back to article From Docker Hub hack to Facebook's burglar-friendly API to phone fingerprint bypasses...

Here's your quick-fire summary of recent computer security news. Docker: Someone broke into a database holding Docker Hub account information, and managed to siphon off non-financial records on 190,000 users before the exfiltration was, presumably, detected and stopped. The intrusion happened on Thursday, April 25, though …

  1. Reg Reader 1

    Wow, that's quite a list! I ask an earnest question as security is not my forte, are there more breaches since the move to cloud or just bigger breaches as there is more data stored in one place? I'm not even sure that's best way to ask that question. How about, is cloud security worse than previous security efforts by Corporations? Hopefully, some of you can both understand and answer my question.

    1. csecguy44

      The number of (disclosed) breaches is growing for sure, as well as the potential impact and severity. I couldn't point a finger at the "cloud era" as such, or at least not as a single reason. Sure, there is now a lot more information and a lot more services "up there", which simply means the target is larger, and therefore easier to "hit".

      There is also a learning curve involved for IT pros, who are "used to" securing on prem solutions, as well as a level of ignorance from the business that thinks "it's fine, it's in the cloud, we don't need to worry about it".

      And one of the bigger issues would probably be the speed of the IT/Security processes. In today's world it isn't easy to keep up with cyber criminals, who jump on vulnerable systems in the matter of hours or days, where IT need to follow testing/proving/patching that may take weeks.

      Naturally, there are tons of different other reasons apart from the above, each worth an in depth conversation on their own.

      1. Reg Reader 1
        Thumb Up

        Thanks for that.

      2. MiguelC Silver badge

        There are also harsher penalties for not disclosing breaches (GDPR, etc.), that might make information about them more easily available

  2. GnuTzu Silver badge
    Black Helicopters

    Future of Black Lists

    I don't know how else to say it, black listing will lose some it's value as they come under attack in the growing cyber war, particularly the more automated, less costly type. Minor miscreants might not think it's worth the effort to mount such attacks, but growing state-sponsored entities will. Black listing is going to become more and more expensive, and white listing and other more expensive risk rating systems will become more and more necessary. And, the automated portion of these things will have to get more sophisticated, employing big-data analytics and AI. Unfortunately, this will hasten the time to create AI that recognizes when it's attacked and retaliates. Insert references such as Wintermute, Skynet, Elon Musk, any other suitable cyber-war doomsday prediction here.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020