While researching the Azure Guest Agent, we’ve uncovered several security issues which have all been reported to Microsoft. This post will focus on a security design flaw in the VM Access plugin that may enable a cross platform attack impacting every machine type provided by Azure.
Improved Ease of Use, New Exploits and Expanded Platform Support Enables Broader and Continuous Testing Across Data Center and Cloud Environments
San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in internal data center and cloud security, today announced a new version of its Infection Monkey open source attack simulation tool with several significant enhancements. Designed to test the resiliency of modern data centers and clouds against cyber attacks, the Infection Monkey is an open source tool developed by GuardiCore Labs, originally introduced in 2016.
CSO Online recently reported on a study conducted by the Cloud Security Alliance that listed the top twelve threats to cloud computing. The threats range from data breaches, to advanced persistent threats (APTs), to abuse and nefarious uses of cloud services. For example, the report discusses how malicious actors exploit poorly secured or misconfigured cloud services to abuse compute resources for nefarious purposes, such as DDOS attacks or attempts to exfiltrate data as part of a breach.
We are pleased to announce a new version of our Infection Monkey open source attack simulation tool with several significant enhancements. We first introduced the Infection Monkey in 2016 and have continuously developed and supported it. Part of what we did came from feedback we received from our community so thanks everyone for contributing!
We recently added File Integrity Monitoring (FIM) to the GuardiCore Centra Security Platform and wanted to share how it can help your organization detect breaches and achieve compliance with regulations such as PCI DSS and HIPAA. These regulations require integrity monitoring as an internal control that must be deployed to ensure protection of an organization’s critical assets and data. Overall, organizations that apply FIM gain increased confidence that their critical data is protected against unauthorized changes.
Read more →
