Skip to main content

Cloud Technology and Security Alert News Digest – Issue #2

Update 2019: We’ve been busy working on some great training content around security, check out the Cloud Academy library to prepare on all-things cloud security.


Welcome to the second issue of the Cloud Technology and Security Alert News Digest. Today it’s security, security, security: we’ll discuss dangerous malware plugins and themes aimed at CMS administrators, security in the Internet of Things, private webcams left wide open, and the coming marriage of SQL-NoSQL.

Malware plugins and themes for popular CMS

Security Week reports on a new white paper published by the Dutch security firm Fox-IT, describing the existence of plugins and themes – some claiming to be pirated versions of popular commercial packages – for Drupal, WordPress, and Joomla. The software includes built-in backdoor vulnerabilities providing access to external control. The Security Week article includes important identifying information.

SQL and NoSQL

Simon Bisson over at ZDNet just posted an interesting discussion about converging use cases and feature sets between SQL and NoSQL databases. With exploding volumes of data coming into play and our ever more complicated reliance on data resources, this trend can only pick up speed.

Internet of Things

According to ZDNet, IBM’s X-Force Threat Intelligence Quarterly has proposed a five-point security model implementation to counter some of the very real and current threats to devices attached to the “Internet of Things.” All of us – no matter which industry segment we serve – would be well served to adopt these guidelines.

Webcams threats

At least change your password, stupid! Though it has since shut down, a Russian-based web site was offering open links to thousands of webcams and CCTVs from around the world – many of them monitoring children’s bedrooms and living spaces. The trick? The BBC reports that the site owner didn’t have to do any hacking, but simply relied on out-of-the-box protocols and default passwords.

Multi-factor Authentication

Ed Bott at ZDNet makes a powerful case for imposing multi-factor authentication on your deployments. In fact, I push for the same thing over at my AWS IAM course, as it can greatly improve the security of your application and help to make a more robust architecture.

Written by

David Clinton

A Linux system administrator with twenty years' experience as a high school teacher, David has been around the industry long enough to have witnessed decades of technology trend predictions; most of them turning out to be dead wrong.

Related Posts

Adam Hawkins
— April 16, 2019

The Convergence of DevOps

IT has changed over the past 10 years with the adoption of cloud computing, continuous delivery, and significantly better telemetry tools. These technologies have spawned an entirely new container ecosystem, demonstrated the importance of strong security practices, and have been a catal...

Read more
  • DevOps
  • Security
Adam Hawkins
— March 21, 2019

How DevOps Increases System Security

The perception of DevOps and its role in the IT industry has changed over the last five years due to research, adoption, and experimentation. Accelerate: The Science of Lean Software and DevOps by Gene Kim, Jez Humble, and Nicole Forsgren makes data-backed predictions about how DevOps p...

Read more
  • DevOps
  • Security
Stuart Scott
— November 29, 2018

New Security & Compliance Service: AWS Security Hub

This morning’s Andy Jassy keynote was followed by the announcement of over 20 new services across a spectrum of AWS categories, including those in Security and Compliance, Database, Machine Learning, and Storage.  One service that jumped out to me was the AWS Security Hub, currently...

Read more
  • Amazon Web Services
  • re:Invent 2018
  • Security
Alex Brower
Alex Brower
— October 17, 2018

Interview: Q&A with John Visneski

Security is a top priority for organizations of all types, with research firm IDC projecting 10% spending growth to $91 billion dollars in 2018. For leadership, security is important considering the cost, regulation, and reputation at stake when breaches occur. According to a joint ...

Read more
  • Security
John Visneski
John Visneski
— October 2, 2018

Building Security Teams in a Competitive Talent Market: These Are The Droids You’re Looking for

John Visneski is the Head of Security and DPO at The Pokemon Company International. If you missed the webinar we organized in collaboration with John Visneski you can still watch it on demand, simply click here. The reasoning behind the popularity of this perspective is clear, if no...

Read more
  • Security
Albert Qian
Albert Qian
— September 25, 2018

Microsoft Ignites Cloud Industry With Nadella Keynote

On Monday, Microsoft kicked off its Ignite conference, an annual gathering of developers and IT professionals. Over the next week, attendees will learn about upcoming Microsoft innovations in IoT, artificial intelligence, machine learning, and cloud (all while getting some good networki...

Read more
  • Events
  • IoT
  • Machine Learning
  • Security
Cloud Academy Team
— August 29, 2018

4 Reasons You Need to Include Business Stakeholders in Cloud Training

Digital transformation is changing how organizations in every industry approach their business strategy, serving as the foundation of their technology initiatives. Chief among this includes cloud adoption, which is not just a path to IT savings, but also increasingly where companies are...

Read more
  • Cloud Adoption
  • Security
Aaron McKeown
Aaron McKeown
— August 1, 2018

Build a Security Culture Within Your Organization

At this year’s AWS Summit Sydney, I was invited to speak about security culture and share a few practical examples of how organizations can build a positive security culture through increased visibility and enablement at all levels. But, what is a positive security culture?At Xero, we...

Read more
  • Security
Albert Qian
Albert Qian
— June 19, 2018

Preparing for the Microsoft Azure 70-535 Exam

The credibility of Microsoft Azure continues to grow in the first quarter of 2018 with an increasing number of enterprises migrating their workloads, resulting in a jump for Azure from 10% to 13% in market share. Most organizations will find that simply “lifting and shifting” applicatio...

Read more
  • Azure
  • Compute
  • Database
  • Security
Stuart Scott
— May 17, 2018

4 Best Practices to Get Your Cloud Deployments GDPR Ready

With GDPR coming into force later this month, security and compliance will be the top-most priority for any cloud deployment that contains personal data of EU citizens.While leading providers have moved to make their platforms and services compliant, ensuring compliance requires more ...

Read more
  • GDPR
  • Security
Cloud Academy Team
— May 7, 2018

AWS Summit London 2018: Our Top Picks

Cloud Academy is proud to be a sponsor of AWS Summit London coming up May 9-10 at the ICC, ExCeL, London.Join us in booth S24, Level 1 where our AWS experts will be on hand to answer your questions and walk you through our latest content and newest platform features.Ask us about y...

Read more
  • AWS Summits
  • GDPR
  • Security
George Gerchow
— March 26, 2018

GDPR Compliance: Low Cost, Zero-Friction Action Items

George Gerchow is Chief Security Officer at Sumo Logic and Adjunct Honorary Lecturer at Cloud Academy. View the on-demand recording of our recent webinar, Establishing a Privacy Program: GDPR Compliance & Beyond with Mr. Gerchow and Jen Brown, Data Protection Officer at Sumo Logic....

Read more
  • GDPR
  • Security