Newsletters Welcome, Guest Log In | Register
News:

Security

< Previous | Next >

Subscribe

Sign up now and get the best business technology insights direct to your inbox.

  • Daily Edge
  • CTO Edge Update
  • Business Tools & Templates
  • Aligning IT & Business Goals
  • Maximizing IT Investments

0

Amazon Calls Cloud Service Vulnerability 'Hypothetical'

Posted by Kara Reeder Oct 29, 2009 1:34:29 PM

Researchers from MIT and the University of California at San Diego have identified a security issue that would allow attackers to search for, locate and attack specific targets in Amazon's Elastic Computer Cloud (EC2), according to Computerworld. Researchers say that because the vulnerabilities are generic, similar targeted attacks could be carried out in other cloud services.

 

Amazon spokeswoman Kay Kinton downplayed the research, saying the attack described in the report was "hypothetical," and one that would be "significantly more difficult in practice." She goes on to say:

The side channel techniques presented are based on testing results from a carefully controlled lab environment with configurations that do not match the actual Amazon EC2 environment ... As the researchers point out, there are a number of factors that would make such an attack significantly more difficult in practice.

Related Content

Add a comment Leave a comment on this blog post.

There are no comments on this post

Premium Tools

Browse

IT Security Manual Template

Immediately download a customizable set of documents and templates that covers every aspect of IT Security. These templates are compliant with ISO27000, HIPPAA and Sarbanes oxley standards.

Learn more >

The IT Governance and Compliance Toolkit

This Toolkit is a collection of templates and instructional documents that help you assess and establish the crucial policies that you need to operate a secure and compliant IT organization.

Learn more >

Related Content

Browse

Topic: Network Security

Protect and preserve your network, your data and the life of your business

Blog: Communicating E-Commerce Security Efforts with Consumers

Article: NSF Problem Proves Basic Content Filtering No Longer Enough

White Paper: Bullet-Proofing Instant Messaging

Related Topics

Amazon, Cloud Computing

Featured White Papers

Browse

Buyer's Guide for Enterprise Single Sign-On

This white paper offers a thorough checklist that should enable potential ESSO implementers to deploy the right ESSO solution, to help eliminate sign-on problems, reduce helpdesk costs, maximize user productivity, strengthen security, simplify administration and accelerate regulatory compliance.

Seven Design Requirements for Web 2.0 Threat Prevention

This white paper outlines the new Web 2.0 threats, explains why most existing security solutions can't provide adequate protection, and proposes seven design requirements for Web 2.0 threat protection.

Resource Centers

Browse

Data Loss Protection

Data-loss prevention tactics, technologies and best practices to protect your sensitive and valuable company data.

Featured Whitepapers

Realizing Enhanced Productivity and Timely ROI from Your DLP Security Technology

Security Information and Event Management

Best practices, strategies and technologies to help you use security information and event log management efficiently and effectively in order to get business value in terms of increased security, reduced risk, regulatory compliance and increased business agility.

Featured Whitepapers

The Top Ten Insider Threats and How to Prevent Them

Security SaaS Solutions

Hosted security solutions that not only protect your data, but reduce your security management TCO, as well.

Featured Whitepapers

Why Security SaaS Makes Sense Today