Security News

Enterprises often forget that SLAs with cloud providers cover access to the service, but not necessarily protection for the data. The platform includes DataProtect - a backup as a service offering that delivers enterprise grade security protection for data stored both on-prem and in the cloud, including in-flight and at rest encryption, immutability and built-in machine learning to improve efficiency and bolster ransomware protection.

How do organizations make sure that cyber security and backup/recovery processes keep up with the evolution to multi-cloud? In addition, how do they ensure that the data which is being stored, accessed, and transferred between multiple clouds and on-premises data center locations meets increasingly stringent data protection and regulatory requirements? 63% believed the emergence of cloud native applications, Kubernetes containers and SaaS workloads posed a risk to data protection, primarily because they lacked adequate tools to manage data protection in so many different environments.

A new piece of research from academics at ETH Zurich has identified a number of critical security issues in the MEGA cloud storage service that could be leveraged to break the confidentiality and integrity of user data. In a paper titled "MEGA: Malleable Encryption Goes Awry," the researchers point out how MEGA's system does not protect its users against a malicious server, thereby enabling a rogue actor to fully compromise the privacy of the uploaded files.

A "Dangerous piece of functionality" has been discovered in Microsoft 365 suite that could be potentially abused by a malicious actor to ransom files stored on SharePoint and OneDrive and launch attacks on cloud infrastructure. The cloud ransomware attack makes it possible to launch file-encrypting malware to "Encrypt files stored on SharePoint and OneDrive in a way that makes them unrecoverable without dedicated backups or a decryption key from the attacker," Proofpoint said in a report published today.

50% of respondents cited efficiency as the top motivator for cloud investments. Increased security is the second most important business driver for organizations investing in cloud computing, with 48% of respondents citing it as a key factor in their investment.

Microsoft has announced today the general availability of Microsoft Defender for Individuals, the company's new security solution for personal phones and computers. This new cross-device security solution is available for all Microsoft 365 customers with Personal or Family subscriptions starting today.

Security researchers are warning that threat actors could hijack Office 365 accounts to encrypt for a ransom the files stored in SharePoint and OneDrive services that companies use for cloud-based collaboration, document management and storage. A ransomware attack targeting files on these services could have severe consequences if backups aren't available, rendering important data inaccessible to owners and working groups.

A Thales report, conducted by 451 Research, reveals that 45% of businesses have experienced a cloud-based data breach or failed audit in the past 12 months, up 5% from the previous year, raising even greater concerns regarding to protecting sensitive data from cybercriminals. Globally, cloud adoption and notably multicloud adoption, remains on the rise.

The Cloud Security Alliance released the Top Threats to Cloud Computing: The Pandemic 11 report, which found a marked change in what cloud security provider security issues are seen as concerning. New, more nuanced items, such as configuration and authentication, suggest both that consumers' understanding of the cloud has matured, and signals a technology landscape where consumers are actively considering cloud migration.

Canonical released data from a survey revealing the goals, benefits, and challenges of cloud-native technologies. The report has surveyed more than 1,300 IT professionals over the last year about their usage of Kubernetes, bare metal, VMs, containers, and serverless applications.