Cloud Security
Researchers document the Wiki-Slack attack, a new technique that uses modified Wikipedia pages to target end users on Slack.
Hi, what are you looking for?
VMware patches flaws that expose users to data leakage, command execution and denial-of-service attacks. No temporary workarounds available.
Researchers document the Wiki-Slack attack, a new technique that uses modified Wikipedia pages to target end users on Slack.
Amazon is rolling out an independent cloud for Europe as it looks to address strict regulations that companies and those in the public sector...
Michigan startup raises $75 million in new funding as venture capital investors bet big on attack surface management technologies.
VMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10.
Since 2020, Island has raised a total of $325 million to help protect corporate data flowing through SaaS and internal web applications.
Cisco warns that unauthenticated, remote attackers can log into devices using root account, which has default, static credentials that cannot be changed or deleted.
GitHub beefs up its secret scanning feature, now allowing users to check the validity of exposed credentials for major cloud services.
The widely believed notion that the network and the cloud are two different and distinct entities is not true.
AWS says an internal threat intel decoy system called MadPot has successfully trapped nation state-backed APTs like Volt Typhoon and Sandworm.
Sysdig enhanced its existing CNAPP offering with a cloud attack graph, risk prioritization, attack path analysis, a searchable inventory, and complete agentless scanning.
Israeli security startup Gem Security has raised a total of $34 million to tackle cloud threat detection and incident response.
Intel announces general availability of attestation service that is part of Trust Authority, a new portfolio of security software and services.
The cash-and-stock transaction provides capabilities for CrowdStrike to beef up its enterprise cloud security portfolio.
Exposed data includes backup of employees workstations, secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages.
A high-severity vulnerability can be exploited to execute code remotely on any Windows endpoint within a Kubernetes cluster.
Orca Security details eight XSS vulnerabilities in Azure HDInsight that could lead to information leaks, session hijacking, and payload delivery.
Maryland startup scores $8.5 million in seed-stage funding to compete in the Identity Threat Detection and Response (ITDR) category.
The US Department of Energy gives $39 million in funding for nine projects to advance the cybersecurity of distributed energy resources.
The next time you see CNAPP, CASB, WAAS, CSPM or many of the other phrases, it will be helpful to take a deep breath...
Microsoft reveals how a crash dump from 2021 inadvertently exposed a key that Chinese cyberspies later leveraged to hack US government emails.