Amazon Web Services (AWS) – Page 2

Financial system not keeping up with cyberthreats, new report says

Posted on November 18, 2020 by Tim Starks

Four years after the biggest bank hack ever, the global financial system remains vulnerable to cyberattacks that could cause severe disruptions, according to a report Wednesday that draws advice from government officials, the financial industry and other experts. The assessment from the Carnegie Endowment for International Peace and the Word Economic Forum is the culmination of years of work, with touchstones ranging from the 2016 Bangladesh Bank heist where hackers made off with $81 million to a recent Chilean bank ransomware attack that shut down all of its branches. “Our big concern is that if you look at what’s happened during the pandemic, but even before with the escalating threat that’s targeting the financial system from the Bangladesh incident to the Chile outage back in September, we’re clearly not keeping up with the threat and how quickly it’s evolving,” said Tim Maurer, director of Carnegie’s Cyber Policy Initiative. “The government and industry need […]

The post Financial system not keeping up with cyberthreats, new report says appeared first on CyberScoop.

Continue reading Financial system not keeping up with cyberthreats, new report says→

Sneaky recon on roster of AWS users is possible, Unit 42 says

Posted on November 17, 2020 by Joe Warminsky

Knowing exactly who manages a certain cloud service can be valuable information for malicious hackers, and a cybersecurity company says it has found that kind of weakness in products run by one of the biggest cloud providers. More than 20 application programming interfaces (API) associated with 16 Amazon Web Services products can be abused to give up basic information about users and their roles, according to Unit 42, the research arm of cybersecurity giant Palo Alto Networks. “A malicious actor may obtain the roster of an account, learn the organization’s internal structure” and then perhaps “launch targeted attacks against individuals,” Unit 42 researcher Jay Chen says in a report released Tuesday morning. Palo Alto Networks says AWS gave permission to release the research. The problem is within a feature that validates “resource-based policies” for things like the commonly used Amazon Simple Storage Service (S3), Unit 42 says. A resource-based policy is basically a […]

The post Sneaky recon on roster of AWS users is possible, Unit 42 says appeared first on CyberScoop.

Continue reading Sneaky recon on roster of AWS users is possible, Unit 42 says→

Office Hours Recap: All about AWS

Posted on October 5, 2020 by Brandon White

Learn about the tools JumpCloud uses for provisioning cloud resources and how our teams use serverless for infrastructure automation.
The post Office Hours Recap: All about AWS appeared first on JumpCloud.
The post Office Hours Recap: All about AWS app… Continue reading Office Hours Recap: All about AWS→

Using AWS Serverless Architecture to Collect JumpCloud Directory Insights Data

Posted on August 17, 2020 by Kyle Moorehead

We released the Directory Insights Serverless app to empower JumpCloud admins to expand the use and duration of their event log data.
The post Using AWS Serverless Architecture to Collect JumpCloud Directory Insights Data appeared first on JumpCloud.
T… Continue reading Using AWS Serverless Architecture to Collect JumpCloud Directory Insights Data→

Twilio breach spotlights struggle to keep corporate software kits out of the wrong hands

Posted on July 24, 2020 by Sean Lyngaas

The security team at Twilio, a cloud communications company that claimed over $1 billion in revenue last year, could breathe a sigh of relief on Sunday night. Earlier in the day, someone had manipulated the code in a software product that Twilio customers use to route calls and other communications. The breach resembled a Magecart-style attack that skims websites for users’ financial data. Twilio cleaned up the code hours later, and said there was no sign the attackers had accessed customer data. But the damage could have been worse if the attack had been targeted, multiple security experts told CyberScoop. With access to the code, which was sitting in an unsecured Amazon cloud storage service known as an S3 bucket, the attackers could have conducted phishing attacks or distributed malware through the platform, according to Yonathan Klijnsma, head of threat research at security company RiskIQ. Dave Kennedy, founder of cybersecurity […]

The post Twilio breach spotlights struggle to keep corporate software kits out of the wrong hands appeared first on CyberScoop.

Continue reading Twilio breach spotlights struggle to keep corporate software kits out of the wrong hands→

Integrating AWS Client VPN into Your IT Environment

Posted on July 2, 2020 by Zach DeMeyer

Integrating AWS Client VPN into your IT environment is simple with the help of a cloud directory service. Try one here for free.
The post Integrating AWS Client VPN into Your IT Environment appeared first on JumpCloud.
The post Integrating AWS Client V… Continue reading Integrating AWS Client VPN into Your IT Environment→

Between the Lines of AWS Directory Service Pricing

Posted on March 11, 2020 by Stephanie DeCamp

AWS offers many IAM solutions, but the cost of features and the infrastructure necessary to implement them can add up.
The post Between the Lines of AWS Directory Service Pricing appeared first on JumpCloud.
The post Between the Lines of AWS Directory … Continue reading Between the Lines of AWS Directory Service Pricing→

One User Account for Both AWS and GCP

Posted on February 17, 2020 by Zach DeMeyer

Use a cloud directory service to provide one user account for AWS and GCP, even if you’re an AD-centric organization.
The post One User Account for Both AWS and GCP appeared first on JumpCloud.
The post One User Account for Both AWS and GCP appea… Continue reading One User Account for Both AWS and GCP→

AWS Cloud Directory Pricing

Posted on January 10, 2020 by Zach DeMeyer

As IT admins evaluate AWS Cloud Directory, pricing is a leading concern. Let’s break down their pricing model and how it compares to functionality.
The post AWS Cloud Directory Pricing appeared first on JumpCloud.
The post AWS Cloud Directory Pri… Continue reading AWS Cloud Directory Pricing→

Sync Active Directory with AWS

Posted on December 23, 2019 by Megan Anderson

As more organizations use AWS, many IT admins are looking for ways to sync their Microsoft Active Directory identities to it.
The post Sync Active Directory with AWS appeared first on JumpCloud.
The post Sync Active Directory with AWS appeared first on… Continue reading Sync Active Directory with AWS→