Top

Tag: cloud security


Cloud security, Security

Enter the era of platform-based cloud security

January 18, 2024

Via: The Register

Reports suggest that forward-looking organisations are ditching legacy point-based cloud security offerings and replacing them with more efficient integrated platforms which slash management overheads while significantly improving the app security. Cybersecurity Insiders notes that, in the past, companies have typically […]


Cloud security, Security

Read the clouds, reduce the cyber risk

December 11, 2023

Via: The Register

In the natural world, there are ten different kinds of cloud – a rare simplicity in meteorological terms. But in our global business environment, there’s no single defining feature to aid classification. Multi-cloud environments in particular spawn a lot of […]


Cloud security, Security

Many SMBs aren’t seeing security as a priority, for some reason

October 26, 2023

Via: TechRadar

For a third of small and medium-sized businesses (SMBs) thinking about migrating their infrastructure to the cloud, security is not a strategic priority, new research has claimed. A new Amazon Web Services report surveying more than 800 C-suite executives, vice […]


Cloud security, Security

Helping you bridge the cloud security gap

October 24, 2023

Via: The Register

The job of the cyber security professional is never easy, and it gets progressively harder with the movement of sensitive data and applications across the multiple different on and off premise systems that make up modern hybrid cloud environments. That’s […]


Editorial

Cloud Security Scalability: Top Strategies for CISOs

October 17, 2023

Via: SecurityCurated

Data protection from unauthorized access and breaches has become a top priority for companies all over the world in the digital age, where data is the new oil. Chief information security officers (CISOs) are in charge of safeguarding company data […]


Editorial

Beyond Passwords: Exploring Advanced Authentication Methods for Enhanced Security

September 30, 2023

Via: Caitlin Simmons

In today’s interconnected world, data breaches and cyber-attacks have become increasingly common, often making headline news. One of the recurring themes in many of these breaches is the vulnerability of password-based security. While passwords have been a cornerstone of digital […]


Cloud security, Security

Malicious Campaigns Exploit Weak Kubernetes Clusters for Crypto Mining

August 9, 2023

Via: The Hacker News

Exposed Kubernetes (K8s) clusters are being exploited by malicious actors to deploy cryptocurrency miners and other backdoors. Cloud security firm Aqua, in a report shared with The Hacker News, said a majority of the clusters belonged to small to medium-sized […]


Cloud security, Security

Researchers Uncover AWS SSM Agent Misuse as a Covert Remote Access Trojan

August 2, 2023

Via: The Hacker News

Cybersecurity researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows the AWS Systems Manager Agent (SSM Agent) to be run as a remote access trojan on Windows and Linux environments “The SSM agent, a legitimate […]


Cloud security, Security

The 4 Keys to Building Cloud Security Programs That Can Actually Shift Left

July 27, 2023

Via: The Hacker News

As cloud applications are built, tested and updated, they wind their way through an ever-complex series of different tools and teams. Across hundreds or even thousands of technologies that make up the patchwork quilt of development and cloud environments, security […]


Cloud security, Security

Bad.Build Flaw in Google Cloud Build Raises Concerns of Privilege Escalation

July 19, 2023

Via: The Hacker News

Cybersecurity researchers have uncovered a privilege escalation vulnerability in Google Cloud that could enable malicious actors tamper with application images and infect users, leading to supply chain attacks. The issue, dubbed Bad.Build, is rooted in the Google Cloud Build service, […]


Cloud security, Security

TeamTNT’s Cloud Credential Stealing Campaign Now Targets Azure and Google Cloud

July 14, 2023

Via: The Hacker News

A malicious actor has been linked to a cloud credential stealing campaign in June 2023 that’s focused on Azure and Google Cloud Platform (GCP) services, marking the adversary’s expansion in targeting beyond Amazon Web Services (AWS). The findings come from […]


Cloud security, Security

Python-Based PyLoose Fileless Attack Targets Cloud Workloads for Cryptocurrency Mining

July 12, 2023

Via: The Hacker News

A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal. “The attack consists of Python code that loads an XMRig Miner directly into memory using […]


Threats & Malware, Virus & Malware

Legion Malware Upgraded to Target SSH Servers and AWS Credentials

May 24, 2023

Via: The Hacker News

An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web Services (AWS) credentials associated with DynamoDB and CloudWatch. “This recent update demonstrates a widening of scope, with new capabilities such […]


Cloud security, Security

Enterprises Rely on Multicloud Security to Protect Cloud Workloads

May 19, 2023

Via: Dark Reading

As enterprises move more of their business infrastructure into the cloud, they are grappling with the challenges of managing multiple cloud environments. Security firms are tackling multicloud security through increased visibility, cross-platform implementations, or a combination of the two. On […]


Data loss, Threats & Malware

Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Compromised

May 5, 2023

Via: The Hacker News

PHP software package repository Packagist revealed that an “attacker” gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. “The attacker forked each of the packages and replaced […]


Editorial

Cloud Security: Key Trends and Developments

April 29, 2023

Via: Edgar Hoggarth

Cloud computing has rapidly become the backbone of the modern digital infrastructure, powering all aspects of the digital world—from e-commerce to artificial intelligence (AI) and machine learning (ML). In 2023, Gartner predicts that worldwide public spending on cloud computing will […]


Cloud security, Security

Uptycs Launches Cloud Security Early Warning System

April 28, 2023

Via: Dark Reading

Uptycs, provider of the first unified CNAPP and XDR platform, today announced the ability to collect and analyze GitHub audit logs and user identity information from Okta and Azure Active Directory (Azure AD) to reveal suspicious behavior as the developer […]


Cloud security, Security

14 Kubernetes and Cloud Security Challenges and How to Solve Them

April 21, 2023

Via: The Hacker News

Recently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These predictions underscore the rapidly evolving landscape of Kubernetes and cloud security, emphasizing the need for organizations to stay informed and […]


Cloud security, Security

What’s the Difference Between CSPM & SSPM?

April 17, 2023

Via: The Hacker News

Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding, both security solutions focus on securing data in the cloud. In a world where the terms cloud and SaaS are […]


Cloud security, Security

Newly Discovered “By-Design” Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers

April 11, 2023

Via: The Hacker News

A “by-design flaw” uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally in the environment, and even execute remote code. “It is possible to abuse and leverage Microsoft Storage Accounts by manipulating […]