InfoSecBulletin Cybersecurity for mankind
The NSA and CISA have released five bulletins on securing a cloud environment. Cloud services are very popular for businesses because they offer managed servers, storage, and applications without the need to manage their own infrastructure.
Many enterprise application developers now offer both on-premise and cloud-hosted versions of their services. This helps corporate admins by relieving them of some responsibilities.
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
TP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
WSJ reports
T-Mobile hacked in massive breach of telecom networks
Palo Alto Networks Confirms critical RCE zero-day actively exploited
CISA, FBI Warns
Hacker compromised multiple teleco network at US
CISA and the National Security Agency (NSA) released five joint Cybersecurity Information Sheets (CSIs) to provide organizations with recommended best practices and/or mitigations to improve the security of their cloud environment(s).
Use Secure Cloud Identity and Access Management Practices
Use Secure Cloud Key Management Practices
Implement Network Segmentation and Encryption in Cloud Environments
Secure Data in the Cloud
Mitigate Risks from Managed Service Providers in Cloud Environments
Review CISA and NSA recommendations and apply their suggestions to enhance cloud security. For more details on cloud security best practices, visit CISA’s SCuBA Project and TIC pages.
