Tag

Cloud Misconfiguration

Examines how cloud misconfigurations lead to data breaches, unauthorized access, and compliance failures. Posts detail common mistakes such as open storage buckets, excessive permissions, and poor network controls, along with detection methods and remediation steps.

posts

Cloud Computing Security

Cloud Computing Security: What Goes Wrong and How to Fix It

In April 2022, researchers at Palo Alto Unit 42 reported that nearly 99% of cloud user accounts, services, and resources grant excessive permissions — permissions that are granted but never used. That gap between what's allowed and what's needed is exactly where threat actors operate. If you&

Carl B. Johnson Jun 20, 2022 6 min read
Security in Cloud Computing

Security in Cloud Computing: What Actually Goes Wrong

In April 2022, researchers at Wiz discovered that Microsoft Azure's PostgreSQL Flexible Server had vulnerabilities allowing cross-account database access. They called it ExtraReplica, and it affected thousands of Azure databases. This wasn't a theoretical exercise — it was a real demonstration that security in cloud computing remains

Carl B. Johnson May 26, 2022 7 min read
Cloud Security Best Practices

Cloud Security Best Practices That Actually Stop Breaches

A Single Checkbox Left Unchecked Cost Capital One $80 Million In 2019, a former AWS employee exploited a misconfigured web application firewall to access over 100 million Capital One customer records. The breach led to an FTC investigation, an $80 million fine from the OCC, and a $190 million class-action

Carl B. Johnson Jan 01, 2022 7 min read
Cloud Computing Security

Cloud Computing Security: What Goes Wrong in Practice

Capital One Lost 100 Million Records Because of One Misconfigured Firewall In 2019, a former cloud services employee exploited a misconfigured web application firewall to steal the personal data of over 100 million Capital One customers and applicants. The breach cost Capital One over $80 million in fines from the

Carl B. Johnson May 18, 2021 6 min read
Cloud Security Best Practices

Cloud Security Best Practices That Actually Stop Breaches

A Single Checkbox Left 100 Million Records Exposed In 2019, a former cloud engineer exploited a misconfigured web application firewall at Capital One and accessed over 100 million customer records stored in AWS S3 buckets. The breach cost Capital One over $270 million in settlements and remediation. The root cause

Carl B. Johnson Nov 04, 2020 7 min read
Cloud Security Best Practices

Cloud Security Best Practices That Stop Real Breaches

A Single Misconfigured S3 Bucket Exposed 3 Billion Records In 2023, researchers at Cybernews discovered what they called one of the largest data exposures ever — over 3 billion records sitting in an open cloud storage instance. No sophisticated hack. No zero-day exploit. Just a misconfigured Amazon S3 bucket with public

Carl B. Johnson Sep 10, 2019 8 min read
Security in Cloud Computing

Security in Cloud Computing: What Goes Wrong in 2026

The Misconfiguration That Exposed 100 Million Records Updated for 2026 In 2019, a former Amazon Web Services employee exploited a misconfigured web application firewall to steal personal data from over 100 million Capital One customers and applicants. The breach cost Capital One more than $270 million in settlements and remediation.

Carl B. Johnson Feb 02, 2019 7 min read