Security News

DataStax announced a collaboration with NetApp to deliver full lifecycle management for cloud native data in its DataStax Enterprise database as well as open source Apache Cassandra clusters. As part of this partnership, the two companies have worked together to integrate the NetApp Astra data management service for Kubernetes workloads with DataStax Enterprise and Cassandra to provide a single pane of glass management for Cassandra data in modern containerized environments.

Immuta will use the investment to further its market leadership position and capture rising demand for centralized, scalable access control across cloud data sets that are increasingly diverse and distributed on multiple compute platforms. "We've entered a new era in data and analytics fueled by ubiquitous cloud storage, new cloud data management tools, and the rise of DataOps," said Immuta's CEO Matthew Carroll.

More than 100 million Android users are at risk after 23 different mobile apps were found to leak personal data in the wake of rampant cloud misconfigurations. In the case of at least two of the apps, cloud keys were exposed with no safeguards, according to the researchers.

Security researchers discovered that personal data of more than 100 million Android users has been exposed due to various misconfigurations of cloud services. The data was found in unprotected real-time databases used by 23 apps with download counts ranging from 10,000 to 10 million and also includes internal developer resources.

Even though the number of organizations with some level of cloud adoption remained steady year-over-year, the percentage of organizations that are moving advanced workloads to the cloud has increased by 25 percent. While security and skills are still major concerns for organizations, the statistics clearly indicate that businesses are becoming more confident about moving their important workloads to the cloud and embracing cloud more than ever.

"Security teams today have to deal with a dizzying array of security tools from CASBs, PAMs, IGAs, CIEMs, SSPMs, and more-and they still lack insight and control over human and machine identities and permissions in cloud platforms and applications," said Art Poghosyan, CEO of Britive. Britive's Dynamic Permissioning Platform takes the complexity and time out of securing identities and permissions across multi-cloud environments, including AWS, Azure, GCP, Snowflake, Salesforce, ServiceNow and Oracle Cloud.

Popular German cloud hosting and dedicated server provider Hetzner has banned cryptomining on its servers after users have been using their large storage devices to mine Chia. For those not familiar with Chia, instead of mining the cryptocurrency with specialized equipment or graphics cards, it uses a new mining system called Proof of Space and Proof of Time.

Threat actors are cashing in on the rapid shift to cloud-based business services during the pandemic, by hiding behind ubiquitous, trusted services from Microsoft and Google to make their email phishing scams look legit. In the first three months of 2021 alone, researchers found 7 million malicious emails sent from Microsoft 365 and a staggering 45 million sent from Google's infrastructure, Proofpoint reported, adding that cybercriminals have used Office 365, Azure, OneDrive, SharePoint, G-Suite and Firebase storage to send phishing emails and host attacks.

The latest escalation of the cybersecurity arms race finds threat actors following their targets into the cloud as they start to launch difficult-to-detect attacks by leveraging trusted domains owned by companies like Google and Microsoft. According to a blog post from cybersecurity software company Proofpoint, cloud collaboration tools like Microsoft 365, Azure, OneDrive, SharePoint, G-Suite and Firebase are being used to launch an increasing number of cyberattacks, and their cloud-hosted nature makes them difficult to detect.

Virtuozzo has announced the availability of its newest product, Virtuozzo Hybrid Cloud. According to Liam Eagle, Research Director, 451 Research, a part of S&P Global Market Intelligence, "As the breadth of organizations seeking cloud solutions continues to grow, a gap in the skills necessary to navigate the complexities of the most advanced cloud platforms is a common limitation. This presents an opportunity for the alternative vendors to solidify the role of their services as delivering the core value proposition of cloud in a simpler, more digestible and often lower-cost configuration."