Company News and Product Updates from Kloudle

Apache Log4j is an open-source Java package. It is the most widely used default logging package. Many many things can go wrong. Attackers may execute their own code in your server, remotely over the network, without any permission! If not code, they can scoop up all the server secrets that are in the server memory. Affected users include Apple iCloud, AWS, Google, Cloudflare, most of the financial services world, among others.

To ensure absolute security, Google has offered its users tools to help them protect their cloud-based resources. Here are a few tools in the Google security network that your business can leverage to ensure consistent security in your cloud accounts.

The Google cloud security network offers a shared responsibility model for cloud security with its users. While Google ensures that all the infrastructure is secure, the users of GCP are expected to secure their workload, data, and other resources on the cloud. While Google Cloud offers its users the tools to secure their cloud resources, attackers often find their way into your cloud resources due to misconfigurations during development.

EC2 misconfigurations leave your cloud accounts vulnerable to attacks. For businesses that haven't started automating cloud security yet, here is a list of things you can do manually, to begin with.

A quick read on how a decade old MySQL/MariaDB bug caused by the inability to parse a malformed scientific notation literal could be used to bypass Web Application Firewalls on-prem and more dangerously on the cloud.

Announcement post for our talk at the conference where we will talk about how attackers gain access and what they can do once they are Attackers in a Pod.