcased WebOrionTM, an all-in-one web security and performance suite for small businesses and large enterprises. We highlighted the importance of web & cloud security...
Read More