Cloud Security Archives

CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Cloud Security

Top Guns: Defending Corporate Clouds from Malicious Mavericks

While applications and cloud infrastructure present different risk profiles and require different security assessments, they must not be viewed separately with regards to enterprise...

Tom Eston5 days ago

Cloud Security

Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets

AWS announces Amazon One Enterprise, a palm-based identity service that enables users to easily access physical locations and digital assets.

Eduard KovacsNovember 28, 2023

Cloud Security

Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets

Researchers at Aqua call urgent attention to the public exposure of Kubernetes configuration secrets, warning that hundreds of organizations are vulnerable to this “ticking...

Ryan NaraineNovember 22, 2023

Cloud Security

Data Security Firm ALTR Banks $25M Series C

Florida late-state startup ALTR gets another cash infusion to expand markets for data security technologies.

Ryan NaraineNovember 15, 2023

VMware zero-day CVE-2023-20867 exploited

Cloud Security

Critical Authentication Bypass Flaw in VMware Cloud Director Appliance

VMware flaw carries a CVSS severity-score of 9.8/10 and can be exploited to bypass login restrictions when authenticating on certain ports.

Ryan NaraineNovember 14, 2023

Cloud Security

MySQL Servers, Docker Hosts Infected With DDoS Malware

Researchers warn attackers are targeting MySQL servers and Docker hosts to plant malware capable of launching distributed DDoS attacks.

Ionut ArghireNovember 14, 2023

Cloud Security

Trustle Raises $6M Seed Funding for Access Management Tech

California startup Trustle banks a $6 million seed round to join the competitive cloud access management technology space.

Ryan NaraineApril 4, 2023

Cloud Security

Cisco to Acquire Cloud Security Firm Lightspin for Reported $200 Million

Cisco is set to acquire Israel-based cloud security company Lightspin for a reported $200-250 million.

Eduard KovacsApril 3, 2023

Cloud Security

Severe Azure Vulnerability Led to Unauthenticated Remote Code Execution

A high-severity vulnerability in Azure Service Fabric Explorer could have allowed a remote, unauthenticated attacker to execute arbitrary code.

Ionut ArghireMarch 31, 2023

Cloud Security

Microsoft Cloud Vulnerability Led to Bing Search Hijacking, Exposure of Office 365 Data

An Azure Active Directory (AAD) misconfiguration leading to Bing.com compromise earned Wiz researchers a $40,000 bug bounty reward.

Ionut ArghireMarch 30, 2023

Cloud Security

CISA Ships ‘Untitled Goose Tool’ to Hunt for Microsoft Azure Cloud Infections

The U.S. government’s cybersecurity agency ships a new tool to help network defenders hunt for signs of compromise in Microsoft’s Azure and M365 cloud...

Ryan NaraineMarch 24, 2023

Cloud Security

CISA Seeks Public Opinion on Cloud Application Security Guidance

CISA this week announced it is seeking public input on draft guidance for securing cloud business applications.

Ionut ArghireMarch 16, 2023

Cloud Security

Webinar Today: Entering the Cloud Native Security Era

Join SecuityWeek and LogRhythm as we dive into security risks associated with SaaS, as well as best practices for mitigating these risks and protecting...

Mike LennonMarch 2, 2023

Cloud Security

Cisco to Acquire Valtix for Cloud Network Security Tech

Cisco announced plans to acquire Valtix, an early-stage Silicon Valley startup in the cloud network security business.

Ryan NaraineMarch 1, 2023

Cloud Security

Cloud Security Firm Wiz Raises $300 Million at $10 Billion Valuation

Cloud security company Wiz has raised $300 million in a Series D funding round that brings the total raised by the company to $900...

Eduard KovacsFebruary 27, 2023

Cloud Security

Microsoft’s Verified Publisher Status Abused in Email Theft Campaign

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Eduard KovacsJanuary 31, 2023

Cloud Security

VMware Plugs Critical Code Execution Flaws

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Ryan NaraineJanuary 24, 2023

Application Security

CSRF Vulnerability in Kudu SCM Allowed Code Execution in Azure Services

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Ionut ArghireJanuary 19, 2023