Security News

Miklos Daniel Brody, a cloud engineer, was sentenced to two years in prison and a restitution of $529,000 for wiping the code repositories of his former employer in retaliation for being fired by the company. First Republic Bank was a commercial bank in the U.S., employing over seven thousand people and having an annual revenue of $6.75 billion.

Webinar In the natural world, there are ten different kinds of cloud - a rare simplicity in meteorological terms. Multi-cloud environments in particular spawn a lot of complexity, and their continuous evolution can also create cyber security blind spots.

Australia is building a top-secret cloud to host intelligence data and share it with the US and UK, which have their own clouds built for the same purpose. The three clouds were discussed on Monday by Andrew Shearer, Australia's director-general of national intelligence, at an event hosted by the Center for Strategic & International Studies in Washington, DC. "We are working very hard on a top-secret cloud initiative," Shearer told the event, adding that it will interoperate with similar infrastructure already operated by the US and UK, and mean sensitive data can be shared "Near instantaneously."

Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS) as a way to infiltrate cloud accounts and conduct follow-on attacks. The service enables threat actors to...

Nearly all organizations rely on the cloud to store sensitive data and run critical systems. 93% agree that zero-trust segmentation is essential to their cloud security strategy.

A ransomware infection at a cloud IT provider has disrupted services for 60 or so credit unions across the US, all of which were relying on the attacked vendor. This is according to the National Credit Union Administration, which on Friday told The Register it is fire-fighting the situation with the credit unions downed this week by the intrusion.

VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over two weeks since it was disclosed on November 14th. Cloud Director is a VMware platform that enables admins to manage data centers spread across multiple locations as Virtual Data Centers. "On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 or port 5480," VMware explains.

Cloud-based security initiatives, such as Secure Access Service Edge and Security Service Edge, comprising Secure Web Gateway, Cloud Access Security Brokers, Data Loss Prevention, and Zero Trust Network Access, effectively push security to wherever the corporate users, devices, and resources are - all via the cloud. For starters, this hybrid security architecture adds up the cost and complexity of managing disparate security solutions, something organizations desperately attempt to overcome with cloud-based converged security stacks.

In 2023, the cloud isn't just a technology—it's a battleground. Zenbleed, Kubernetes attacks, and sophisticated APTs are just the tip of the iceberg in the cloud security warzone. In collaboration...

In the last year, 47% of all data breaches originated in the cloud, and more than 6 in 10 respondents believe cloud security is lacking and poses a severe risk to their business operations, according to Illumio. 97% believe Zero Trust Segmentation can greatly improve their organization's cloud security strategy because it improves digital trust, ensures business continuity, and bolsters cyber resilience.