Sign in / up

back to article CISA says SaaS providers in firing line after Commvault zero-day Azure attack

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that SaaS companies are under fire from criminals on the prowl for cloud apps with weak security. Apps with default configurations and elevated permissions are the aim of these attacks, although the US agency did not attribute the activity to a specific …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. fg_swe Silver badge

    Lock All Of It

    ...behind a firewall, that only enables your users to access the cloudy stuff.

    0 2 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Lock All Of It

      The problem is that cloudy stuff is by default not shielded.

      Personally I think a cloud provider should be liable if they run unsafe defaults so the customer has to change them first.

      It's not hard to default to a secure state where the customer has to willingly opne the door. Starting with the barn doors wide open is not what I'd call "Committed to security" (which is what all of them claim).

      0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like