By Brandon Butler
As thousands of cloud fanatics descend on Las Vegas this week for Amazon Web Services re:Invent conference, researchers in Massachusetts are raising new questions about the security of all multi-tenant cloud environments.
A group of professors at Worcester Polytechnic Institute demonstrated in a recently published paper named Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud, a proof of concept hack of secret cryptography keys used in an AWS virtual machine. The now-patched flaw which was not specific to AWS — showed that a hacker could theoretically gain a users secret keys that are used to encrypt sensitive data.
To read the entire article, please click here.
Source: http://www.csoonline.com/
