This bulletin was written by Eric Dodge of the Kudelski Security Threat Detection & Research Team Summary Microsoft has recently mitigated a vulnerability that was
Tag: Cloud
Zero Trust Access to Kubernetes
Over the past few years, Kudelski Security’s engineering team has prioritized migrating our infrastructure to multi-cloud environments. Our internal cloud migration mirrors what our end clients
Six Cloudplug Vulnerabilities Disclosed
In this blog post, we examine six vulnerabilities that we have found in the CloudPlug, a device that collects logs from ICS/SCADA networks and pushes
Code Audit of Boxcryptor
Boxcryptor is a software developed by Secomba GmbH which focuses on protecting files stored on external cloud providers by over-encrypting the files and even
OpenSSH hardening for cloud machine – Two-factor authentication – part 2
I enthusiastically use two-factor authentication whenever possible because static passwords aren’t the best mechanism to mitigate risk… Traditional passwords are vulnerable to social engineering, key-loggers,
OpenSSH hardening for cloud machine – part 1
SSH is often required to access Linux machines that run on the Cloud infrastructure. SSH is perfect to keep confidentiality and integrity of data exchanged between two
Kudelski Security Research 