Security News

We all know using a cloud-based identity provider expands your attack surface, but just how big does that attack surface get? And can we even know for sure? The first step towards mitigating the expanded attack surface in the cloud is recognizing the risks and potential vulnerabilities of cloud identity providers.

Even more alarming are the revelations in this year's report about browser session cookies - unquestionably the most prized data exfiltrated by malware. SpyCloud recaptured 1.87 billion malware cookie records tied to Fortune 1000 employees.

AWS has been offering Amazon Linux, a cloud-optimized Linux distribution, since 2010. Amazon Linux 2023 is provided at no additional charge.

GitHub Actions and Azure virtual machines are being leveraged for cloud-based cryptocurrency mining, indicating sustained attempts on the part of malicious actors to target cloud resources for illicit purposes. "Attackers can abuse the runners or servers provided by GitHub to run an organization's pipelines and automation by maliciously downloading and installing their own cryptocurrency miners to gain profit easily," Trend Micro researcher Magno Logan said in a report last week.

Microsoft has announced today the general availability of Microsoft Defender for Individuals, the company's new security solution for personal phones and computers. This new cross-device security solution is available for all Microsoft 365 customers with Personal or Family subscriptions starting today.

Regardless of how centralized or distributed, the weak link appears when private keys or other MPC components must be computationally executed on a CPU. The point of the encryption protocols is that the algorithm is public, and the security relies only on the keys. If an attacker infiltrates multiple hosts, and gains access to the required pieces, they can perform the multi-party computation on their own and steal digital assets and funds.

Microsoft has announced that the company's new cloud-based Microsoft Defender security solution has entered preview for home customers in the United States. While Microsoft paints a pretty picture of Microsoft Defender Preview's capabilities, in reality, the application is in its very early stages.

Why is a web filtering important and what are the main features necessary for MSPs? Managed service providers have been struggling with finding the right web filtering solutions. Web filtering is necessary for businesses because it prevents the staff from accessing malicious and harmful content while using the corporate network or while working from home, besides offering other advantages like monitoring their performance and keeping it to the maximum to ensure productivity.

Oliver Tavakoli, CTO at Vectra AI, takes us inside the coming nexus of ransomware, supply-chain attacks and cloud deployments. Why are ransomware and the supply chain coming together? Historically, what started out as nation-state techniques make their way into pen-testing and red teaming tools and eventually become commoditized in attacks undertaken by hackers seeking profit.

Despite increasing cyberattacks targeting data in the cloud, 83% of businesses are still failing to encrypt half of the sensitive data they store in the cloud, raising even greater concerns as to the impact cyber criminals can have. 40% of organizations have experienced a cloud-based data breach in the past 12 months, according to a study conducted by 451 Research.