Security News

In this Help Net Security video, Rob Whiteley, CEO at Coder, discusses the cloud development environment technology landscape and its benefits. From the earliest stages of writing code to deploying finalized applications, CDEs are reimagining the developer experience, gaining traction as the next frontier of programming productivity, collaboration, and security.

"As the digital horizon expands, security, cloud and ops teams have to redefine their role, not just as protectors, but as architects of a new era, where cloud adoption and success are inseparable companions to help embed digital trust into cloud initiatives," he says. "In the early stages of public cloud adoption, we supported lots of organizations struggling to build the right security posture in their cloud landing zone," Singh recalls.

The British Library says legacy IT is the overwhelming factor delaying efforts to recover from the Rhysida ransomware attack in late 2023. Rhysida broke into the British Library in October last year, making off with 600GB worth of data and, crucially, destroying many of its servers which are now in the process of being replaced.

CloudGrappler is an open-source tool designed to assist security teams in identifying threat actors within their AWS and Azure environments. The tool, built on the foundation of Cado Security's cloudgrep project, offers enhanced detection capabilities based on the tactics, techniques, and procedures of modern cloud threat actors like LUCR-3.

What role do AI and automation play in cloud communications cybersecurity, and how can these technologies be leveraged to improve security posture? AI and automation are transforming cloud communications cybersecurity by enhancing threat detection, response times and the overall efficacy and efficiency of security operations.

The NSA and the Cybersecurity and Infrastructure Security Agency have released five joint cybersecurity bulletins containing on best practices for securing a cloud environment. Today, the NSA and CISA have issued five join documents on how to secure your cloud services using best practices.

VMware has fixed four vulnerabilities in ESXi, Workstation, Fusion and Cloud Foundation, some of which could allow attackers to escape the sandbox and execute code on the host machine. VMware ESXi is a bare-metal hypervisor, VMware Workstation and Fusion are desktop hypervisors, and VMware Cloud Foundation is a hybrid cloud platform.

Russian state hackers are adapting their techniques to target organizations moving to the cloud, an advisory from the UK National Cyber Security Centre and international security agencies has warned. The advisory details how cyber espionage group APT29 is directly targeting weaknesses in cloud services used by victim organizations to gain initial access to their systems.

As commercial adoption of cloud technologies continues, cloud-focused malware campaigns have increased in sophistication and number - a collective effort to safeguard both large and small enterprises is critical, according to Cado Security. Although cloud-focused attackers aim to exploit various services typically deployed in cloud environments, Docker remains the most frequently targeted for initial access, with 90.65% of honeypot traffic when discounting SSH. Identified malware campaigns, such as P2Pinfect, had a wide geographical distribution with nodes belonging to providers in China, the US, and Germany, which shows that regardless of where your infrastructure is located, it is still susceptible to Linux and cloud-focused attacks.

Russian threat actors APT29 are changing their techniques and expanding their targets to access cloud environments, members of the Five Eyes intelligence alliance have warned. Microsoft was victim of the same breach and, more recently, the same threat actors hacked into its corporate mailboxes, stealing emails and attached documents.