Security News

The global healthcare cloud infrastructure market size is expected to reach $142 billion by 2028, according to ResearchAndMarkets. The growing trend of healthcare digitalization, rising expenditures, overburdened health systems, rising traffic on the network, growing data siloes, and the emergence of remote working is contributing to the demand for healthcare cloud infrastructure systems and solutions.

Nirmata announced a report that features an analysis of the current cloud native policy management market adoption, including the technologies used and the challenges that organizations face. The survey highlights that nearly 50 percent of users in cloud native environments have adopted some level of policy management solution in their Kubernetes environment.

China's Ministry of Industry and Information Technology has suspended Alibaba Cloud's membership of an influential security board to protest its handling of the Log4j flaw. The move appears odd as The Apache Software Foundation credited Alibaba Cloud's Chen Zhaojunfor identifying and reporting the Log4J flaw in the first place.

With the foundational security provided by Red Hat Enterprise Linux(RHEL), the layered products that run on top, such as Red Hat OpenShift, benefit by inheriting the security technologies provided by RHEL. Red Hat has packaged and delivered trusted Linux content for years and now delivers that same trusted content packaged as Linux containers, through the Red Hat Universal Base Image. This allows enterprises to build a security-focused hybrid cloud, manage and control a hybrid cloud with integrated security, and build, deploy, and run security-focused applications on top of a hybrid cloud using DevSecOps practices.

The credentials were a mixed bag in terms of sources, and it's not clear how these passwords became compromised. He added, "A compromised password goes well beyond the initial compromise as it facilitates password spraying and with the help of AI based analytical tools, the bad actors can start to identify patterns of how a person creates passwords. This is possible as the userID in question is an email address for the majority of the cases."

The growing awareness of cloud misconfigurations comes at a time of huge growth in cloud platforms. On one hand, 87 percent said they were fully or mostly in control of their remote working environment, with 51 percent crediting the acceleration of cloud migration as an influence that had improved their security best practice.

Western Digital is urging customers to update their WD My Cloud devices to the latest available firmware to keep receiving security updates on My Cloud OS firmware reaching the end of support. Western Digital advises customers to protect their data from attackers after the firmware is no longer supported by backing up their devices, disabling remote access, disconnecting it from the internet, and choosing a unique and strong password.

Oliver Tavakoli, CTO at Vectra AI, takes us inside the coming nexus of ransomware, supply-chain attacks and cloud deployments. Why are ransomware and the supply chain coming together? Historically, what started out as nation-state techniques make their way into pen-testing and red teaming tools and eventually become commoditized in attacks undertaken by hackers seeking profit.

With 80% of organizations now using a mix of cloud and on-premises database environments, the survey shows that the focus of data professionals is shifting to addressing the difficulties of migrating to the cloud ahead of improving the performance of their database estates. There is not one cloud there are many, with the 2021 State of the Cloud Report from Flexera revealing that organizations now use an average of 2.6 public clouds and are experimenting with an additional 1.1.

We're experiencing yet another incident in which cyberattacks can affect the real world: UKG, makers of payroll and HR software, have reported a ransomware attack that has taken its Kronos Private Cloud offline, and may result in it staying that way for weeks to come. In a statement about the outage, UKG said that it has no estimated time of resolution, that its backups aren't available until they "Determine the best approach" to restoration.