Cloud Security Archives

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Cloud Security

Intel Launches New Attestation Service as Part of Trust Authority Portfolio

Intel announces general availability of attestation service that is part of Trust Authority, a new portfolio of security software and services.

Eduard Kovacs3 days ago

Application Security

CrowdStrike to Acquire Application Intelligence Startup Bionic

The cash-and-stock transaction provides capabilities for CrowdStrike to beef up its enterprise cloud security portfolio.

Ryan Naraine4 days ago

Artificial Intelligence

Microsoft AI Researchers Expose 38TB of Data, Including Keys, Passwords and Internal Messages

Exposed data includes backup of employees workstations, secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages.

Ryan Naraine6 days ago

Cloud Security

Kubernetes Vulnerability Leads to Remote Code Execution

A high-severity vulnerability can be exploited to execute code remotely on any Windows endpoint within a Kubernetes cluster.

Ionut ArghireSeptember 14, 2023

Cloud Security

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery

Orca Security details eight XSS vulnerabilities in Azure HDInsight that could lead to information leaks, session hijacking, and payload delivery.

Ionut ArghireSeptember 14, 2023

Cloud Security

AuthMind Scores $8.5M Seed Funding for ITDR Tech

Maryland startup scores $8.5 million in seed-stage funding to compete in the Identity Threat Detection and Response (ITDR) category.

Ryan NaraineSeptember 13, 2023

Cloud Security

Trustle Raises $6M Seed Funding for Access Management Tech

California startup Trustle banks a $6 million seed round to join the competitive cloud access management technology space.

Ryan NaraineApril 4, 2023

Cloud Security

Cisco to Acquire Cloud Security Firm Lightspin for Reported $200 Million

Cisco is set to acquire Israel-based cloud security company Lightspin for a reported $200-250 million.

Eduard KovacsApril 3, 2023

Cloud Security

Severe Azure Vulnerability Led to Unauthenticated Remote Code Execution

A high-severity vulnerability in Azure Service Fabric Explorer could have allowed a remote, unauthenticated attacker to execute arbitrary code.

Ionut ArghireMarch 31, 2023

Cloud Security

Microsoft Cloud Vulnerability Led to Bing Search Hijacking, Exposure of Office 365 Data

An Azure Active Directory (AAD) misconfiguration leading to Bing.com compromise earned Wiz researchers a $40,000 bug bounty reward.

Ionut ArghireMarch 30, 2023

Cloud Security

CISA Ships ‘Untitled Goose Tool’ to Hunt for Microsoft Azure Cloud Infections

The U.S. government’s cybersecurity agency ships a new tool to help network defenders hunt for signs of compromise in Microsoft’s Azure and M365 cloud...

Ryan NaraineMarch 24, 2023

Cloud Security

CISA Seeks Public Opinion on Cloud Application Security Guidance

CISA this week announced it is seeking public input on draft guidance for securing cloud business applications.

Ionut ArghireMarch 16, 2023

Cloud Security

Webinar Today: Entering the Cloud Native Security Era

Join SecuityWeek and LogRhythm as we dive into security risks associated with SaaS, as well as best practices for mitigating these risks and protecting...

Mike LennonMarch 2, 2023

Cloud Security

Cisco to Acquire Valtix for Cloud Network Security Tech

Cisco announced plans to acquire Valtix, an early-stage Silicon Valley startup in the cloud network security business.

Ryan NaraineMarch 1, 2023

Cloud Security

Cloud Security Firm Wiz Raises $300 Million at $10 Billion Valuation

Cloud security company Wiz has raised $300 million in a Series D funding round that brings the total raised by the company to $900...

Eduard KovacsFebruary 27, 2023

Cloud Security

Microsoft’s Verified Publisher Status Abused in Email Theft Campaign

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Eduard KovacsJanuary 31, 2023

VMware zero-day CVE-2023-20867 exploited

Cloud Security

VMware Plugs Critical Code Execution Flaws

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Ryan NaraineJanuary 24, 2023

Application Security

CSRF Vulnerability in Kudu SCM Allowed Code Execution in Azure Services

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Ionut ArghireJanuary 19, 2023