Amazon cloud hacked
Hackers Find Home In Amazon EC2 Cloud
Thursday December 10, 2009
Security researchers have spotted the Zeus botnet running an unauthorized command and control center on Amazon's EC2 cloud computing infrastructure. This marks the first time Amazon Web Services' cloud infrastructure has been used for this type of illegal activity, according to threat researcher Don DeBolt. The hackers got onto Amazon's infrastructure by hacking into a Web site hosted on Amazon's servers and then secretly installing their command and control infrastructure.
http://www.infoworld.com/d/cloud-com...-ec2-cloud-742
http://community.ca.com/blogs/securi...the-cloud.aspx
Thursday December 10, 2009
Security researchers have spotted the Zeus botnet running an unauthorized command and control center on Amazon's EC2 cloud computing infrastructure. This marks the first time Amazon Web Services' cloud infrastructure has been used for this type of illegal activity, according to threat researcher Don DeBolt. The hackers got onto Amazon's infrastructure by hacking into a Web site hosted on Amazon's servers and then secretly installing their command and control infrastructure.
http://www.infoworld.com/d/cloud-com...-ec2-cloud-742
http://community.ca.com/blogs/securi...the-cloud.aspx
Comments
EDIT. n/m I just RTFA.
Don't trust the "cloud".
In fact, don't even trust your own computer.
Practice compartmentalized security. The more something is sensitive or can be used to hurt you, the less it should be on any sort of electronic equipment.
Some info you might have on a machine, but not connected to the outside world. Like business records or something.
Some info you really don't care who reads it, and you have a backup anyway, can be used on the cloud if it convenient for you to do so. If your not getting any benefit and risking your security doing it, then don't bother.
I would avoid any sort of online banking and most ATM machines, this way if something happens, the banks can't blame you when you try to sue them to get your money back.
Banks using Windows and IE (and Windows for ATM's) absolutely scare the hell out of me. But if they lose my money, I make sure it's their fault.
Use the tried and true separate account with physical access to access and transfer large funds, or small funds into a less secure ATM/checking/Debit/Credit card type account.
A lot of third party ATM machines exist, run by low budget operators who can disappear or declare bankruptcy if your large funds in a debit account disappear for some reason or another.
So match your potential to lose with the appropriate level of security in everything you do.