Register for CSA’s SECtember conference and trainings today




Circle
Events
Blog

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Are You Ready for a Slack Breach? 5 Ways to Minimize Potential Impact
Published: 09/22/2022

Originally published by Mitiga here. Written by Ofer Maor, Co-Founder and Chief Technology Officer, Mitiga. TL; DRAs Slack becomes a dominant part of the infrastructure in your organization, it will become a target for attacks and at some point, it is likely to be breached (just like any other te...

Learning Not to Step on Lego: Blast Radius, Cloud Sprawl, and CNAPP
Published: 09/20/2022

Originally published by CXO REvolutionaries here. Written by Martyn Ditchburn, Director of Transformation Strategy, Zscaler. Ever stepped on a Lego block? It hurts, doesn’t it!If not, imagine for a moment that it’s 2 a.m. and you’re navigating your way to the bathroom in the dark. Your child has ...

Writing Good Legislation is Hard
Published: 08/22/2022
Author: Kurt Seifried

It’s hard to write good legislation. Recently H.R.7900 - National Defense Authorization Act for Fiscal Year 2023 came out. It includes the following text:At first glance, the intent seems reasonable. Vendors need to include an SBOM for their software and services, and any known vulnerabilities (a...

Zero-day Vulnerability Affecting the Microsoft Windows Support Diagnostic Tool (MSDT)
Published: 07/07/2022

This blog was originally published by CrowdStrike here. Written by Dan Fernandez - Liviu Arsene, Endpoint & Cloud Security.On May 27, 2022, a remote code execution vulnerability was reported affecting the Microsoft Windows Support Diagnostic Tool (MSDT)The vulnerability, which is classified as a ...

Threat Activity Cluster #4: Strawberry with Sprinkles
Published: 07/05/2022

This blog was originally published by Alert Logic here. Written by Josh Davies and Gareth Protheroe, Alert Logic. In the next edition of our ice cream activity cluster blog series, we’re shining the spotlight on another historic actor that undertook a significant remodeling of their tactics, ...

SynLapse – Technical Details for Critical Azure Synapse Vulnerability
Published: 06/28/2022

This blog was originally published by Orca Security on June 14, 2022. Written by Tzah Pahima, Orca Security. One attack vector closed, additional hardening is recommended This blog describes the technical details of SynLapse, in continuation to our previous blog. We waited to publish until now in...

3 Vulnerability Management Challenges for SAP Applications (and How to Overcome Them)
Published: 06/23/2022

This blog was originally published by Onapsis here.Written by Maaya Alagappan, Social Media and Content Strategist, Onapsis.Business-critical applications have never been more vulnerable. The increasing complexity and size of application environments, customization of individual apps, and growing...

Threat Activity Cluster #3: Strawberry
Published: 06/15/2022

This blog was originally published by Alert Logic here. Written by Josh Davies and Gareth Protheroe, Alert Logic. The next flavor from the Alert Logic data set in the activity clustering series is Strawberry. Before diving into this activity cluster, be sure to read the series introduction ...

Runtime Protection: The Secret Weapon for Stopping Breaches in the Cloud
Published: 06/14/2022

This blog was originally published by CrowdStrike here. Written by David Puzas, CrowdStrike. Mistakes are easy to make, but in the world of cloud computing, they aren’t always easy to find and remediate without help. Cloud misconfigurations are frequently cited as the most common causes of breach...

What is CEO Fraud Phishing?
Published: 06/14/2022

This blog was originally published by TokenEx here.Written by Anni Burchfiel, Content Marketing Specialist, TokenEx.As companies bolster their security infrastructure and increase budgets to deflect growing cyber-attacks, hackers are attacking the weakest link: human error. Social engineering cyb...

cr8escape: New Vulnerability in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811)
Published: 06/03/2022

This blog was originally published by CrowdStrike on March 15, 2022. Written by John Walker – Manoj Ahuje, CrowdStrike. CrowdStrike cloud security researchers discovered a new vulnerability (dubbed “cr8escape” and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O.CrowdStrike disc...

Spring4Shell: Another Vulnerability Showcases Need for More Secure Software Development
Published: 06/01/2022

This blog was originally published by BlueVoyant here. In late March, a new remote code execution vulnerability known as Spring4Shell, or sometimes SpringShell, was announced. The vulnerability, tracked as CVE-2022-22965, is in the Spring Framework, a set of prewritten Java code to create sof...

For Fun – Aligning or Putting Music to the Varieties of Efforts, Tasks, Work Roles, and Functions in Cybersecurity
Published: 05/27/2022

Produced by: Stan Mierzwa, M.S., CISSP, CCSK, Cloud Security Alliance NJ Chapter President Contributions by: Eliot Perez, Assistant Director Security, Transportation Industry and Cloud Security Alliance NJ Chapter Board Member Todd Edison, Chapter Relations Manager, Cloud Security Alliance ...

Security Advisory: Insufficient Tenant Separation in Azure Synapse Service
Published: 05/12/2022

This blog was originally published by Orca Security on May 9, 2022. Written by Avi Shua, Orca Security. TL;DROrca Security is issuing this security advisory for CVE-2022-29972 to address hazards in the use of the Microsoft Azure Synapse service. We believe the tenant separation in this service is...

CVE-2022-23648 – Arbitrary Host File Access from Containers Launched by Containerd CRI and its Impact on Kubernetes
Published: 04/06/2022

This blog was originally published by ARMO here. Written by Leonid Sandler, CTO & Co-founder, ARMO. Recently discovered vulnerability - CVE-2022-23648 - in containerd, a popular container runtime, allows especially containers to gain read-only access to files from the host machine. While general...

Why We Created the Global Security Database
Published: 02/22/2022
Author: Kurt Seifried

The Global Security Database is a modern approach to a modern problem. CVE is an old approach to an old problem, one that still exists (legacy code bases), but has been superseded by new and much more complicated IT systems.Stage 1: We can improve CVE from withinIn the beginning (1999) there was ...

SAP Security Patch Day January 2022: Log4j Causes Record-Breaking Number of HotNews Notes
Published: 02/21/2022

This blog was originally published by Onapsis on January 11, 2022. Written by Thomas Fritsch, Onapsis. Highlights of January SAP Security Notes analysis include:January Summary - 35 new and updated SAP security patches released, including 20 HotNews Notes and six High Priority Notes Information ...

Log4j: The Evolution of Vulnerabilities to CVE-2021-45046 and What to Expect in 2022
Published: 01/18/2022

This blog was originally published by Alert Logic here. Written by Josh Davies, Alert Logic. Threat Overview The internet has been alive with talk of Log4Shell (CVE-2021-44228), and for good reason. While the bug appears to have been introduced in 2013, only recently have we observed wi...

What is a Vulnerability?
Published: 01/13/2022
Author: Kurt Seifried

A philosophical but practical exploration of technical vulnerabilitiesLet’s check Merriam-Webster:open to attack or damageThis doesn’t feel complete. What’s missing? Let’s check Wikipedia:In computer security, a vulnerability is a weakness which can be exploited by a threat actor, such as an atta...

How we ended up with #log4shell aka CVE-2021-44228
Published: 01/10/2022
Author: Kurt Seifried

Quick note: from now on I will refer to log4j version 2 as “log4j2” To learn how to deal with the critical vulnerability in log4j2, read the first blog in this series, Dealing with log4shell. To get a breakdown of the timeline of events, refer to the second blog, Keeping up with log4shell. So how...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.