Cloud Storage: How to protect user credentials against malware

Hi there, recently, during the Black Hat USA 2015 event, some cyber security experts from Imperva unveiled a serious vulnerability that affected (it’s been fixed now) several major Cloud Storage services such as Google Drive and Dropbox. Also, they put in place a practical attack named “Man in the Cloud” (in French). The vulnerability and the corresponding attack…

Read-Only Credentials For EC2

A common concern of EC2 users with regard to using third-party tools like Elastic Detector is the fact that those tools require the users’ AWS EC2 credentials to work. In the wrong hands, those credentials can be misused to cause significant damage by e.g. shutting down instances. Fortunately, AWS provides a solution called Identity and…