Security News

How AI Is Changing the Cloud Security and Risk Equation
2024-11-04 18:06

Discover how AI amplifies cloud security risks and how to mitigate them, with insights from Tenable’s Liat Hayun on managing data sensitivity, misconfigurations, and over-privileged access.

Gang gobbles 15K credentials from cloud and email providers' garbage Git configs
2024-10-31 23:59

Emeraldwhale gang looked sharp – until it made a common S3 bucket mistake A criminal operation dubbed Emeraldwhale has been discovered after it dumped more than 15,000 credentials belonging to...

Hackers steal 15,000 cloud credentials from exposed Git config files
2024-10-30 14:00

A global large-scale dubbed "EmeraldWhale" exploited misconfigured Git configuration files to steal over 15,000 cloud account credentials from thousands of private repositories. [...]

Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services
2024-10-28 17:26

A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise...

Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining
2024-10-26 09:06

The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached...

Just how private is Apple's Private Cloud Compute? You can test it to find out
2024-10-25 15:04

Also updates bug bounty program with $1M payout In June, Apple used its Worldwide Developer Conference to announce the creation of the Private Cloud Compute platform to run its AI Intelligence...

Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security
2024-10-25 12:25

Apple has publicly made available its Private Cloud Compute (PCC) Virtual Research Environment (VRE), allowing the research community to inspect and verify the privacy and security guarantees of...

Apple creates Private Cloud Compute VM to let researchers find bugs
2024-10-24 22:48

Apple created a Virtual Research Environment to allow public access to testing the security of its Private Cloud Compute system, and released the source code for some "key components" to help...

AWS Cloud Development Kit flaw exposed accounts to full takeover
2024-10-24 22:33

Remember Bucket Monopoly? Yeah, it gets worse Amazon Web Services has fixed a flaw in its open source Cloud Development Kit that, under the right conditions, could allow an attacker to hijack a...

AWS Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover Risks
2024-10-24 13:00

Cybersecurity researchers have disclosed a security flaw impacting Amazon Web Services (AWS) Cloud Development Kit (CDK) that could have resulted in an account takeover under specific...