Security News

Securonix announced a new product for its cloud-native platform: Securonix Open XDR. The new product comes with Securonix Autonomous Threat Sweep and empowers customers with robust threat detection and response capabilities needed to respond swiftly to sophisticated threats across endpoints, networks and hybrid cloud environments. The fully integrated solution delivers out-of-the-box threat detection and response across endpoints, networks and the cloud for rapid time to value.

Cloud security is critically important for organizations across the globe as adoption of cloud infrastructure continues to grow at a rapid clip. The shift toward the cloud is unstoppable, and inevitably, it's driving soaring demand for skilled security professionals, according to GIAC. Demand for specific cloud security skills is far outpacing the broader demand for cybersecurity skills, according to Burning Glass.

The Asia Pacific Network Information Centre, the internet registry for the region, has admitted it left at least a portion of its Whois SQL database, which contains sensitive information, facing the public internet for three months. During that maintenance effort, a dump from APNIC's Whois SQL database was copied to a Google Cloud storage bucket that Sanjaya said "Was believed to be private".

Infrastructures change, attack surfaces reduce and multiply and, not surprisingly, your cloud environment advances. Often with lateral attacks, the attacker first gains access to key pairs and sets up a temporary credential using specific commands.

Sapio Research conducted a survey of more than 400 IT leaders at U.S.-based organizations with more than 1000 employees which offers a picture for enterprises transitioning to the cloud and multi-cloud so that they understand the challenges and are empowered to make informed decisions about cloud networking and security. The results show that while multi-cloud transit can dramatically improve network latency, the move to multi-cloud also introduces significant complexity and security challenges.

Vaccine passports challenged by data privacy and security implicationsWhile some think vaccine apps could be the key to lifting travel restrictions, challenges have arisen regarding data privacy and security implications. Apple fixes actively exploited vulnerabilities affecting older iDevicesApple has released a security update for older iDevices to fix three vulnerabilities, two of which are zero-days that are apparently actively exploited in attacks in the wild.

As cloud computing grows in popularity across all use cases, cloud workloads have never been more attractive to malicious actors. While defending on-premises setups is about detecting suspicious communications, cloud security is about closing open doors due to loose authorizations and misconfigurations.

OpsCompass announced the results of a report it conducted on cloud security posture and management challenges. "Operations teams are managing increasingly complex cloud infrastructure and are hyper-concerned about misconfigurations and configuration drift resulting in security gaps and potential breaches. Our goal with this report is to assess what teams are experiencing today, understand their concerns, and drive conversations to improve cloud security."

Ingram Micro Cloud announced its new Marketplace-as-a-Service model to help reseller partners fully automate and scale the next step of their cloud businesses. The offering enables Ingram Micro Cloud channel reseller partners to launch their very own cloud marketplace and grow with streamlined cloud subscription management and billing, helping provide an accelerated path to commercialize and sell their products and services.

In the digital world, cryptographic solutions use encryption keys to secure data at rest, data in use, and data in transit. Now, you can and should encrypt the keys themselves, but then how do you protect those encryption keys? This cycle eventually ends with a root key, which is the most important key in the chain.