Security News

How much does cloud-based identity expand your attack surface?
2024-03-29 06:00

We all know using a cloud-based identity provider expands your attack surface, but just how big does that attack surface get? And can we even know for sure? The first step towards mitigating the expanded attack surface in the cloud is recognizing the risks and potential vulnerabilities of cloud identity providers.

Microsoft to shut down 50 cloud services for Russian businesses
2024-03-23 14:14

Microsoft plans to limit access to over fifty cloud products for Russian organizations by the end of March as part of the sanctions requirements against the country issued by EU regulators last December. "After March 20, 2024, you will not be able to access those Microsoft products or services, or any data stored in them." - Microsoft.

AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials
2024-03-21 12:48

Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that's used to target Laravel applications and steal sensitive data. "It works by scanning and taking out important...

Using cloud development environments to secure source code
2024-03-21 05:00

In this Help Net Security video, Rob Whiteley, CEO at Coder, discusses the cloud development environment technology landscape and its benefits. From the earliest stages of writing code to deploying finalized applications, CDEs are reimagining the developer experience, gaining traction as the next frontier of programming productivity, collaboration, and security.

Reducing the cloud security overhead
2024-03-13 08:51

"As the digital horizon expands, security, cloud and ops teams have to redefine their role, not just as protectors, but as architects of a new era, where cloud adoption and success are inseparable companions to help embed digital trust into cloud initiatives," he says. "In the early stages of public cloud adoption, we supported lots of organizations struggling to build the right security posture in their cloud landing zone," Singh recalls.

Embracing the Cloud: Revolutionizing Privileged Access Management with One Identity PAM Essentials
2024-03-11 14:47

As cyber threats loom around every corner and privileged accounts become prime targets, the significance of implementing a robust Privileged Access Management (PAM) solution can't be overstated....

British Library pushes the cloud button, says legacy IT estate cause of hefty rebuild
2024-03-11 13:30

The British Library says legacy IT is the overwhelming factor delaying efforts to recover from the Rhysida ransomware attack in late 2023. Rhysida broke into the British Library in October last year, making off with 600GB worth of data and, crucially, destroying many of its servers which are now in the process of being replaced.

CloudGrappler: Open-source tool detects activity in cloud environments
2024-03-11 05:30

CloudGrappler is an open-source tool designed to assist security teams in identifying threat actors within their AWS and Azure environments. The tool, built on the foundation of Cado Security's cloudgrep project, offers enhanced detection capabilities based on the tactics, techniques, and procedures of modern cloud threat actors like LUCR-3.

Leveraging AI and automation for enhanced cloud communication security
2024-03-08 05:30

What role do AI and automation play in cloud communications cybersecurity, and how can these technologies be leveraged to improve security posture? AI and automation are transforming cloud communications cybersecurity by enhancing threat detection, response times and the overall efficacy and efficiency of security operations.

CISA, NSA share best practices for securing cloud services
2024-03-07 23:05

The NSA and the Cybersecurity and Infrastructure Security Agency have released five joint cybersecurity bulletins containing on best practices for securing a cloud environment. Today, the NSA and CISA have issued five join documents on how to secure your cloud services using best practices.