Category: Cloud Security

April 18, 2024

Cisco has announced Hypershield, an AI-based capability of the company’s Security Cloud platform for hyperscalers. Hypershield is designed to defend cloud, data center, and distributed edge appliances from rapid vulnerability exploitation, according to Cisco. Patching today’s sprawling applications has become […]

April 17, 2024

Research highlights heightened threat actor interests in SAP systems, targeting poorly patched organizations. Targeting SAP vulnerabilities by threat actors is currently at its peak as systems compromised by ransomware incidents have grown fivefold since 2021, according to joint research by […]

April 17, 2024

Multiple versions of the PuTTY SSH client were found to be vulnerable to a high-severity flaw which allowed, in certain scenarios, threat actors to exfiltrate private keys used to generate cryptographic signatures. As a result, the attackers could gain unauthorized […]

April 17, 2024

Security researchers warn that certain commands executed in the AWS and Google Cloud command-line interfaces (CLIs) will return credentials and other secrets stored in environment variables as part of the standard output. If such commands are executed as part of […]

April 11, 2024

IBM Cloud and Fortinet have rolled out a virtual appliance that promises to protect enterprise traffic and data traversing cloud networks. The Fortinet Virtual FortiGate Security Appliance (vFSA) on IBM Cloud extends the security capabilities of FortiGate next-generation firewalls (NGFW) […]

April 10, 2024

On March 30, the US Cyber Safety Review Board (CSRB) released its review of the July 2023 Microsoft Exchange Online intrusion by the Chinese state group Storm-0558, blasting Microsoft for its shoddy security practices and saying the incident “was preventable […]

April 3, 2024

The US Department of Homeland Security (DHS) has issued a critical assessment of Microsoft’s security protocols in the wake of the summer 2023 Exchange Online breach, concluding that security failures within Microsoft created the conditions that allowed Chinese state-backed hacking […]

April 1, 2024

He’s been! World Backup Day, or March 31, is over for another year. This brazen PR sleigh ride, asking the people of the world to make one (1) backup of their data, is backed by some of our cloud backup […]

March 26, 2024

As organizations expand and increasingly invest in more cloud applications and services, their cloud footprint grows and often becomes more complex. That’s why it is critically important to regularly reevaluate the security of those cloud assets to ensure that everything […]

March 22, 2024

Strategies For Robust Data Protection In an ever-evolving digital landscape, the cloud has emerged as a ubiquitous storage and processing platform and a pivotal arena for cybersecurity battles. It’s no longer a question of if but when cyber threats will […]

March 18, 2024

The UK National Cyber Security Center (NCSC) has released new guidance on securing supervisory control and data acquisition (SCADA) cloud environments for operational technology (OT). UK critical national infrastructure (CNI) is highly dependent on SCADA as a means for data […]

March 12, 2024

Google’s new Security Command Center Enterprise (SCC Enterprise) could streamline cloud risk management through AI automation, saving security teams time, experts say. Enhanced with Mandiant threat intelligence and generative AI, SCC Enterprise aims to offer comprehensive insights across the cloud […]

March 11, 2024

PaaS is a cloud model through which service providers deliver an environment where customers can develop, run and manage applications. Because PaaS providers host the hardware and software on their infrastructure, customers aren’t burdened with having to do so in-house. […]

March 7, 2024

The cybersecurity threat landscape has changed dramatically in recent years. Today, adversaries are more motivated than ever to penetrate enterprise data centers and steal valuable information. Therefore, adopting the concept of Zero Trust is the number one trend in enterprise […]

March 5, 2024

Data volumes continue to grow exponentially, and there’s no end in sight. IDC predicts that the amount of commercial data in storage will be 12.8 ZB by 2026. A typical novel contains 1 MB of data and is about 12 […]

February 28, 2024

As organizations migrate more workloads, the pressure to keep a lid on cloud cost intensifies. Enterprises prioritized optimization in 2023, leaning on providers to deliver better usage data and implementing FinOps practices to track and trim spending. Kubernetes, the open […]

February 28, 2024

A common misconception around IT security is that backups equate to ransomware protection. Backups can be crucial to recovery and keeping data safe. However, they are not immune to the ransomware threat. If an attacker has infiltrated the primary data […]

February 26, 2024

Threat actors are taking advantage of inconsistent cloud security structures and “living in that uncertainty between the enterprise and the cloud,” Meyers said last week during a media briefing. Cybercriminals are using the cloud to deploy tooling, such as Microsoft […]

February 22, 2024

Network teams and cybersecurity teams are collaborating more and more, we’ve found in our research at Enterprise Management Associates (EMA). We explored this issue most recently in our report, “NetSecOps: Examining How Network and Security Teams Collaborate for a Better […]

February 14, 2024

Infoblox is rolling out an AI-based package to bolster its domain name system (DNS) protection portfolio and boost security for widely disbursed, DNS-networked enterprise resources. SOC Insights is a cloud-based expansion of the vendor’s current BloxOne DNS Threat Defense package. […]