Security News
After working strictly in the cloud with industry-leading enterprises for the past six years, I've seen it all and can sympathize with CISOs facing cloud security challenges. The overall risk level in key areas such as cloud security posture management, cloud infrastructure entitlement management, cloud workload protection platform and data are considered "High"' While a few organizations were at only a "Medium" level in some areas, none were at "Low" risk.
Network builders tend to overlook the vulnerabilities of network topologies, which leads to complications down the road, especially since the structures of cloud network topologies are not all of the same quality. Although there are various network topologies for on-prem infrastructure, the network design team may not be aware of the best approach in cloud platforms for their requirements, or a cloud networking strategy may even go overlooked during the migration.
Cloud and application security is everyone's responsibility - there isn't much of a choice. Many enterprise cloud customers make the mistake of believing that they are free from obligation when it comes to application security, and they deploy the apps in the cloud, exposing themselves to security gaps at the seam of enterprise and cloud vendor infrastructures.
Enterprises have a limited number of analysts running their security operations centers and are deploying multiple tools in an attempt to address their cloud security challenges, according to ManageEngine. ManageEngine's study has also revealed a surge in cloud adoption, with 72% of respondents using multi-cloud applications and another 5% using hybrid cloud systems.
Companies are challenged with more complex hybrid IT environments. They are raising budgets to fend off cyberattacks and keep up as production environments continue to diversify across various clouds, according to Veeam Software.
The survey seeks to uncover the changing attitudes toward public cloud storage adoption, the factors that influence storage buying decisions, and the top priorities when it comes to budget, use cases, security, and cloud data migration. "We also gathered important data to inform understanding of new trends: the fact that more than 50% of organizations exceed their budgeted spend on cloud storage; and that many struggle with security due to inadequate training and user experience with cloud storage," added Smith.
GoTo is a well-known brand that owns a range of products, including technologies for teleconferencing and webinars, remote access, and password management. If you've ever used GoTo Webinar, GoToMyPC, or LastPass, you've used a product from the GoTo stable.
"The rise in attacks on the cloud was driven both by an overall increase in cyberattacks globally and also by the fact that it holds much more data and incorporates infrastructure and services from large amounts of potential victims, so when exploited the attacks could have a larger impact," Omer Dembinsky, data group manager at Check Point, told The Register. Check Point researchers noted examples in recent years that highlight the dangers of attacks on networks hosted in or managed from the cloud, including a security breach of AIS, a cellular network in Thailand, in which 8 billion internet activity records were accidentally exposed.
The volume of cloud-based malware tripled in 2022 over the prior year, says Netskope, with 30% of the malicious downloads coming from Microsoft OneDrive. The post Rise of cloud-delivered malware...
Four different Microsoft Azure services have been found vulnerable to server-side request forgery attacks that could be exploited to gain unauthorized access to cloud resources. The security issues, which were discovered by Orca between October 8, 2022 and December 2, 2022 in Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digital Twins, have since been addressed by Microsoft.