Security News

Canonical released data from a survey revealing the goals, benefits, and challenges of cloud-native technologies. The report has surveyed more than 1,300 IT professionals over the last year about their usage of Kubernetes, bare metal, VMs, containers, and serverless applications.

Microsoft sets multi-factor authentication as default for all Azure AD customers. In a new blog post, the company revealed that it's adding multi-factor authentication as the default security setting for existing Azure customers who haven't changed that setting on their own.

Regardless of how centralized or distributed, the weak link appears when private keys or other MPC components must be computationally executed on a CPU. The point of the encryption protocols is that the algorithm is public, and the security relies only on the keys. If an attacker infiltrates multiple hosts, and gains access to the required pieces, they can perform the multi-party computation on their own and steal digital assets and funds.

Comcast Business published results from a report which provides an overview of the distributed denial of service (DDoS) attack landscape, trends experienced by its customers and insights for measuring and mitigating risks. The report indicates that 2021 was another record year for DDoS attacks, as Comcast Business DDoS Mitigation Services identified and helped defend 24,845 multi-vector attacks targeting Layers 3,4, and 7 simultaneously.

The report indicates that 2021 was another record year for DDoS attacks, as Comcast Business DDoS Mitigation Services identified and helped defend 24,845 multi-vector attacks targeting Layers 3,4, and 7 simultaneously. Overall, 69 percent of customers experienced DDoS attacks, a 41 percent increase over 2020, while 55 percent were targets of mulit-vector attacks, as opposed to in 2020 where most customers experienced single vector attacks.

According to a recent Pew Research survey, 64 percent of Americans are choosing to remain in either a fully remote or hybrid working environment, forcing businesses to grapple with the increasing complexity that comes with migrating and scaling workloads in the cloud. Qa survey respondents rank visibility into cloud data-in-motion as the top security factor globally.

28% of companies are using four or more public/private clouds today, but that is expected to more than double in two years to 65%. "As cloud service providers improve their security and data protection offerings, decision-makers increasingly realize they can't protect their firms' data on-premises as well as they can in the cloud. But migrating existing IAM tools and processes to multicloud IaaS, PaaS, and private clouds creates problems that firms must solve" according to the Forrester study. "According to the Forrester study, firms can't just lift-and-shift existing IAM tools from on-premises to the cloud," said Eric Olden, CEO of Strata Identity.

CloudBolt Software released its latest research report, examining industry sentiment in specific dimensions of hybrid cloud/multi-cloud, and aiming to uncover unmet cloud needs that hinder cloud innovation. These limitations are caused by too many groups across an enterprise using too many different tools and clouds, with 80% struggling to achieve comprehensive visibility into cloud usage and spend.

Hackers have begun adapting to wider use of multi-factor authentication. Security researchers at Proofpoint are warning of a new threat that's only likely to become more serious as time goes on: Hackers who publish phishing kits are beginning to add multi-factor authentication bypassing capabilities to their software.

Microsoft's threat analysts have uncovered a large-scale, multi-phase phishing campaign that uses stolen credentials to register devices onto the target's network and use them to distribute phishing emails. "The inbox rule allowed the attackers to avoid arousing the compromised users' suspicions by deleting non-delivery reports and IT notification emails that might have been sent to the compromised user."