cloud security

Cloud security is stuck in slow motion

Cloud security is stuck in slow motion 2025-12-23 at 08:23 By Anamarija Pogorelec Cloud environments are moving faster than the systems meant to protect them. A new Palo Alto Networks study shows security teams struggling to keep up with development cycles, growing cloud sprawl, and attacker tactics that now compress breaches into minutes instead of […]

Cloud security is stuck in slow motion Read More »

Palo Alto Networks, Google Cloud Strike Multibillion-Dollar AI and Cloud Security Deal

Palo Alto Networks, Google Cloud Strike Multibillion-Dollar AI and Cloud Security Deal 2025-12-19 at 18:44 By Mike Lennon The agreement strengthens technical and commercial ties as Palo Alto migrates workloads and adopts Google’s Vertex AI and Gemini models. The post Palo Alto Networks, Google Cloud Strike Multibillion-Dollar AI and Cloud Security Deal appeared first on

Palo Alto Networks, Google Cloud Strike Multibillion-Dollar AI and Cloud Security Deal Read More »

Docker Makes 1,000 Hardened Images Free and Open Source

Docker Makes 1,000 Hardened Images Free and Open Source 2025-12-19 at 16:16 By Eduard Kovacs Millions of developers can now use the secure, production-ready images made by Docker. The post Docker Makes 1,000 Hardened Images Free and Open Source appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Docker Makes 1,000 Hardened Images Free and Open Source Read More »

$320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits

$320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits 2025-12-12 at 09:51 By Eduard Kovacs Participants earned rewards at the hacking competition for Grafana, Linux Kernel, Redis, MariaDB, and PostgreSQL vulnerabilities. The post $320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

$320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits Read More »

MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations

MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations 2025-12-11 at 16:25 By Eduard Kovacs Eleven companies took part in the evaluations and several have boasted 100% detection and coverage rates. The post MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations Read More »

CISOs are spending big and still losing ground

CISOs are spending big and still losing ground 2025-12-08 at 07:31 By Anamarija Pogorelec Security leaders are entering another budget cycle with more money to work with, but many still feel no safer. A new benchmark study from Wiz shows a widening gap between investment and impact. Budgets keep rising, cloud programs keep expanding, and

CISOs are spending big and still losing ground Read More »

re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities 

re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities  2025-12-03 at 14:35 By Eduard Kovacs AWS and cybersecurity vendors have made several announcements at the cloud giant’s re:Invent 2025 event.  The post re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities  appeared first on SecurityWeek. This article is an excerpt from

re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities  Read More »

Fluent Bit Vulnerabilities Expose Cloud Services to Takeover

Fluent Bit Vulnerabilities Expose Cloud Services to Takeover 2025-11-25 at 15:47 By Ionut Arghire Five flaws in the open source tool may lead to path traversal attacks, remote code execution, denial-of-service, and tag manipulation. The post Fluent Bit Vulnerabilities Expose Cloud Services to Takeover appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Fluent Bit Vulnerabilities Expose Cloud Services to Takeover Read More »

cnspec: Open-source, cloud-native security and policy project

cnspec: Open-source, cloud-native security and policy project 2025-11-24 at 08:32 By Sinisa Markovic cnspec is an open source tool that helps when you are trying to keep a sprawling setup of clouds, containers, APIs and endpoints under control. It checks security and compliance across all of it, which makes it easier to see what needs

cnspec: Open-source, cloud-native security and policy project Read More »

Sweet Security Raises $75 Million for Cloud and AI Security

Sweet Security Raises $75 Million for Cloud and AI Security 2025-11-12 at 15:42 By Ionut Arghire The cybersecurity startup will use the investment to accelerate global expansion and product innovation. The post Sweet Security Raises $75 Million for Cloud and AI Security appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Sweet Security Raises $75 Million for Cloud and AI Security Read More »

Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story

Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story 2025-11-07 at 13:28 By Mirko Zorz In this Help Net Security interview, Rik Mistry, Managing Partner at Interval Group, discusses how to align IT strategy with business goals. He explains how security, governance, and orchestration shape IT operations

Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story Read More »

DOJ Antitrust Review Clears Google’s $32 Billion Acquisition of Wiz

DOJ Antitrust Review Clears Google’s $32 Billion Acquisition of Wiz 2025-11-07 at 13:16 By Eduard Kovacs Google’s acquisition of Wiz is expected to close in 2026, but there are other reviews that need to be cleared. The post DOJ Antitrust Review Clears Google’s $32 Billion Acquisition of Wiz appeared first on SecurityWeek. This article is

DOJ Antitrust Review Clears Google’s $32 Billion Acquisition of Wiz Read More »

SonicWall cloud backup hack was the work of a state actor

SonicWall cloud backup hack was the work of a state actor 2025-11-06 at 15:30 By Zeljka Zorz Incident responders from Mandiant have wrapped up their investigation into the SonicWall cloud backup service hack, and the verdict is in: the culprit is a state-sponsored threat actor (though the specific nation wasn’t disclosed). “[The incident] was isolated

SonicWall cloud backup hack was the work of a state actor Read More »

Google says 2026 will be the year AI supercharges cybercrime

Google says 2026 will be the year AI supercharges cybercrime 2025-11-05 at 07:06 By Anamarija Pogorelec Security leaders are staring down a year of major change. In its Cybersecurity Forecast 2026, Google paints a picture of a threat landscape transformed by AI, supercharged cybercrime, and increasingly aggressive nation-state operations. Attackers are moving faster, scaling their

Google says 2026 will be the year AI supercharges cybercrime Read More »

New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs 

New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs  2025-10-29 at 10:23 By Eduard Kovacs Intel and AMD have published advisories after academics disclosed details of the new TEE.fail attack method. The post New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs  appeared first on SecurityWeek. This

New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs  Read More »

What Microsoft’s 2025 report reveals about the new rules of engagement in cyberdefense

What Microsoft’s 2025 report reveals about the new rules of engagement in cyberdefense 2025-10-24 at 10:42 By Anamarija Pogorelec Adversaries are using AI to sharpen attacks, automate operations, and challenge long-standing defenses, according to a new Microsoft report. Researchers describe a year in which criminal and state-backed actors blurred the lines between cybercrime, espionage, and

What Microsoft’s 2025 report reveals about the new rules of engagement in cyberdefense Read More »

Attackers target retailers’ gift card systems using cloud-only techniques

Attackers target retailers’ gift card systems using cloud-only techniques 2025-10-22 at 17:12 By Zeljka Zorz A newly uncovered attack campaign mounted by suspected Morocco-based attackers has been hitting global retailers and other businesses issuing gift cards. What makes this campaign stand out is how the threat actors avoid typical malware techniques and endpoint hacking and

Attackers target retailers’ gift card systems using cloud-only techniques Read More »

Attackers turn trusted OAuth apps into cloud backdoors

Attackers turn trusted OAuth apps into cloud backdoors 2025-10-22 at 15:43 By Zeljka Zorz Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain unnoticed for quite some time and allow attackers to maintain access to high-privileged accounts even after passwords are reset or

Attackers turn trusted OAuth apps into cloud backdoors Read More »

RMPocalypse: New Attack Breaks AMD Confidential Computing

RMPocalypse: New Attack Breaks AMD Confidential Computing 2025-10-14 at 14:08 By Ionut Arghire A vulnerability in RMP initialization allows the AMD processor’s x86 cores to maliciously control parts of the initial RMP state. The post RMPocalypse: New Attack Breaks AMD Confidential Computing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

RMPocalypse: New Attack Breaks AMD Confidential Computing Read More »

Attackers compromised ALL SonicWall firewall configuration backup files

Attackers compromised ALL SonicWall firewall configuration backup files 2025-10-09 at 15:41 By Zeljka Zorz The attackers who brute-forced their way into SonicWall’s firewall cloud backup service accessed configuration backup files of all customers who have used the service, SonicWall stated on Wednesday, following the conclusion of a Mandiant-supported investigation into the incident. Early reports suggested

Attackers compromised ALL SonicWall firewall configuration backup files Read More »

Scroll to Top