The public cloud provides the provision of cloud services in a virtualized environment, implemented through shared physical resources and accessible via a public network such as the Internet. It is opposed to the private cloud, which delimits the pool of underlying computing resources, creating a distinct cloud platform that can only be accessed by a single organization. Public couds instead provide services to multiple customers through a single shared infrastructure.
The clearest examples of cloud computing are in the public cloud model, because by definition they are available to the public. “Software as a Service” (SaaS) offers such as cloud storage and CRM are perhaps the most familiar, but the model can also be followed by the popular “Infrastructure as a Service” (IaaS) offers and “Platform as a Service” (PaaS), including web hosting and cloud-based development environments (although all of these can also exist in private clouds). Public clouds are widely used for private offers, which are less likely to require the level of infrastructure and security offered by private clouds. In any case, companies can also use public clouds to make their activities much more efficient, for example by storing non-sensitive data, online collaboration on documents and web mail.
The public cloud offers the following advantages and functions:
♦ Maximum scalability: cloud resources are available on demand, drawing from the large public coud basins so that applications running on the cloud respond without interruption to the oscillations of the activity;
♦ Convenience: public clouds bring together greater levels of resources and therefore can offer advantages related to large economies of scale. The centralized functioning and management of the underlying resources are subdivided among all the resulting cloud services, while components, such as servers, require fewer customization interventions. Some offers for the mass market can even be free for the customer, given that advertising compensates for revenue;
♦ “Billing” style costs: public cloud services often adopt a “pay-as-you-go” payment model, so that consumers can access the necessary resources at the right time and then pay only those used, without waste;
♦ Reliability: The high number of servers and networks involved in the creation of public cloud and redundant configurations make sure that in the presence of faults to a physical component, the cloud service continues to operate with the remaining components. In some cases where clouds draw resources from a variety of data centers, even if an entire data center is unlinked, there would be no consequences for individual cloud services. In other words, there is no single point of vulnerability that could jeopardize the public cloud service;
♦ Flexibility: on the market there are a myriad of IaaS, PaaS and SaaS services that follow the public cloud model and which are accessible as a service from any device set up for the Internet. These services can meet most computing requirements and can benefit both private and business customers. Enterprises can even integrate their public cloud services with private clouds when they need to perform sensitive business functions, creating hybrid clouds;
♦ Geographical independence: access to public cloud services via Internet connections ensures that the services are available wherever the customer is. This creates valuable opportunities for businesses, such as remote access to IT infrastructure (in case of emergencies, etc.) or online collaboration on documents from multiple locations.
- Prevent shoulder surfing and theft of corporate credentials
- HTTP / 3, everything you need to know about the latest version protocol
- Machine learning and cybersecurity: UEBA applications and security
- Logic Bomb: what they are and how to prevent them
- Pass the hash: how to gain access without password
- Ransomware and NAS: a risk that is not considered
- SIEM monitoring: best practices
- Cyber Threat Hunting: on the hunt for security threats
- Backup as a Service (2)
- Cloud Conference (3)
- Cloud CRM (1)
- Cloud Server/VPS (20)
- Conferenza Cloud (4)
- ICT Monitoring (4)
- Log Management (2)
- News (17)
- ownCloud (4)
- Privacy (6)
- Secure Online Desktop (14)
- Security (9)
- Web Hosting (15)
- Clear & Present Danger: Data Hoarding Undermines Better Security April 13, 2021Facebook and Google can identify patterns of attack within their own data, but smaller businesses rarely see enough traffic to successfully identify an attack or warn users.
- Biden Nominates Former NSA Officials for Top Cybersecurity Roles April 12, 2021President Biden has nominated Jen Easterly as the new director of CISA and is expected to nominate Chris Inglis as the first national cyber director.
- Microsoft Warns of Malware Delivery via Google URLs April 12, 2021A new campaign abuses legitimate website contact forms to send URLs that ultimately deliver the IcedID banking Trojan.
- Federal Reserve Chairman Says Cyber-Risk a Top Threat to National Economy April 12, 2021Jerome Powell tells 60 Minutes that cyberattacks have the potential to do major damage to US financial system.
- Microsoft Uses Machine Learning to Predict Attackers' Next Steps April 12, 2021Researchers build a model to attribute attacks to specific groups based on tactics, techniques, and procedures, and then figure out their next move.
- New Malware Downloader Spotted in Targeted Campaigns April 12, 2021Saint Bot is being used to drop stealers on compromised systems but could be used to deliver any malware.
- Omdia Research Spotlight: XDR April 12, 2021Few emerging cybersecurity market segments are garnering more attention than XDR. Here, Omdia highlights its recent research on XDR.
- CISA Launches New Threat Detection Dashboard April 9, 2021Aviary is a new dashboard that works with CISA's Sparrow threat detection tool.
- Unofficial Android App Store APKPure Infected With Malware April 9, 2021The APKPure app store was infected with malware that can download Trojans to other Android devices, researchers report.
- CFP ZeroNights 2021 April 10, 2021Posted by CFP ZeroNights on Apr 09ZeroNights 2021 CFP is OPEN: Offensive and defensive research (15/30/45min). Submit your talk! # About conference Place: Saint-Petersburg, Russia Date: 30 June Timeslots: 15/30/45 min Site: https://zeronights.org # CFP Timeline CFP start: 1 March CFP end: 15 May CFP page: https://01x.cfp.zeronights.ru/zn2021/ # Conditions: A speaker may deliver either a […]
- Backdoor.Win32.Small.n / Unauthenticated Remote Command Execution (SYSTEM) April 8, 2021Posted by malvuln on Apr 08Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/fb24c3509180f463c9deaf2ee6705062.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Small.n Vulnerability: Unauthenticated Remote Command Execution (SYSTEM) Description: The backdoor malware listens on TCP Port 1337, upon successful connection we get handed a remote shell from the infected host with SYSTEM...
- [SYSS-2020-032] Open Redirect in Tableau Server (CVE-2021-1629) April 8, 2021Posted by Vladimir Bostanov on Apr 08Advisory ID: SYSS-2020-032 Product: Tableau Server Manufacturer: Tableau Software, LLC, a Salesforce Company Affected Version(s): 2019.4-2019.4.17, 2020.1-2020.1.13, 2020.2-2020.2.10, 2020.3-2020.3.6, 2020.4-2020.4.2 Tested Version(s): 2020.2.1 (20202.20.0525.1210) 64-bit Windows Vulnerability Type: URL Redirection to Untrusted Site (CWE-601) Risk Level: Medium Solution Status: Fixed Manufacturer Notification: 2020-07-29 Solution Date:...
- Backdoor.Win32.Hupigon.das / Unauthenticated Open Proxy April 8, 2021Posted by malvuln on Apr 08Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/7afe56286039faf56d4184c476683340.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.das Vulnerability: Unauthenticated Open Proxy Description: The malware drops an hidden executable named "winserv.com" under Windows dir, which accepts TCP connections on port 8080. Afterwards, it connects to a...
- Trojan.Win32.Hotkeychick.d / Insecure Permissions April 8, 2021Posted by malvuln on Apr 08Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/aff493ed1f98ed05c360b462192d2853.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan.Win32.Hotkeychick.d Vulnerability: Insecure Permissions Description: creates an insecure dir named "Sniperscan" under c:\ drive and grants change (C) permissions to the authenticated user group. Standard users can rename the...
- Trojan-Downloader.Win32.Genome.qiw / Insecure Permissions April 8, 2021Posted by malvuln on Apr 08Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/5cddc4647fb1c59f5dc7f414ada7fad4.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Genome.qiw Vulnerability: Insecure Permissions Description: Genome.qiw creates an insecure dir named "tmp" under c:\ drive and grants change (C) permissions to the authenticated user group. Standard users can...
- Trojan-Downloader.Win32.Genome.omht / Insecure Permissions April 8, 2021Posted by malvuln on Apr 08Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/01055838361f534ab596b56a19c70fef.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Genome.omht Vulnerability: Insecure Permissions Description: Genome.omht creates an insecure dir named "wjmd97" under c:\ drive and grants change (C) permissions to the authenticated user group. Standard users can...
- Trojan.Win32.Hosts2.yqf / Insecure Permissions April 8, 2021Posted by malvuln on Apr 08Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/274a6e846c5a4a2b3281198556e5568b.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan.Win32.Hosts2.yqf Vulnerability: Insecure Permissions Description: Hosts2.yqf creates an insecure dir named "mlekaocYUmaae" under c:\ drive and grants change (C) permissions to the authenticated user group. Standard users can...
- usd20210005: Privileged File Write in Check Point Identity Agent < R81.018.0000 April 8, 2021Posted by Responsible Disclosure via Fulldisclosure on Apr 08### Advisory: Privileged File Write Description =========== The Check Point Identity Agent allows low privileged users to write files to protected locations of the file system. Details ======= Advisory ID: usd-2021-0005 Product: Check Point Identity Agent Affected Version: < R81.018.0000 Vulnerability Type: Symlink Vulnerability Security Risk: High […]
- CVE-2021-26709 - Multiple Pre-Auth Stack Buffer Overflow in D-Link DSL-320B-D1 ADSL Modem April 8, 2021Posted by Gabriele Gristina on Apr 08Multiple Pre-Auth Stack Buffer Overflow in D-Link DSL-320B-D1 ADSL Modem ======== < Table of Contents > ========================================= 0. Overview 1. Details 2. Solution 3. Disclosure Timeline 4. Thanks & Acknowledgements 5. References 6. Credits 7. Legal Notices ======== < 0. Overview > =============================================== Release Date: 7 March 2021 Revision: […]
Estimated reading time: 6 minutes Is the threat of a large-scale DDoS attack enough to convince organizations to… https://t.co/sqrHurgPdr
ICON_PLACEHOLDEREstimated reading time: 6 minutes Out of nowhere, someone replies to an email conversation dated… https://t.co/kXIx3FPWfm
L'hacking etico e la salvaguardia del patrimonio aziendale https://t.co/SLncmaZ1ci
ICON_PLACEHOLDERTempo di lettura: 5 minutes Le ransomware gang hanno preso di mira le aziende negli ultimi tempi,… https://t.co/3hF62deo6S
ICON_PLACEHOLDEREstimated reading time: 10 minutes Ingegneria sociale è il termine usato per una vasta gamma di a… https://t.co/gj1hMDdfjn