Category: Cloud Security

August 15, 2023

The Department of Homeland Security’s Cyber Safety Review Board launched an investigation into the security of cloud computing platforms, which follows the state-sponsored hack of Microsoft Exchange Online in July that led to the theft of emails from the U.S. […]

August 14, 2023

The US Cyber Safety Review Board (CSRB) is to conduce a review of cloud cyber security, focusing on what government bodies, industry and cloud service providers need to do better to strengthen identity management and authentication in the cloud. The […]

August 9, 2023

As data storage technology has evolved with more choice and options for different use cases—the flavor of today is AI-ready storage—determining the right path for a data storage refresh requires a data-driven approach. Decisions for new data storage must also […]

August 8, 2023

Kubernetes (K8s) clusters belonging to more than 350 organizations, open-source projects, and individuals have been detected as openly accessible and unprotected. More than half of those have been breached and had an active campaign with deployed malware/backdoors. That’s according to […]

August 3, 2023

The outlook for cybersecurity in 2023r continues to worsen, with new figures claiming the number of data breaches worldwide has almost tripled between the first and second quarters. Research from VPN provider Surfshark found 110.8 million accounts around the world […]

August 1, 2023

An apparently innocuous cloud hosting provider may be fronting for an Iran-based company that provides command-and-control services to ransomware attackers, according to a report published this week by security consultant and anti-ransomware vendor Halcyon. Cloudzy, the report said, is primarily […]

July 31, 2023

Industry verticals revved up Oracle’s cloud business earlier this year, as the cloud provider struggled to compete for market share with the more dominant hyperscalers. Segment revenue for Oracle Cloud Infrastructure ballooned by 77% year over year during the three-month […]

July 28, 2023

Cloud-based identity and access security provider ConductorOne has launched a new privileged access management (CPAM) product to help security and IT teams manage permissions and enforce policy for cloud resources. “Legacy PAM solutions focus on account-centric access control and privileged […]

July 27, 2023

Palo Alto Networks has announced the addition of a new continuous integration/continuous delivery (CI/CD) security module to Prisma Cloud, its cloud native application protection platform (CNAPP). The module is the eleventh that the cybersecurity vendor has added to Prisma Cloud […]

July 26, 2023

Researchers warn about a spike in attacks against poorly secured Microsoft SQL (MSSQL) Servers by a dual-ransomware gang known as Mallox. Security firm Palo Alto Networks reports a 174% increase in the number of Mallox attacks this year compared to […]

July 24, 2023

Generative AI – including services such as ChatGPT and Google Bard – looks like being the next wave of business automation. In IT, a growing number of suppliers now have some artificial intelligence (AI) or machine learning (ML) capabilities built […]

July 24, 2023

The cost of a data breach keeps increasing year after year, and has now hit an all-time high, a new report by IBM has claimed. After surveying more than 500 organizations across the world, IBM found that the global average […]

July 24, 2023

Microsoft has denied claims that the Chinese threat actors who recently broke into its systems could have cracked its cloud services as well. The company is standing by its previous assessment that it was only Exchange Online and Outlook.com that […]

July 21, 2023

Cybersecurity researchers from Eclypsium have discovered two critical vulnerabilities in the AMI MegaRAC Baseboard Management Controller (BMC) software. The software is designed to provide IT teams with full access to cloud center servers, allowing them to reinstall operating systems, manage […]

July 18, 2023

Application security testing, or AST, is a crucial component of software development. It involves the use of techniques and tools to identify, analyze and mitigate potential vulnerabilities in an application. The goal of AST is to ensure that an application […]

July 14, 2023

Israeli cybersecurity startup Orca Security is suing local cloud security rival Wiz for patent infringement, alleging that its success and growth is built on “wholesale copying.” Orca has accused Wiz of taking its “revolutionary inventions” and creating a “copycat cloud […]

July 13, 2023

Generative AI business use cases continue to grow as the technology bleeds into all manner of products, services, and technologies. At the same time, the security implications of evolving generative AI capabilities continue to make the headlines. A recent Salesforce […]

July 13, 2023

TeamTNT, a threat group known for compromising cloud environments and containers, appears to have returned with a newly developed attack toolkit and botnet that has worming capabilities and targets multiple cloud technologies. Researchers found components designed to scan for vulnerable […]

July 12, 2023

Last week, I attended the annual Gartner Security and Risk Management Summit. The event gave Chief Information Security Officers (CISOs) and other security professionals the opportunity to share concerns and insights about today’s most pressing issues in cybersecurity and risk […]

July 12, 2023

With increased deployment of security solutions on cloud infrastructure, hackers have started adopting detection evasion tactics from Windows desktop computers to cloud environments. One such tactic is the use of fileless payloads that never create files on disk and are […]