Security News

Sonrai Security announced the Governance Automation Engine for Sonrai Dig, re-inventing how customers ensure security in AWS, Azure, Google Cloud and Kubernetes by automatically eliminating identity risks and reducing unwanted access to data. "Security for public clouds must center on effective governance and security of three critical control points - identities, data and platform - to understand, monitor and minimize risk. Effective solutions will be those that go well beyond simply presenting dashboards of cloud provider tools and bring entirely new identity and data analytics to the mix."

McAfee introduced MITRE ATT&CK into McAfee MVISION Cloud, the company's Cloud Access Security Broker, delivering a precise method to hunt, detect and stop cyberattacks on cloud services. This new integration gives SecOps teams a direct source of cloud vulnerabilities and threats mapped to the tactics and techniques of ATT&CK. McAfee is the first CASB provider to tag and visualize cloud security events within an ATT&CK. "Many SecOps teams leverage repeatable processes and frameworks such as ATT&CK to mitigate risk and respond to threats to their endpoints and networks, but so far cloud threats and vulnerabilities have presented an unfamiliar paradigm," said Rajiv Gupta, senior vice president and general manager of Cloud Security, McAfee.

To close security gaps caused by rapidly changing digital ecosystems, organizations must adopt an integrated cloud-native security platform that incorporates artificial intelligence, automation, intelligence, threat detection and data analytics capabilities, according to 451 Research. Security platforms enable automation and orchestration capabilities across the entire IT stack, streamlining and optimizing security operations, improving productivity, enabling higher utilization of assets, increasing the ROI of security investments and helping address interoperability challenges created by isolated, multi-vendor point products.

With this announcement, InfluxDB Cloud is now live on all three major cloud platforms - Microsoft Azure, Google Cloud and Amazon Web Services. InfluxDB Cloud now available on all major cloud platforms.

It's no secret misconfiguration is now the cloud's biggest security worry, although tying IaC to specific cloud security incidents is much harder to assess - misconfiguration can happen via any interface and not only IaC. One way to grasp the scale of the issue is to infer the answer by looking at the IaC templates on public repositories such as GitHub - an approach used by Palo Alto's Unit 42 earlier this year when it uncovered 199,000 insecure templates, including many high and medium-level flaws that would lead to serious misconfigurations. "Misconfigured cloud resources are likely the main root cause for unintended exposure of sensitive data for cloud native companies. Misconfigured public interfaces, exposed secrets, and encrypted databases are just a few very common examples where companies have made bad calls when configuring their cloud infrastructure."

Twilio has confirmed that, for 8 or so hours on July 19, a malicious version of their TaskRouter JS SDK was being served from their one of their AWS S3 buckets. "Due to a misconfiguration in the S3 bucket that was hosting the library, a bad actor was able to inject code that made the user's browser load an extraneous URL that has been associated with the Magecart group of attacks," the company shared.

G-71 launched a cloud-based IT solution with proprietary technology at its core that protects valuable data from leakage through screenshots, pictures of the screen, printed-out documents, and documents shared via email. According to the Insider Threat Report, over the past few years, the number of screenshots, pictures of the screen, and printouts containing sensitive information leaked online has increased by 10%. Not only can these data breaches be carried out by hackers and cybercriminals, but they can also happen when documents containing personal data or confidential information are received by people whom users trust the most.

SailPoint announced extended collaboration efforts with Microsoft by joining the Microsoft One Commercial Partner Program. SailPoint already integrates with Microsoft Azure Active Directory to deliver integrated and secure access to all applications, data, and cloud infrastructure like the Azure Cloud Platform.

By hosting phishing pages at a legitimate cloud service, cybercriminals try to avoid arousing suspicion, says Check Point Research. The idea is that such phishing pages will better elude detection by security products and more easily ensnare unsuspecting victims.

The startup's Zero Trust Network Access cloud solution aims to protect networks spanning across data centers, branch offices, and Internet of Things devices. The company will integrate OPAQ's ZTNA solution into Security Fabric, to enhance its SASE offering.