Security News

Russian state hackers are adapting their techniques to target organizations moving to the cloud, an advisory from the UK National Cyber Security Centre and international security agencies has warned. The advisory details how cyber espionage group APT29 is directly targeting weaknesses in cloud services used by victim organizations to gain initial access to their systems.

As commercial adoption of cloud technologies continues, cloud-focused malware campaigns have increased in sophistication and number - a collective effort to safeguard both large and small enterprises is critical, according to Cado Security. Although cloud-focused attackers aim to exploit various services typically deployed in cloud environments, Docker remains the most frequently targeted for initial access, with 90.65% of honeypot traffic when discounting SSH. Identified malware campaigns, such as P2Pinfect, had a wide geographical distribution with nodes belonging to providers in China, the US, and Germany, which shows that regardless of where your infrastructure is located, it is still susceptible to Linux and cloud-focused attacks.

Russian threat actors APT29 are changing their techniques and expanding their targets to access cloud environments, members of the Five Eyes intelligence alliance have warned. Microsoft was victim of the same breach and, more recently, the same threat actors hacked into its corporate mailboxes, stealing emails and attached documents.

Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29. The...

Members of the Five Eyes intelligence alliance warned today that APT29 Russian Foreign Intelligence Service hackers are now switching to attacks targeting their victims' cloud services. The Russian cyberspies also compromised Microsoft 365 accounts belonging to various entities within NATO nations to obtain foreign policy-related data and targeted governments, embassies, and senior officials throughout Europe associated in a string of phishing attacks.

Cybersecurity researchers are warning about a spike in email phishing campaigns that are weaponizing the Google Cloud Run service to deliver various banking trojans such as Astaroth (aka...

Webinar Dealing with the double trouble of relentless cyber threats and regular technology refresh cycles can stretch already overworked security practitioners. Multi cloud might bring flexibility, but it can also increase the risk of misconfiguration and malicious attacks for example.

After select US federal agencies tested Microsoft's expanded cloud logging capabilities for six months, Microsoft is now making them available to all agencies using Microsoft Purview Audit - regardless of license tier. Microsoft first announced the expanded cloud logging capabilities in July 2023, after it revealed that Chinese hackers accessed email accounts belonging to 25 organizations and government agencies.

Over 29% of IT leaders found that moving projects from on-premises to the cloud was more expensive than expected, while 65% said it was financially predictable. The cost-benefit analysis of cloud versus on-premises infrastructure varies greatly depending on the organization.

Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban. Google Cloud Run is lets users deploy frontend and backend services, websites or applications, handle workloads without the effort of managing an infrastructure or scaling.