Google reports Linux Kernel Vulnerabilities

Cloud Security News this week 02 February 2022 
Brought you by JupiterOne - Find out more about them at https://jupiterone.com/csp

Google Cloud have reported that 3 security vulnerabilities have been discovered in the Linux kernel, each of which can lead to either a container breakout, privilege escalation on the host, or both.Google have shared that these vulnerabilities affect all GKE node operating systems and Anthos clusters on VMware node operating systems (COS and Ubuntu). Pods using GKE Sandbox are not vulnerable to these vulnerabilities. You can find out more about it here.
Safety detectives uncovered and reported on a misconfigured AWS S3 bucket that exposed over 1 million files - “The data we observed related to airport employees from different sites across Colombia and Peru, and there could be entities from other nations with exposed data on the bucket.” The full report can be viewed here.
Salesforce now requires all customers to use  multi-factor authentication  MFA in order to access Salesforce products. It's one of the simplest, most effective ways to prevent unauthorized account access and safeguard your data and your customers' data. Let us know what you think of this change and more on this can be found here.
Markets and Markets has shared that the “global cloud security market size is expected to grow from USD 40.8 billion in 2021 to USD 77.5 billion by 2026”. You can find out more here
Cloud security and compliance automation startup Anitian this week closed a $55 million Series B funding bringing their funding to date to $71 million. In a company blog CEO, ​​Rakesh Narasimhan shared that the new funding is a significant milestone in accelerating their mission to provide the most innovative cloud security, compliance automation, and cloud security posture management (CSPM) platforms that enable enterprises of all sizes with the fastest path to security and compliance in the cloud. You can find out more about them here.
Check Point has acquired Spectral, an Israeli startup who have developer-first security tools designed by developers for developers. With this acquisition, Check Point extends its cloud solution, Check Point CloudGuard, with developer-first security platform, to provide a range of cloud application security use cases including Infrastructure as Code (IaC) scanning and hardcoded secrets detection. Find out more here.

Podcast Twitter - Cloud Security Podcast (@CloudSecPod)
Instagram - Cloud Security News 
If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:
- Cloud Security Podcast: