Security News

A critical vulnerability affecting VMware Aria Automation and VMware Cloud Foundation can be exploited by attackers to gain access to remote organizations and workflows, VMware has warned.Patches are available and VMware recommends upgrading to VMware Aria Automation 8.16.

Multiple Atlassian Jira products are experiencing an ongoing outage as of this morning. BleepingComputer can confirm that Jira services are experiencing connection issues since this morning, at least as of 3:45 AM Eastern time.

"These types of solutions offer an integrated platform approach to cloud security that allows security teams to save time and gain visibility, leading to operational efficiencies, tool consolidation, and streamlined compliance," it concludes. The report highlights how Trend Vision One delivers an integrated platform that meets the needs of both cloud and security teams, with functionality including cloud-native application protection platform capabilities, that provide comprehensive, automated and connected protection across cloud environments.

Scammers are buying up cheap domain names to host sites that sell dodgy health products using fake articles, according to cybercrime disruption outfit Netcraft. Some of the stories suggest that judges on entrepreneurial reality shows Shark Tank and Dragons' Den have backed the products.

A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person was...

As we reflect on the cybersecurity landscape and the trajectories of threat vectors, it's evident that we're on the cusp of a paradigm shift in cloud security. It's a reminder that even with advancements in cloud security, fundamental principles like IAM can't be overlooked.

A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS),...

Japanese game developer Ateam has proven that a simple Google Drive configuration mistake can result in the potential but unlikely exposure of sensitive information for nearly one million people over a period of six years and eight months. Setting Google Drive to "Anyone with the link can view" makes it viewable only to those with the exact URL, typically reserved for collaboration between people working with non-sensitive data.

Two not-for-profit hospitals in New York are seeking a court order to retrieve data stolen in an August ransomware attack and now stored on the servers of a Boston cloud storage company. The LockBit ransomware gang claimed responsibility for breaching and stealing sensitive files from their systems in late August, with a press release published by the hospitals one week later saying the incident forced them to redirect patients requiring urging care to other hospitals' emergency departments.

Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges. "An...