January 18, 2024
Via: The RegisterReports suggest that forward-looking organisations are ditching legacy point-based cloud security offerings and replacing them with more efficient integrated platforms which slash management overheads while significantly improving the app security. Cybersecurity Insiders notes that, in the past, companies have typically […]
December 11, 2023
Via: The RegisterIn the natural world, there are ten different kinds of cloud – a rare simplicity in meteorological terms. But in our global business environment, there’s no single defining feature to aid classification. Multi-cloud environments in particular spawn a lot of […]
October 26, 2023
Via: TechRadarFor a third of small and medium-sized businesses (SMBs) thinking about migrating their infrastructure to the cloud, security is not a strategic priority, new research has claimed. A new Amazon Web Services report surveying more than 800 C-suite executives, vice […]
October 24, 2023
Via: The RegisterThe job of the cyber security professional is never easy, and it gets progressively harder with the movement of sensitive data and applications across the multiple different on and off premise systems that make up modern hybrid cloud environments. That’s […]
October 17, 2023
Via: SecurityCuratedData protection from unauthorized access and breaches has become a top priority for companies all over the world in the digital age, where data is the new oil. Chief information security officers (CISOs) are in charge of safeguarding company data […]
September 30, 2023
Via: Caitlin SimmonsIn today’s interconnected world, data breaches and cyber-attacks have become increasingly common, often making headline news. One of the recurring themes in many of these breaches is the vulnerability of password-based security. While passwords have been a cornerstone of digital […]
August 9, 2023
Via: The Hacker NewsExposed Kubernetes (K8s) clusters are being exploited by malicious actors to deploy cryptocurrency miners and other backdoors. Cloud security firm Aqua, in a report shared with The Hacker News, said a majority of the clusters belonged to small to medium-sized […]
August 2, 2023
Via: The Hacker NewsCybersecurity researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows the AWS Systems Manager Agent (SSM Agent) to be run as a remote access trojan on Windows and Linux environments “The SSM agent, a legitimate […]
July 27, 2023
Via: The Hacker NewsAs cloud applications are built, tested and updated, they wind their way through an ever-complex series of different tools and teams. Across hundreds or even thousands of technologies that make up the patchwork quilt of development and cloud environments, security […]
July 19, 2023
Via: The Hacker NewsCybersecurity researchers have uncovered a privilege escalation vulnerability in Google Cloud that could enable malicious actors tamper with application images and infect users, leading to supply chain attacks. The issue, dubbed Bad.Build, is rooted in the Google Cloud Build service, […]
July 14, 2023
Via: The Hacker NewsA malicious actor has been linked to a cloud credential stealing campaign in June 2023 that’s focused on Azure and Google Cloud Platform (GCP) services, marking the adversary’s expansion in targeting beyond Amazon Web Services (AWS). The findings come from […]
July 12, 2023
Via: The Hacker NewsA new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal. “The attack consists of Python code that loads an XMRig Miner directly into memory using […]
Threats & Malware, Virus & Malware
May 24, 2023
Via: The Hacker NewsAn updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web Services (AWS) credentials associated with DynamoDB and CloudWatch. “This recent update demonstrates a widening of scope, with new capabilities such […]
May 19, 2023
Via: Dark ReadingAs enterprises move more of their business infrastructure into the cloud, they are grappling with the challenges of managing multiple cloud environments. Security firms are tackling multicloud security through increased visibility, cross-platform implementations, or a combination of the two. On […]
May 5, 2023
Via: The Hacker NewsPHP software package repository Packagist revealed that an “attacker” gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. “The attacker forked each of the packages and replaced […]
April 29, 2023
Via: Edgar HoggarthCloud computing has rapidly become the backbone of the modern digital infrastructure, powering all aspects of the digital world—from e-commerce to artificial intelligence (AI) and machine learning (ML). In 2023, Gartner predicts that worldwide public spending on cloud computing will […]
April 28, 2023
Via: Dark ReadingUptycs, provider of the first unified CNAPP and XDR platform, today announced the ability to collect and analyze GitHub audit logs and user identity information from Okta and Azure Active Directory (Azure AD) to reveal suspicious behavior as the developer […]
April 21, 2023
Via: The Hacker NewsRecently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These predictions underscore the rapidly evolving landscape of Kubernetes and cloud security, emphasizing the need for organizations to stay informed and […]
April 17, 2023
Via: The Hacker NewsCloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding, both security solutions focus on securing data in the cloud. In a world where the terms cloud and SaaS are […]
April 11, 2023
Via: The Hacker NewsA “by-design flaw” uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally in the environment, and even execute remote code. “It is possible to abuse and leverage Microsoft Storage Accounts by manipulating […]