A summary of talks from BSides Austin including the Verizon Data Breach Investigation Report, the state of cloud security and the importance of high quality random numbers in cryptography. View full post on Naked Security – Sophos View full post on National Cyber Security
Five steps for achieving PaaS security in the cloud
Securing PaaS requires implementing application security fundamentals. View full post on SearchCloudSecurity: RSS Feed View full post on National Cyber Security
Cloud payroll services the target of cybercriminals using Zeus malware
Cybercriminals are using the Zeus online banking malware to target companies that use cloud-based payroll services, according to researchers from security firm Trusteer. The researchers have come across a Zeus configuration that monitors the log-in web page of a Canadian provider of human resources and payroll services called Ceridian Canada,…
Cybercriminals Use Zeus Malware to Target Cloud Payroll Services
Cybercriminals are using the Zeus online banking malware to target companies that use cloud-based payroll services, researchers from security firm Trusteer said Monday. The researchers have come across a Zeus configuration that monitors the log-in Web page of a Canadian provider of human resources and payroll services called Ceridian Canada,…
ENISA offers governance guide for cloud computing contracts
European agency provides framework for monitoring cloud provider security after a contract is signed. View full post on SearchCloudSecurity: RSS Feed View full post on National Cyber Security
More companies eyeing SIEM in the cloud
A cloud service can help companies get around some hurdles with SIEM systems. View full post on SearchCloudSecurity: RSS Feed View full post on National Cyber Security
David Navetta on cloud computing contracts, cloud computing breaches
In this video interview at RSA Conference 2012, David Navetta, founding partner of the Information Law Group, talks about key issues with cloud contracts. View full post on SearchCloudSecurity: RSS Feed View full post on National Cyber Security
Security rating for cloud services selection
Body: Along with exciting new opportunities, cloud computing presents new challenges for both IT professionals and business managers. The former have to change their mindsets from an internally provided service to an outsourced one, and the latter have to consider security issues in their decision about moving to the cloud….
Google increases cloud security of hosted developer services
Google has beefed up the security of its cloud hosted services for developers by making several of them able to authenticate interactions with applications using certificate-based Service Accounts. These certificates offer a stronger authentication method than shared keys and passwords because they aren’t “human-readable or guessable,” explained Google product manager…
Cloud security registry is slow to catch on
Last August the Cloud Security Alliance (CSA) announced at the Black Hat security conference in Las Vegas a registry that it hoped would serve as a place for prospective cloud users to go to easily inspect and compare cloud vendors’ security controls. But to date, only three companies have submitted…