Close Menu
Şevket Ayaksız

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Microsoft confirms Secure Boot certificate update issues on some PCs

    Temmuz 14, 2026

    Copilot can now explain why your PC feels slow

    Temmuz 14, 2026

    Windows 10 ESU confirmation emails may be hiding in Outlook

    Temmuz 14, 2026
    Facebook X (Twitter) Instagram
    • software
    • Gadgets
    Facebook X (Twitter) Instagram
    Şevket AyaksızŞevket Ayaksız
    Subscribe
    • Home
    • Technology

      Innocn’s 49-inch ultrawide monitor hits a record-low $500 for Prime Day

      Temmuz 12, 2026

      Sony 1000X The Collexion vs. Bowers & Wilkins Px8 S2: Which Premium Headphones Come Out on Top?

      Temmuz 11, 2026

      SpaceX Eyes Massive Starlink Expansion With Plans for 100,000 Additional Satellites

      Temmuz 11, 2026

      Nvidia celebrates 30 years of GPUs with free GeForce trading cards

      Temmuz 10, 2026

      Acer’s 7-in-1 wireless charging station drops to $50

      Temmuz 9, 2026
    • Adobe
    • Microsoft
    • java
    • Oracle
    Şevket Ayaksız
    Anasayfa » Cloud Squatting Concerns: Navigating the Risks in the Digital Sky
    Tech

    Cloud Squatting Concerns: Navigating the Risks in the Digital Sky

    By ayaksızAralık 29, 2023Yorum yapılmamış4 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Automation data analytic with 3d rendering ai robot with digital visualization for big data scientist
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Most security issues in the cloud can be traced back to someone doing something stupid. Sorry for speaking so openly, but I don’t see any master hackers around. I see misconfigured cloud resources like storage and databases leading to easily preventable vulnerabilities.

    I always teach that your first line of defense is education, not great security tools. This is often overlooked as budgets are diverted to new tools rather than teaching managers not to do stupid things. Comparing the investment required versus the value gained is frustrating. Oh good.

    A new threat
    Although the invasion of clouds is suggested as a new threat, we have known this for years. What has changed is that as we move more assets to the public cloud and new people take care of those assets, there appears to be renewed interest in this vulnerability. Maybe bad actors are getting better at exploiting this.

    [ Also on InfoWorld: How to choose a cloud data warehouse ]
    The main problem is that cloud asset deletions often occur without removing the relevant records, which can pose security risks for subdomains. Failure to delete records allows attackers to exploit subdomains by creating unauthorized phishing or malware sites. This is called cloud squat.

    Resources are often provisioned and distributed programmatically. Provisioning assets like virtual servers and storage is fast and typically done within seconds, but de-provisioning is more complex and that’s where disruptions occur.

    We see multiple records being created that point to temporary cloud resources for different applications and tools; In this case, organizations cannot delete cloud assets and related records. Let’s discuss how this will happen.

    Reducing cloud squatting
    Identifying and remediating cloud invasion is difficult for large organizations with multiple domains. Moreover, global infrastructure teams have different training levels, and if there are 100 or more people on the security admin team, you are bound to encounter this issue several times a month. Remember that it is preventable.

    To mitigate this risk, security teams design internal tools to scan company domains and identify subdomains that point to cloud provider IP ranges. These tools check the validity of IP records assigned to the company’s assets. These are automatically assigned by cloud providers. I always get nervous when companies create and distribute their own security tools, thinking that they might introduce a security vulnerability.

    Reducing cloud invasion isn’t just about creating new tools. Organizations can also use dedicated IP addresses. This means transferring the IP addresses they have to the cloud, then keeping the old records, deleting them, and systematically using the DNS names.

    If you’re not a network user and don’t know your DNS from your IRS, that’s okay. The idea is to eliminate the ability for old, undeleted records to be exploited. What you can do anyway is not a complicated process. Additionally, implement a policy to prevent hard-coding of IP addresses and the use of reserved IPv6 addresses (if offered by the cloud provider).

    Two-stage approach
    We can deal with this risk in two stages:

    First address the large attack surface by implementing the mitigation strategies mentioned above.
    Second, enforce policies regarding the use of DNS names and maintain regular records for effective management.
    If this doesn’t seem too tiring, you’re right. But right now, two things that cause clouds to collapse are becoming a bigger threat.

    The problem is that cloud deployments are expanding rapidly during the pandemic. Enormous amounts of data have been transferred to the clouds, spaces have been allocated to find that data, and little thought has been given to removing it once it becomes redundant. I often see this left out of distribution playbooks. When I call people out on this, I usually get the following response: “We haven’t had time to think about it.”

    We are also currently working with a talent shortage. Many of these problems can be caused by inadequate training or the hiring of lower-tier cloud administrators to keep things going. Most of the time, certifications will get you a job, whereas actual experience is more important. I think most businesses will need to “touch the stove” to understand the impact.

    Post Views: 385
    AI tech
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    ayaksız
    • Website

    Related Posts

    Innocn’s 49-inch ultrawide monitor hits a record-low $500 for Prime Day

    Temmuz 12, 2026

    Sony 1000X The Collexion vs. Bowers & Wilkins Px8 S2: Which Premium Headphones Come Out on Top?

    Temmuz 11, 2026

    SpaceX Eyes Massive Starlink Expansion With Plans for 100,000 Additional Satellites

    Temmuz 11, 2026
    Add A Comment

    Comments are closed.

    Editors Picks
    8.5

    Apple Planning Big Mac Redesign and Half-Sized Old Mac

    Ocak 5, 2021

    Autonomous Driving Startup Attracts Chinese Investor

    Ocak 5, 2021

    Onboard Cameras Allow Disabled Quadcopters to Fly

    Ocak 5, 2021
    Top Reviews
    9.1

    Review: T-Mobile Winning 5G Race Around the World

    By sevketayaksiz
    8.9

    Samsung Galaxy S21 Ultra Review: the New King of Android Phones

    By sevketayaksiz
    8.9

    Xiaomi Mi 10: New Variant with Snapdragon 870 Review

    By sevketayaksiz
    Advertisement
    Demo
    Şevket Ayaksız
    Facebook X (Twitter) Instagram YouTube
    • Home
    • Adobe
    • microsoft
    • java
    • Oracle
    • Contact
    © 2026 Theme Designed by Şevket Ayaksız.

    Type above and press Enter to search. Press Esc to cancel.