%20(3)-1.png?quality=high&width=1900&height=1250&name=CSS%20-%20Blog%20(Featured%20Images)%20(3)-1.png)
%20(1).png?width=2000&height=1125&name=CSS%20-%20Blog%20(Featured%20Images)%20(1).png)
Jan 17, 2025
Security Alert: Codefinger Ransomware Attacks Target Amazon S3 Users
A new ransomware campaign targeting Amazon Simple Storage Service (Amazon S3) users has been identified. Dubbed Codefinger, the attackers leverage compromised AWS credentials to access and encrypt the victim’s data in Amazon S3 via AWS server-side encryption with customer-provided keys (AWS SSE-C). Cloud Storage Security’s (CSS’s) threat laboratory, Casmer Labs, responded quickly and conducted extensive research covering the attack method, identifying possible victims, and comparing Codefinger attacks to other ransomware tactics. Casmer Labs concluded that these attacks are especially dangerous because after encryption has been completed, the data cannot be recovered without the attacker’s disclosure of the encryption key, which would theoretically be provided after the ransom has been paid.
Cloud Storage Security
Jan 15, 2025
Your Responsibilities and Data Security in the Cloud
If your organization leverages the Amazon Web Services (AWS) cloud, you have probably encountered the Shared Responsibility Model. This framework is distributed by AWS to delineate security and compliance responsibilities between themselves as the cloud provider and their customers as cloud users.
Cloud Storage Security
Jan 13, 2025
GuardDuty + CSS Antivirus: Combined Approach to Secure AWS Storage
Ingestion Methods and Attack Surface Modern organizations that leverage the cloud ingest data into storage from various sources. Some examples include: Customer data via web applications On-premises data via migration tools such as AWS DataSync Data transferred from partners utilizing managed file transfer (MFT) services like AWS Transfer Family
Cloud Storage Security
Jan 6, 2025
Storage Announcements from AWS re:Invent & Data Security Considerations
Amazon Web Services (AWS) continues to advance the capabilities of cloud storage with a range of new features and enhancements, each offering unique benefits to businesses leveraging the AWS platform. Announcements made in December 2024 at AWS re:Invent included Storage Browser for Amazon S3, Queryable Object Metadata, Amazon S3 Tables, FSx Intelligent-Tiering and Physical data transfer terminals. These enhancements reflect AWS’ ongoing innovation in data management and storage optimization.
Cloud Storage Security
Nov 1, 2024
Managing Malware in Multi-Cloud
Businesses choose the cloud for reasons ranging from flexible application and processing capacity to secure storage. At Cloud Storage Security, we are seeing growing interest among businesses looking to distribute digital assets and functions across multiple clouds. When they do adopt a multi-cloud strategy, it is essential to consider potential expansion of vulnerabilities impacts to cybersecurity.
Cloud Storage Security
Oct 24, 2024
Costly Consequences of Falling Asleep at the Security Wheel
TechTarget’s Jill McKeon reported that the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently settled ransomware investigations involving two medical providers, in which the OCR issued civil monetary penalties totaling $490,000 for failing to fully comply with the HIPAA Security Rule by regularly and persistently maintaining malware prevention services.
Cloud Storage Security
Oct 15, 2024
When A DIY Lambda & ClamAV Antivirus Solution for S3 Isn't Worth It
Cloud Storage Security's (CSS) malware protection solution was built when our founders observed that cloud application workflows that rely on cloud storage have become a massive attack vector, and that building an in-house, end-to-end, malware detection system with sophisticated threat detection engines was a costly undertaking for any business with data in the cloud. This is especially true for workflows that ingest third party files, store them in the cloud and then share them downstream.
Cloud Storage Security
Jan 30, 2024
Insurance Company Meets OSFI B-13 Cyber Security Requirements
Customer Challenge In 2022, the Office of the Superintendent of Financial Institutions (OSFI) of Canada released its final version of Guideline B-13 - Technology and Cyber Risk Management. These guidelines, effective January 1, 2024, establish expectations for how federally regulated financial institutions (FRFIs)* should manage technology and cyber risks across three domains: Governance and Risk Management; Technology Operations and Resilience; Cyber Security.
Cloud Storage Security
Jan 8, 2024
What's New: CSS Product Updates—December 2023
Cloud Storage Security (CSS) is always working to improve our users’ experience and we’re excited to share the following noteworthy improvements to our antivirus and data loss prevention platform: support for Amazon FSx and job monitoring insights.
Cloud Storage Security
