Security News

Luckily, there are tactics one can deploy to avoid cloud configuration breaches and prevent error from both technology and humans. Rather than creating a whole new service or application, unpair your app components from your infrastructure so when the elements need an update, it can be easily replaced by a new security hardened gold image as mentioned above.

After spending five years poring over port scan results, infosec firm Imperva reckons there's about 12,000 vulnerability-containing databases accessible through the internet. The news might prompt responsible database owners to double-check their updates and patching status, given the increasing attractiveness of databases and their contents to criminals and hostile foreign states alike.

Zero Trust deployment - moving all your apps and data to the cloud and assuming no user or device is trustworthy until proven otherwise in order to gain access - has been rapidly introduced as a result of the pandemic. Most attempts at achieving Zero Trust access today are a patchwork of disparate products from different vendors connected to virtual private networks, with rudimentary on-off access controls based on limited visibility.

The pandemic has forced most organizations to accelerate their digital transformation and migrate to the cloud though third-party cloud providers. Every time an organization shares data with a third party, they expand their attack surface and put data and customers at risk.

A recent study of enterprise IT security decision makers conducted by Tresorit shows that majority of enterprises use additional encryption methods to boost the security of cloud collaboration and file transfer tools with built-in end-to-end encryption are still less frequent despite the growing popularity of this privacy and security enhancing technology. Hybrid work era driving the need for external file sharing security.

WhatsApp on Friday announced it will roll out support for end-to-end encrypted chat backups on the cloud for Android and iOS users, paving the way for storing information such as chat messages and photos in Apple iCloud or Google Drive in a cryptographically secure manner. "With the introduction of end-to-end encrypted backups, WhatsApp has created an HSM based Backup Key Vault to securely store per-user encryption keys for user backups in tamper-resistant storage, thus ensuring stronger security of users' message history," the company said in a whitepaper.

In the multitenant architecture, each customer's container is hosted in a Kubernetes pod on a dedicated, single-tenant node virtual machine, according to the analysis, and the boundaries between customers are enforced by this node-per-tenant structure. "Since practically anyone can deploy a container to the platform, ACI must ensure that malicious containers cannot disrupt, leak information, execute code or otherwise affect other customers' containers," explained researchers.

According to a Security Compass research, in mid-sized to large enterprises, 50% of the software applications being developed are cloud based, and another 30% are expected to migrate to the cloud within the next two years. According to the report, organizations are struggling to develop cloud applications that meet security requirements and that integrate with existing on-premise technologies.

The global cloud computing market size is expected to reach $1,251. Increasing adoption of 5G, IoT, and AI is expected to further support the growth of the market for cloud computing.

Lacework released its cloud threat report, unveiling the new techniques and avenues cybercriminals are infiltrating to profit from businesses. The rapid shift of applications and infrastructure to the cloud creates gaps in the security posture of organizations everywhere.