Cloud Security This Week – February 23, 2018

New from
Ransomware – How to Detect, Respond to and Prevent an Attack
With all the recent talk about S3 being the next ransomware target, we thought we’d reshare this webinar. In it, a panel of cybersecurity and cloud security experts discuss the best practices for protecting your organization against ransomware and review the key findings from the latest 2017 Ransomware Report, including: the most common ransomware attack vectors, how to prepare for the next ransomware attack, what to do after an attack.

The Growth Mindset Applied to Cloud Security in Five Steps
Cloud security never stops, so it behooves IT teams to approach their security efforts with a growth mindset and focus on continuous improvement in managing their organization’s security posture.

Measure Your Cloud Security in 5 Steps
Because of constant change, you’re never dealing with the same cloud environment for very long, so it makes measurement difficult. Here are five steps to follow to determine if your team is actually making progress towards your cloud security and compliance goals.

FedEx S3 Bucket Exposes Private Details on Thousands Worldwide
“Hackers are going after S3 buckets and other repositories because that’s where the data is but also because they’re easy to find. There’s a whole hacker cottage industry around finding and exploiting S3 buckets, and it’s growing because as cloud environments grow, so do the number of unsecured assets that are discoverable.”

News and Perspectives on Cloud Security
Unsecured Amazon S3 Buckets Are Prime Cloud Target For Ransomware Attacks
James Sanders at TechRepublic says that misconfigured S3 buckets are a too-common problem among Amazon Web Services (AWS) users, and security researchers are taking notice.

Colorado Department of Transportation Shut Down 2K Computers after Ransomware Attack
First thing in the morning on 21 February, the DOT discovered that ransomware had struck all employee computers running Windows and protected by McAfee anti-virus software. To contain the damages, the Department also decide to take more than 2,000 computers offline. Such a move forced employees to resort back to using pen and paper.

Breach Exposes Sensitive California State Employee Data
As reported by The Sacramento Bee, it appears thousands of Social Security numbers have been exposed at the Department of Fish and Wildlife, with the department confirming so in a memo sent to its staff.