Security News

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability
2024-09-14 04:12

Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is...

Fortinet admits miscreant got hold of customer data in the cloud
2024-09-13 00:58

That would explain this 440GB leak, then Fortinet has admitted that bad actors accessed cloud-hosted data about its customers, but insisted it was a "limited number" of files. The question is: how...

Google Cloud Strengthens Backup Service With Untouchable Vaults
2024-09-12 17:09

The backup and data recovery service adds an extra layer of protection in case a business encounters an attack or another major problem with Google Cloud storage.

eBook: Keep assets secure after cloud migration
2024-09-11 03:00

Organizations sometimes need to plan their cloud migrations with more emphasis on security and compliance. Many, therefore, struggle to keep their data safe after migrating to the cloud. To...

Cryptomator: Open-source cloud storage encryption
2024-08-28 04:30

Cryptomator offers open-source, client-side encryption of your files in the cloud. It’s available for Windows, Linux, macOS and iOS. Cryptomator works with Dropbox, Google Drive, OneDrive, MEGA,...

Uniting the brightest minds in security, network and cloud
2024-08-23 03:26

Immerse is Cloudflare’s premier annual conference in Southeast Asia Partner Content Cloudflare is excited to present Immerse, our flagship event designed to connect attendees directly with the...

110K domains targeted in 'sophisticated' AWS cloud extortion campaign
2024-08-21 17:23

If you needed yet another reminder of what happens when security basics go awry It's a good news day for organizations that don't leave their AWS environment files publicly exposed because infosec...

Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks
2024-08-19 10:02

Malicious actors are using a cloud attack tool named Xeon Sender to conduct SMS phishing and spam campaigns on a large scale by abusing legitimate services. "Attackers can use Xeon to send...

Attackers Exploit Public .env Files to Breach Cloud Accounts in Extortion Campaign
2024-08-16 16:30

A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files that contain credentials associated with cloud and social media applications. Env files, out of which 7,000 belonged to organizations' cloud services and 1,500 variables are linked to social media accounts.

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom
2024-08-15 14:07

Cybercriminals are breaking into organizations' cloud storage containers, exfiltrating their sensitive data and, in several cases, have been paid off by the victim organizations to not leak or sell the stolen data. Exposed environment files hold keys to hosting cloud environments.