Hacker News new | ask | show | jobs
by lesuorac 784 days ago
Which incidents happened at AWS, GCP, Oracle?

And were those incidents detected by the competitor or a client?

> One of the more damaging findings was that Microsoft learned of the attacks only because the State Department had set up an internal alert system after purchasing a G5 license from the company.

Although I mean the lack of on-prem really should be a nonstarter for a lot of large companies. Having a defense in depth where you need to be on the VPN before you can actually authenticate to the services does help. Or in the case of governments; they can run private fiber lines between buildings and then you can't even attack the server from the public web.
1 comments
csmpltn 784 days ago
> Which incidents happened at AWS, GCP, Oracle?

I'm not following you here. Surely you could just look them up yourself?

Just look at this enormous list of CVEs in Oracle products (which also includes cloud products), as one example: https://www.oracle.com/security-alerts/public-vuln-to-adviso...

link
IshKebab 784 days ago
Those are bugs in their products, not breaches in their clouds. I'm not aware of a single breach in GCP or AWS. Certainly nothing on the scale of either of Microsoft's.
link
csmpltn 784 days ago
> Those are bugs in their products, not breaches in their clouds

Sure, but you do realize that all of those bugs in their products may have been exploited in their clouds in different ways?

link
lesuorac 783 days ago
And we're asking you for the list of those incidents.

"May" is not what the article linked at the top of the page is talking about.

link