July 14, 2023
Via: The Hacker NewsA malicious actor has been linked to a cloud credential stealing campaign in June 2023 that’s focused on Azure and Google Cloud Platform (GCP) services, marking the adversary’s expansion in targeting beyond Amazon Web Services (AWS). The findings come from […]
July 12, 2023
Via: The Hacker NewsA new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal. “The attack consists of Python code that loads an XMRig Miner directly into memory using […]
July 11, 2023
Via: The Hacker NewsCloud environments continue to be at the receiving end of an ongoing advanced attack campaign dubbed SCARLETEEL, with the threat actors now setting their sights on Amazon Web Services (AWS) Fargate. “Cloud environments are still their primary target, but the […]
June 19, 2023
Via: The Hacker NewsMicrosoft on Friday attributed a string of service outages aimed at Azure, Outlook, and OneDrive earlier this month to an uncategorized cluster it tracks under the name Storm-1359. “These attacks likely rely on access to multiple virtual private servers (VPS) […]
May 25, 2023
Via: Dark ReadingGoogle has fixed a critical flaw in its Google Cloud Platform’s database service that researchers used to gain access to sensitive data and secrets, as well as escalate privileges to breach other cloud services, including potentially those in customer environments. […]
May 19, 2023
Via: Dark ReadingAs enterprises move more of their business infrastructure into the cloud, they are grappling with the challenges of managing multiple cloud environments. Security firms are tackling multicloud security through increased visibility, cross-platform implementations, or a combination of the two. On […]
April 28, 2023
Via: Dark ReadingUptycs, provider of the first unified CNAPP and XDR platform, today announced the ability to collect and analyze GitHub audit logs and user identity information from Okta and Azure Active Directory (Azure AD) to reveal suspicious behavior as the developer […]
April 25, 2023
Via: The Hacker NewsGoogle’s cloud division is following in the footsteps of Microsoft with the launch of Security AI Workbench that leverages generative AI models to gain better visibility into the threat landscape. Powering the cybersecurity suite is Sec-PaLM, a specialized large language […]
April 21, 2023
Via: The Hacker NewsRecently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These predictions underscore the rapidly evolving landscape of Kubernetes and cloud security, emphasizing the need for organizations to stay informed and […]
April 17, 2023
Via: The Hacker NewsCloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding, both security solutions focus on securing data in the cloud. In a world where the terms cloud and SaaS are […]
April 11, 2023
Via: The Hacker NewsA “by-design flaw” uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally in the environment, and even execute remote code. “It is possible to abuse and leverage Microsoft Storage Accounts by manipulating […]
March 31, 2023
Via: Help Net SecurityAs IT infrastructure becomes more diverse, organizations face the challenge of integrating data management and control, according to Nutanix. The research showed that the majority of IT teams leverage more than one IT infrastructure, a trend that’s expected to intensify […]
March 15, 2023
Via: Help Net SecurityCloudflare is entering the fraud detection market to help businesses identify and stop online fraud – including fraudulent transactions, fake account signups, account takeover attacks, and carding attacks – before it impacts their brand or their bottom line. Powered by […]
February 22, 2023
Via: Help Net SecurityCloud adoption among organizations has increased dramatically over the past few years, both in the range of services used and the extent to which they are employed, according to Info-Tech Research Group. However, network builders tend to overlook the vulnerabilities […]
February 17, 2023
Via: Help Net SecurityIGEL has announced IGEL COSMOS, a unified platform to securely manage and automate the delivery of digital workspaces, from any cloud. Offering a modular architecture, granular endpoint control and end-user freedom, COSMOS is designed to enable organizations to garner the […]
Application security, Cloud security, Security
February 16, 2023
Via: Help Net SecurityCloud environments and application connectivity have become a critical part of many organizations’ digital transformation initiatives. In fact, nearly 40% of North American and European-based enterprises adopted industry-specific cloud platforms in 2022. But why are organizations turning to these solutions […]
February 9, 2023
Via: Dark ReadingSecuring the cloud has been an unwieldy and daunting task since the beginning: The idea of using an enterprise architecture built on delivering computing services over the internet naturally represents a unique threat surface. But cloud computing is rapidly becoming […]
February 8, 2023
Via: Help Net SecurityCisco customers can now access new risk-based capabilities across Cisco’s security portfolio to better protect hybrid work and multi-cloud environments. These advancements demonstrate progress towards realizing the full vision of the Cisco Security Cloud which will protect the integrity of […]
January 31, 2023
Via: Help Net SecurityShardSecure has forged a strategic technology alliance with Entrust to provide cloud data protection to a growing market of enterprise companies and medium-sized businesses. The ShardSecure-Entrust partnership, part of the Entrust Ready Technology Partner Program, ensures that data in cloud […]
January 27, 2023
Via: Help Net SecurityErmetic has extended its Cloud Native Application Protection Platform (CNAPP) with cloud workload protection capabilities that enable customers to detect, prevent and remediate security risks in virtual machines, containers and serverless functions. Using context that spans infrastructure configurations, network, access […]