Security News

On the face of it, the cloud fundamentally changes how security teams investigate and remediate incidents. The complacent might think that the cloud providers, with all their resources, should have them covered.

The new contribution to the open source Kubernetes ecosystem addresses the need for organizations to easily deploy, run and manage Kubernetes clusters directly on top of bare metal servers, increasing performance and minimizing cost and operational effort."Running Kubernetes directly on bare metal servers is the next big thing for the Kubernetes community, but it has been challenging and difficult to implement," said Tenry Fu, CEO, Spectro Cloud.

Researchers at FireEye's threat intelligence and incident response unit Mandiant have identified a critical vulnerability that exposes millions of IoT devices to remote attacks. The flaw was found in a core component of the Kalay cloud platform for IoT devices offered by ThroughTek, a Taiwan-based company that provides IoT and M2M solutions for surveillance, security, smart home, cloud storage, and consumer electronics systems.

In this interview with Help Net Security, Melissa Sutherland, Senior Vice President at Booz Allen Hamilton, talks about multi-cloud maturity, cloud migration strategies, as well as the evolution of the cloud in the near future. Most federal agencies have begun their journey to implement enterprise cloud strategies, although at varying degrees of maturity.

Baffle's no-code, simple-to-deploy security mesh takes a data-centric approach at cloud scale without a performance impact or changes to applications. Baffle is the only data-centric security solution that universally protects data as it's created, stored and processed, from any source to any destination, on premises or in the cloud, no matter where it lives.

Researchers have described a voltage glitching attack that shows AMD's Secure Encrypted Virtualization technology may not provide proper protection for confidential data in cloud environments. The TU Berlin researchers showed that an attacker who has physical access to the targeted system can gain access to SEV-protected VM memory content by launching a voltage fault injection attack on SP. In order to work as intended, integrated circuits need to operate within specific temperature, clock stability, electromagnetic field, and supply voltage ranges.

The combined public cloud IaaS and PaaS market is forecast to have revenues of $400 billion in 2025 with a compound annual growth rate of 28.8% during the 2021-2025 forecast period, according to IDC. Application development and testing, structured data management, and structured data analytics will be the largest workload segments by revenue share. "Enterprise spending on public cloud infrastructure continues to grow faster than traditional IT infrastructure segments," said Andrew Smith, research manager Cloud Infrastructure Services at IDC. "We expect all workload segments to grow in the double digits - some slightly faster than others - as enterprises emerge from 2020 and continue to prioritize workload migration and modernization using public cloud infrastructure."

ShopVue announced the availability of a cloud deployment solution. ShopVue now offers manufacturers the choice of on-premise or cloud deployment options based on their specific needs and preferences.

Ideally, engage with a cloud provider that can extend existing data center security into the cloud. The learning curve will be reduced for the security team and enables the same policies to be developed and deployed across physical and cloud infrastructure.

Toshiba is enabling businesses to easily leverage cloud-based workplace solutions for today's modern workforce. The company's Elevate Sky platform features a broad portfolio of Toshiba and third-party cloud-enabled systems, software and services including print, document and printer fleet management, workflow and beyond.