Security News

Styra announced new cloud infrastructure support via Terraform, extending Styra Declarative Authorization Service guardrails to storage, network and compute resource configuration in public clouds including AWS, GCP and Azure. "Until now, DevOps and cloud platform teams had to manage authorization, policy and configuration with disparate tools in each of their clouds, in each of their orchestration clusters, and between the microservices that comprise modern apps," said Tim Hinrichs, co-founder and chief technology officer of Styra.

Google Cloud this week announced a new set of services aimed at help federal, state, and local government organizations in the United States to implement Zero Trust architecture. A recent Biden administration Executive Order on Improving the Nation's Cybersecurity requires government organizations adhere to a Zero Trust approach to cybersecurity, and Google Cloud has launched three new service offerings tailored to meet those needs and to be in line with National Institute of Standards and Technology standards.

Google has introduced a new Intrusion Detection Service together with "Adaptive Protection" for its cloud firewall, but such services make security a costly feature. CEO Thomas Kurian encouraged businesses to transfer their "Digital assets" to the cloud in order to benefit from "Cloud-native security." According to GM and VP of Cloud Security Sunil Potti, invisible security means "Security technologies are designed in... security operations as a silo disappears."

The CloudKnox deal is Microsoft's fourth cybersecurity acquisition over the last 12 months. Last June, Microsoft acquired CyberX to beef up its Azure IOT security capabilities and followed up soon after with a separate deal to buy firmware security security specialist ReFirm Labs.

Kubernetes clusters are being attacked via misconfigured Argo Workflows instances, security researchers are warning. Argo Workflows is an open-source, container-native workflow engine for orchestrating parallel jobs on Kubernetes - to speed up processing time for compute-intensive jobs like machine learning and big-data processing.

The researchers showed how an attacker could go from the cloud-based management console to all managed endpoint devices, and also from the endpoint devices to the management console. In the first attack, the attacker obtains unauthorized access to the account of a management console operator using stolen credentials or exploits.

The report, from Claroty research arm Team82, uncovered seven new CVEs, three affecting CODESYS software and four affecting WAGO PLCs. The vulnerabilities can be leveraged remotely and let an attacker break into a cloud management console via a single compromised field device, or take over multiple PLCs and OT devices using a single compromised workstation. Unfortunately for organizations moving their OT to the cloud, none of these exploits were possible when systems were located on site without any internet-facing elements.

Google announced recently that it has expanded the capabilities of Cloud Armor, a service that provides distributed denial of service protections and a web application firewall to keep customers safe from web attacks. Generally available since 2019, Cloud Armor leverages the same infrastructure and technology that Google uses to protect its own internet-facing properties.

A study from computer scientists at Columbia Engineering reveals what may be the first way to encrypt personal images on popular cloud photo services, such as those from Google, Apple, Flickr and others, all without requiring any changes to - or trust in - those services. Cloud photo services currently not compatible with image encryption.

Growing adoption of cloud-based services is propelling the expansion of the European IT and business services market, with the region setting a new record for as-a-service spending in the second quarter, according to the latest state-of-the-industry report from ISG. The EMEA ISG Index, which measures commercial outsourcing contracts with annual contract value of $5 million or more, shows ACV for the combined market, which includes both as-a-service and managed services, reached $6.3 billion, up 31 percent against a soft quarter last year during the onset of the pandemic, and up 4 percent against the first quarter of 2021. "Europe has traditionally lagged behind other regions in its adoption of cloud-based services but now growth is accelerating," said Steven Hall, president of ISG EMEA. "COVID-related digital transformation has advanced cloud adoption by three to five years, and as-a-service ACV will soon surpass 50 percent of the market. We are near a tipping point."