Security News

WhatsApp on Friday announced it will roll out support for end-to-end encrypted chat backups on the cloud for Android and iOS users, paving the way for storing information such as chat messages and photos in Apple iCloud or Google Drive in a cryptographically secure manner. "With the introduction of end-to-end encrypted backups, WhatsApp has created an HSM based Backup Key Vault to securely store per-user encryption keys for user backups in tamper-resistant storage, thus ensuring stronger security of users' message history," the company said in a whitepaper.

In the multitenant architecture, each customer's container is hosted in a Kubernetes pod on a dedicated, single-tenant node virtual machine, according to the analysis, and the boundaries between customers are enforced by this node-per-tenant structure. "Since practically anyone can deploy a container to the platform, ACI must ensure that malicious containers cannot disrupt, leak information, execute code or otherwise affect other customers' containers," explained researchers.

According to a Security Compass research, in mid-sized to large enterprises, 50% of the software applications being developed are cloud based, and another 30% are expected to migrate to the cloud within the next two years. According to the report, organizations are struggling to develop cloud applications that meet security requirements and that integrate with existing on-premise technologies.

The global cloud computing market size is expected to reach $1,251. Increasing adoption of 5G, IoT, and AI is expected to further support the growth of the market for cloud computing.

Lacework released its cloud threat report, unveiling the new techniques and avenues cybercriminals are infiltrating to profit from businesses. The rapid shift of applications and infrastructure to the cloud creates gaps in the security posture of organizations everywhere.

The sun never seems to set on the cybercriminal threat, but whether you're heading into autumn or bursting into spring you can tap into the world's finest cyber security training, at upcoming SANS Institute events in Asia and Oceania. With the cloud accounting for ever more of the world's compute, you can be assured that they all feature top courses focusing on detecting and countering cloud threats, including newly minted courses such as Cloud Security and DevSecOps Automation, and Public Cloud Security: AWS, Azure and GCP. With the development of the larger curriculum, SANS has conscientiously looked at job roles, training needs within those roles, and how we help students progress along their professional cloud security journey.

Companies should now consider cybercriminals as business competitors, according to Lacework's 2021 Cloud Threat Report Volume 2. The Lacework Lab analyzed telemetry from its customers and other data to identify rising and increasing security threats to cloud deployments.

All AWS Level 1 MSSP Competency Partners provide at minimum the ten 24/7 security monitoring, protection, and remediation services as defined in the Level 1 Managed Security Services baseline. Many of the Level 1 MSSP Competency Partners also provide additional security assessment and implementation professional services as well to assist customers in their AWS cloud journey.

A critical security vulnerability in Microsoft's Azure cloud database platform - Cosmos DB - could have allowed full remote takeover of accounts, with admin rights to read, write and delete any information to a database instance. "Azure Cosmos DB built-in Jupyter Notebooks are directly integrated into the Azure portal and your Azure Cosmos DB accounts, making them convenient and easy to use," according to Microsoft's documentation.

On Thursday, the company sent warnings to "Thousands" of its cloud computing customers, explaining that "Intruders" could have access to their databases, according to Reuters. On Thursday, Microsoft alerted cloud customers that uninvited guests could have access to their databases, according to Reuters.