Cloud Security
Researchers discovered two vulnerabilities in the Ubuntu OverlayFS module: CVE-2023-2640 and CVE-2023-32629 (together dubbed ‘GameOver(lay)’).
Hi, what are you looking for?
Cloud security startup Circumvent has raised $6 million to develop a network of agents for autonomous prioritization and remediation.
Researchers discovered two vulnerabilities in the Ubuntu OverlayFS module: CVE-2023-2640 and CVE-2023-32629 (together dubbed ‘GameOver(lay)’).
Researchers say a whopping 62 percent of AWS environments may be exposed to the newly documented AMD 'Zenbleed' information leak flaw.
Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.
Watch Cloud & Data Security Summit sessions to learn how to utilize tools, controls, and design models needed to properly secure cloud environments.
Facing intense pressure after Chinese APT hack, Microsoft plans to expand logging defaults for lower-tier M365 customers.
The planned Oort purchase is Cisco’s fourth acquisition of a cybersecurity company in the first half of 2023.
Orca Security sues its main rival, claiming patent infringements, intellectual property theft and even marketing copycat behavior.
What a cloud migration strategy did for cloud adoption, an automation implementation strategy does for security automation adoption.
Cyera closes a massive $100 million round as investors continue to pour cash into the data security posture management (DSPM) space.
Businesses using ‘Log in with Microsoft’ could be exposed to privilege escalation and full account takeover exploits.
Microsoft addressed two cross-site scripting (XSS) vulnerabilities in Azure Bastion and Azure Container Registry (ACR) leading to unauthorized access to user sessions.
Google Cloud is offering up to $1 million in financial protection to cover expenses associated with undetected cryptomining attacks.
Sysdig is launching what it claims to be the first CNAPP with end-to-end detection and response, consolidating CNAPP and CDR.
Salesforce ghost sites — domains that are no longer maintained but still accessible — can expose personal information and business data.
Google makes ACME API available to all Google Cloud users to allow them to automatically acquire and renew TLS certificates for free.
GAO report underlines the need for federal agencies to fully implement key cloud security practices.
Tech giant IBM acquires Polar Security, an early stage startup in the red-hot data security posture management (DSPM) category.
Google announces the general availability of ‘rules_oci’ Bazel plugin to improve the security of container images.
Three vulnerabilities in the Azure API Management service could be exploited for internal asset access, DoS, firewall bypass, and the upload of malicious files.
Aqua Security found over 250 million artifacts and more than 65,000 container images in misconfigured registries.