Security News

Ransomware spike exposes cracks in cloud security
2025-05-05 04:00

90% of IT and security leaders said their organization experienced a cyberattack within the last year, according to a report by Rubrik. “Many organizations that move to the cloud assume their...

WhatsApp unveils 'Private Processing' for cloud-based AI features
2025-04-30 19:01

WhatsApp has announced the introduction of 'Private Processing,' a new technology that enables users to utilize advanced AI features by offloading tasks to privacy-preserving cloud servers. [...]

Cloud doesn’t mean secure: How Intruder finds what others miss
2025-04-30 08:00

A cloud security platform that manages the attack surface and security vulnerabilities in AWS Sponsored post You’d be naïve to believe that the cloud is secure by default, and while most hosting...

Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools
2025-04-28 09:07

Government and telecommunications sectors in Southeast Asia have become the target of a "sophisticated" campaign undertaken by a new advanced persistent threat (APT) group called Earth Kurma since...

Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers
2025-04-27 05:02

Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year. "The attack involves...

Skyhawk Security brings preemptive cloud app defense to RSAC 2025
2025-04-24 11:21

Skyhawk Security is adding new protection for custom-built cloud applications. The company announced the update to its AI-powered Autonomous Purple Team for RSAC 2025 Conference, which starts...

GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages
2025-04-22 14:06

Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow...

Bug hunter tricked SSL.com into issuing cert for Alibaba Cloud domain in 5 steps
2025-04-22 02:23

10 other certificates 'were mis-issued and have now been revoked' Certificate issuer SSL.com’s domain validation system had an unfortunate bug that was exploited by miscreants to obtain, without...

Oracle hopes talk of cloud data theft dies off. CISA just resurrected it for Easter
2025-04-18 16:28

Some in the infosec world definitely want to see Big Red crucified CISA – the US government's Cybersecurity and Infrastructure Security Agency – has issued an alert for those who missed Oracle...

CISA warns of increased breach risks following Oracle Cloud leak
2025-04-17 11:23

On Wednesday, CISA warned of heightened breach risks after the compromise of legacy Oracle Cloud servers earlier this year and highlighted the significant threat to enterprise networks. [...]