AWS adds another backstop for S3 security – TechTarget – An added AWS feature helps users ensure Amazon S3 storage buckets that contain sensitive information are kept from public view and not exposed to potential cybercrimes.

AWS Security Best Practices: Lambda DoS Mitigation Strategies – Security Boulevard – How to avoid DoS and design resilient serverless applications is one of the most common topics we hear when discussing AWS Lambda security with organizations that are in the process of adopting serverless architectures.

Promoting Business Enablement Through Cloud Security at AWS re:Invent 2018 – Security Boulevard – Organizations around the world continue to adopt cloud-first strategies, moving some, if not all of their major workflows into the cloud.

Recent News

How Amazon Cognito fits into AWS security best practices – TechTarget – In this chapter excerpt from AWS: Security Best Practices on AWS, author Albert Anthony highlights how Amazon Cognito plays a role in application development on the AWS cloud.

Oracle’s Ellison On AWS, The Fundamental Problem With Cloud Security, And Deploying The ‘Star Wars Cyber Defense – CRN – Larry Ellison isn’t one to shy away from controversy—or avoid hyperbole. Here are some of his most eyebrow-raising statements from his OpenWorld keynote.

AI and machine learning take on cloud security woes – TechTarget – AI-infused technologies continue to target almost all aspects of cloud monitoring and management, including security. But don’t assume they’re a silver bullet.

Pocket iNet Leaves 73 GB of Sensitive Data Exposed – InfoSecurity Magazine – A Washington State internet provider, Pocket iNet, left an AWS S3 server exposed online without a password, according to UpGuard.

Former National Security Chiefs Talk Cloud Security, AI, And The Importance Of Protecting Privacy – CRN – Three of the world’s most-respected national intelligence experts applied the lessons of their distinguished careers leading intelligence agencies Wednesday to IT professionals trying to secure cloud workloads and embrace artificial intelligence.

Google And Our National Security: Lost In The Cloud? – Forbes – The experts all agree. The Pentagon and the U.S. military’s future depends on advanced weapons systems that will require cooperation with America’s most advanced technology companies, including the major players in Silicon Valley.

Amazon fixes security flaws allowing smart home hijacks – Engadget – Some smart home device owners may have dodged a bullet.

Survey: Federal agencies slow to migrate to cloud, despite promise of security – SC Magazine

AWS FreeRTOS Bugs Allow Compromise of IoT Devices – Threatpost – The bugs let hackers crash IoT devices, leak their information, and completely take them over.

How to monitor AWS credentials with the new Trailblazer tool – TechTarget – A security researcher introduced a tool called Trailblazer, which aims to simplify monitoring AWS credentials.

Are Consumers Worried Enough to Buy a Personal Server? – Data Center Knowledge – Seattle startup Privacy Labs is selling a server that runs email, contacts, and calendar services through a personal web domain

Someone’s in hot water: Tea party super PAC group ‘spilled 500,000+ voters’ info’ all over web – The Register – Leaky AWS S3 bucket fingered by infosec bods

The tech giants, the US and the Chinese spy chips that never were… or were they? – The Guardian – A sensational Bloomberg story about a major hardware hack was swiftly denied. But the journalists aren’t backing down

Hackers Can Stealthily Avoid Traps Set To Defend The Cloud – WIRED – Cloud services host vast quantities of valuable information, making them perpetually attractive targets for hackers.

How to Secure AWS Storage Buckets – Data Center Knowledge – Amazon is responsible for securing its cloud. Your security inside its cloud is on you.

Cloudten achieves enhanced AWS security status – ARN – Specialists join select list of partners worldwide

Companies fight to retain hold on customers’ data – The Standard – Major firms have opposed proposals to limit how they use personal data from millions of Kenyans, threatening the implementation of robust data protection laws.