Security News

What will cybersecurity look like in 2024? Google Cloud's global Cybersecurity Forecast found that generative AI can help attackers and defenders and urged security personnel to look out for nation-state backed attacks and more. Threat actors will use generative AI and large language models in phishing and other social engineering scams, Google Cloud predicted.

Infosec bods have detailed an underground cybersecurity tool dubbed Predator AI that not only can be used to compromise poorly secured cloud services and web apps, but has an optional chat-bot assistant that only kinda works. Predator AI is apparently programmed to be to able to exploit 30 kinds of misconfigured or poorly setup web-based services and technologies, ranging from Amazon Web Services' Simple Email Service, Twilio, and WordPress to OpenCart, Magento, OneSignal, Stripe, and PayPal, SentinelLabs boffin Alex Delamotte explained on Wednesday.

Cloud computing company VMware rolled out new cloud, AI, edge and data services at VMware Explore Barcelona 2023 on November 7. "We truly believe private AI will become the default architecture for enabling generative AI in the enterprise," said Chris Wolf, vice president of VMware AI Labs, in a pre-briefing for the media on November 2.

The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. In a report from cloud security company Aqua Nautilus, researchers describe a Kinsing malware attack where the threat actor exploited CVE-2023-4911 to elevate permissions on a compromised machine.

The risk associated with dependence on a particular cloud provider for multiple business capabilities is in the top five emerging risks for organizations for the second consecutive quarter, according to a survey by Gartner. In September 2023, Gartner surveyed 294 risk executives about their views on emerging risk or over-the-horizon risks.

In the active Elektra-Leak campaign, attackers hunt for Amazon IAM credentials within public GitHub repositories before using them for cryptomining. New research from Palo Alto Networks's Unit 42 exposes an active attack campaign in which a threat actor hunts for Amazon IAM credentials in real time in GitHub repositories and starts using them less than five minutes later.

The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a "new experimental campaign"...

Amazon Web Services has launched an independent cloud for Europe designed for public sector customers and companies operating in highly regulated industries within the European Union. The AWS Sovereign Cloud will operate both "Physically and logically" separate from AWS's existing cloud regions and has been engineered specifically to meet the data residency and regulatory requirements of European customers.

Sponsored Post The job of the cyber security professional is never easy, and it gets progressively harder with the movement of sensitive data and applications across the multiple different on and off premise systems that make up modern hybrid cloud environments. That's why SANS has created a training and certification curriculum devoted specifically to cloud security, designed to help those responsible for implementing effective cloud security measures within their organisation to broaden their knowledge and skills.

A new report from Netskope detailing the top techniques used by cybercriminals to attack organizations found that cloud apps are increasingly being used by threat actors, representing 19% of all clicks on spearphishing links. Netskope recently reported that Microsoft OneDrive is the most popular cloud app used in enterprises, so it is not a surprise that attackers leverage this target a lot, alongside Microsoft Teams, SharePoint and Outlook.