Security News

Cloud storage lockers from Microsoft and Google used to store and spread state-sponsored malware
2024-08-08 01:58

Black Hat State-sponsored cyber spies and criminals are increasingly using legitimate cloud services to attack their victims, according to Symantec's threat hunters who have spotted three such operations over recent months, plus new data theft and other malware tools in development by these goons. This piece of malware used Microsoft's Graph API to communicate with the attacker's command and control server, hosted on Microsoft OneDrive.

New Android Spyware LianSpy Evades Detection Using Yandex Cloud
2024-08-06 09:36

Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021. Cybersecurity vendor Kaspersky, which discovered the malware in March 2024, noted its use of Yandex Cloud, a Russian cloud service, for command-and-control communications as a way to avoid having a dedicated infrastructure and evade detection.

Top 6 Cloud Computing Certifications Worth Taking
2024-08-01 16:16

Cloud computing certifications can expand your skills and teach you how to navigate major cloud providers like Google Cloud or AWS. Specializations in certain cloud providers can serve as strong foundations for niche careers, while nearly all businesses use some form of cloud service. These courses teach how to perform cloud support in Microsoft Azure solutions and services, and how to adapt technology diagnostic skills specifically to IT and cloud problems.

eBook: 20 tips for secure cloud migration
2024-07-29 10:11

More organizations rely on cloud platforms to reap the benefits of scalability, flexibility, availability, and reduced costs. However, cloud environments come with security challenges and...

Enhancing threat detection for GenAI workloads with cloud attack emulation
2024-07-29 05:00

Cloud GenAI workloads inherit pre-existing cloud security challenges, and security teams must proactively evolve innovative security countermeasures, including threat detection mechanisms. More recently, detection engineering has spun off as a specialized aspect of threat detection, allowing detection engineers to customize threat detection systems.

Cirrus: Open-source Google Cloud forensic collection
2024-07-29 04:15

Cirrus is an open-source Python-based tool designed to streamline Google Cloud forensic evidence collection. It can streamline environment access and evidence collection in investigations involving Google Workspace and GCP. The tool simplifies incident response activities and enhances an organization's security posture.

Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
2024-07-27 05:47

Cybersecurity researchers have discovered a malicious package on the Python Package Index repository that targets Apple macOS systems with the goal of stealing users' Google Cloud credentials from a narrow pool of victims. The package, named "Lr-utils-lib," attracted a total of 59 downloads before it was taken down.

Researchers Reveal ConfusedFunction Vulnerability in Google Cloud Platform
2024-07-25 08:29

Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform's Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner. "An attacker could escalate their privileges to the Default Cloud Build Service Account and access numerous services such as Cloud Build, storage, artifact registry and container registry," the exposure management company said in a statement.

Cloud security threats CISOs need to know about
2024-07-25 04:00

In this Help Net Security interview, Ava Chawla, Head of Cloud Security at AlgoSec, discusses the most significant cloud security threats CISOs must be aware of in 2024. These threats include data...

PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing
2024-07-22 12:26

A Latin America-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the abuse of the cloud computing model for malicious purposes. The campaign involved the use of Google Cloud container URLs to host credential phishing pages with the aim of harvesting login information associated with Mercado Pago, an online payments platform popular in the LATAM region.