In Nightfall’s Trends in Cloud Security Newsletter, we review the top stories and developments in cloud security. Some of this issue’s highlights include:
Nightfall will be attending both BSidesSF and RSA conference this year. Read our announcement and follow us on Linkedin and Twitter to stay up-to-date on other announcements.
Read about the Citrix vulnerability saga as well as breaches at Microsoft and Mitsubishi.
Experts speaking to Threatpost discuss the pros and cons of releasing proof of concepts for known exploits.
Read these stories and other timely cloud security stories below.
Top stories from Our Blog
Announcement: Nightfall Will be Attending BSidesSF & RSA Conferences in February
Nightfall is sponsoring both BSidesSF and RSA Conference this year. We’ll be present for all sessions of both conferences. See our post for more details and follow us on social media for a special announcement in February.Webinar: How to Discover & Protect Sensitive Data in Slack
Nightfall will be holding a live webinar tomorrow, January 29 at 11 AM PST. Join us and learn how to implement data loss prevention (DLP) on Slack.
Galileo Health Maintains HIPAA Compliance Across Slack and GitHub with Nightfall
This month we detailed how Nightfall helps Galileo Health secure sensitive data across GitHub and Slack. Learn more about our DLP platform and its features.4 Cloud Security Lessons from the Hit Show ‘Mr. Robot’
Mr. Robot, a hacking drama lauded by information security experts, ended last month. We thought it’d be fun to discuss the show’s biggest hacks and the cloud security lessons surrounding them.
Incidents in the cloud
Beaumont fires employee for leaking patient data
(Modern Healthcare)
Beaumont Health fired an employee accused of disclosing confidential information of more than 1,000 patients to a person suspected of working on behalf of a personal injury attorney. Beaumont discovered the patient data breach Dec. 10 and began an internal investigation. The employee is believed to have accessed PHI without authorization from Feb. 1, 2017, until October 22, 2019.Citrix releases new patches to plug critical server vulnerability
(ZDNet)
The Citrix vulnerability saga seems to have concluded with Citrix providing patches in the past week. Throughout the month exploit codes became public and one group began patching and backdooring vulnerable servers, likely to isolate them for future attacks.Citrix fixes bug used in ransomware attacks; Auto maker GEDIA falls victim to exploit
(SC Media)
While Citrix has begun issuing patches this week, organizations have been and still might be targeted by hackers. Bradley Barth details how German automaker GEDIA Automotive has fallen victim to the Citrix exploit.
Microsoft Leaves 250M Customer Service Records Open to the Web
(Threatpost)
Comparitech, a security company, uncovered no less than five unsecured Elasticsearch servers containing records spanning from 2005 to December 2019. The servers had been indexed by search engine BinaryEdge and stored troves of Microsoft consumer service information in plain text including email addresses, IP addresses, and physical locations.Mitsubishi Electric discloses security breach, China is main suspect
(ZDNet)
This month, Japanese manufacturing firm Mitsubishi revealed that it had been the victim of a data breach in June 2019. The intrusion was detected after Mitsubishi Electric staff found a suspicious file on one of the company's servers and is believed to have resulted from privilege escalation from a compromised employee account.FBI Plans to Inform States of Election Breaches
(Threatpost)
The FBI has changed its policy around election cybersecurity and said it will now notify state officials in the event that local election systems are hacked.P&N Bank Data Breach Exposes Trove of User Data
(SecurityWeek)
On December 12, 2019, during a server upgrade on a third-party hosting provider PII of P&N customers was breached. Included in the breach were names, addresses, email addresses, phone numbers, customer numbers, age, account numbers and balance, and other details.
Strategies for securing the cloud
PoC Exploits Do More Good Than Harm: Threatpost Poll
(Threatpost)
Following the Citrix vulnerability (and the release of a PoC Citrix exploit), Threatpost polled its readership about whether or not releasing PoCs is a good thing, with most saying they were. Experts weigh in on both sides of the issue.Head in the Clouds: Scaling Business Workloads Without Scaling Risk
(Security Intelligence)
Limor Kessem outlines the security risks and considerations that need to be taken into account when scaling in the cloud. While it’s not fair to say that cloud migration and scaling isn’t without risk, careful assessments can help you scale successfully.Top Four Security Predictions for 2020
(Security Magazine)
Hal Lonas weighs in on what the four key security trends of 2020 might be. Among them are further growth in phishing scam complexity and shifts in the security landscape that might necessitate the use of AI.Are We Secure Yet? How to Build a 'Post-Breach' Culture
(Dark Reading)
Are we secure yet? Rich Armour in Dark Reading answers an emphatic “no!” In this post, Rich covers how to create a strong culture of security after a breach and ways to measure engagement from key organizational stakeholders and turn security into a regularly maintained process rather than a destination.