Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Researchers have analyzed 20 of the most popular Docker container images and found that while they contain many vulnerabilities, less than half of these flaws pose an actual risk. [Read More]
A threat actor, likely a state-sponsored cyberespionage group, has used a sophisticated technique to allow its malware to communicate with C&C servers across firewalls. [Read More]
Cisco launches SecureX, a cloud-native security platform designed to improve visibility, deliver analytics, and automate common security workflows. [Read More]
VMware has patched serious vulnerabilities, including remote code execution and authentication bypass issues, in vRealize Operations for Horizon Adapter. [Read More]
A surge in malicious login attempts is likely to be a flood of credential lists in the criminal marketplace, the attractiveness of financial data, and a more general shift in criminal credential abuse towards targeting API logins. [Read More]
Microsoft this week announced the general availability of Microsoft Threat Protection, its integrated security solution aimed at offering protection across users, email, applications, and endpoints. [Read More]
Social media threat protection firm ZeroFOX has raised $74 million, which brings the total funding raised by the company to $154.2 million. [Read More]
More than 500 extensions were removed from the Chrome Web Store after they were found to be engaging in covert data exfiltration activities. [Read More]
Microsoft announced that Safe Documents and Application Guard, two security capabilities introduced last fall, are now available to more of its Office 365 ProPlus customers. [Read More]
Enterprise SOC-as-a-Service company Cysiv has raised $26 million in a Series A funding round. [Read More]

FEATURES, INSIGHTS // Cloud Security

rss icon

Ting-Fang Yen's picture
With the commoditization of cloud computing in recent years, fraudsters and cybercriminals alike have started to take advantage of public cloud services and dedicated/virtual hosting to conduct attacks.
Ashley Arbuckle's picture
Just like getting off the couch and into shape can be overwhelming, the same can be true for transitioning to the public cloud.
Ashley Arbuckle's picture
With more leading-edge IT capabilities available only in the cloud, companies that can migrate more of their applications accordingly stand to gain even greater agility, scalability, and efficiencies required for business success.
Travis Greene's picture
Shadow IT 2.0 is a symptom of a bigger problem – the inability to maintain digital competitive advantage due to the insufficient pace of code deployment.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.
Marie Hattar's picture
To fully realize the benefit of the Public Cloud, it is vital that the same due diligence applied to a physical network is applied to a cloud-based infrastructure.
Ken McAlpine's picture
Dozens of isolated security tools and platforms, regardless of how relevant they are to new cloud-based networks, create their own problem.
Marie Hattar's picture
Given the security events over the past year, ,2017 will be the year in which many finally accept that network infrastructure and security will have to be rethought from the ground up.
David Holmes's picture
What are the possible threat vectors if you were doing a threat model assessment for any of cloud passwords management models?
Jim Ivers's picture
Organizations should fear security concerns when considering moving applications to the cloud. But they need to recognize that moving web applications to the cloud does not make them secure.