cloud security

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts

cloud security, computer forensics, Don't miss, GitHub, Google Drive, News, open source, software /

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts 2024-01-04 at 07:31 By Mirko Zorz DriveFS Sleuth automates the investigation of Google Drive File Stream disk artifacts. The tool can parse the disk artifacts and build a filesystem tree-like structure enumerating the synchronized files along with their respective properties. “While engaged […]

React to this headline:

Loading spinner

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts Read More »

SentinelOne Snaps up Seed-Stage CNAPP Startup PingSafe

Application Security, cloud security, CNAPP, PingSafe, SentinelOne /

SentinelOne Snaps up Seed-Stage CNAPP Startup PingSafe 2024-01-03 at 22:01 By Ryan Naraine SentinelOne plans to acquire PingSafe in a cash-and-stock deal that adds cloud native application protection platform (CNAPP) technologies. The post SentinelOne Snaps up Seed-Stage CNAPP Startup PingSafe appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

SentinelOne Snaps up Seed-Stage CNAPP Startup PingSafe Read More »

Are Security Appliances fit for Purpose in a Decentralized Workplace?

cloud security, Network Security, SASE /

Are Security Appliances fit for Purpose in a Decentralized Workplace? 2024-01-02 at 21:01 By Etay Maor Security appliances are amongst the most riskiest enterprise devices and are a often method for threat actors to infiltrate a business. The post Are Security Appliances fit for Purpose in a Decentralized Workplace? appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Are Security Appliances fit for Purpose in a Decentralized Workplace? Read More »

Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover

cloud security, GKE, Kubernetes, Vulnerabilities /

Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover 2023-12-29 at 14:02 By Ionut Arghire Two flaws in Google Kubernetes Engine could be exploited to escalate privileges and take over the Kubernetes cluster. The post Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover Read More »

Tackling cloud security challenges head-on

Aqua Security, BigID, cloud security, cybersecurity, Node4, Splunk, Video, VMWare /

Tackling cloud security challenges head-on 2023-12-26 at 07:32 By Help Net Security Cloud security is a critical aspect of modern computing, as businesses and individuals increasingly rely on cloud services to store, process, and manage data. Cloud computing offers numerous benefits, including scalability, flexibility, and cost efficiency, but it also introduces unique security challenges that

React to this headline:

Loading spinner

Tackling cloud security challenges head-on Read More »

Cisco to Acquire Isovalent, Add eBPF Tech to Cloud Portfolio

a16z, Cisco, cloud security, eBPF, Funding/M&A, Isovalent, Microsoft /

Cisco to Acquire Isovalent, Add eBPF Tech to Cloud Portfolio 21/12/2023 at 23:32 By Ryan Naraine Isovalent raised about 70 million in funding from prominent investors including Microsoft’s venture fund, Google, and Andreessen Horowitz. The post Cisco to Acquire Isovalent, Add eBPF Tech to Cloud Portfolio appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Cisco to Acquire Isovalent, Add eBPF Tech to Cloud Portfolio Read More »

New AI Safety Initiative Aims to Set Responsible Standards for Artificial Intelligence

Anthropic, Artificial Intelligence, ChatGPT, cloud security, Microsoft, OpenAI /

New AI Safety Initiative Aims to Set Responsible Standards for Artificial Intelligence 13/12/2023 at 21:32 By SecurityWeek News Major software vendors sign on to a new security initiative to create trusted best practices for artificial intelligence deployments. The post New AI Safety Initiative Aims to Set Responsible Standards for Artificial Intelligence appeared first on SecurityWeek.

React to this headline:

Loading spinner

New AI Safety Initiative Aims to Set Responsible Standards for Artificial Intelligence Read More »

Short-term AWS access tokens allow attackers to linger for a longer while

access management, Amazon Web Services, authentication, cloud security, Don't miss, Hot stuff, News, Red Canary /

Short-term AWS access tokens allow attackers to linger for a longer while 07/12/2023 at 17:32 By Zeljka Zorz Attackers usually gain access to an organization’s cloud assets by leveraging compromised user access tokens obtained via phishing, by using malware, or by finding them in public code repositories. These are long-term access tokens associated with an

React to this headline:

Loading spinner

Short-term AWS access tokens allow attackers to linger for a longer while Read More »

Microsoft Hires New CISO in Major Security Shakeup

CISO, CISO Strategy, cloud security, CSRB, Featured, Management & Strategy, Microsoft /

Microsoft Hires New CISO in Major Security Shakeup 06/12/2023 at 20:31 By Ryan Naraine Microsoft announced a major shakeup of its security hierarchy, removing the CISO and Deputy CISO and handing the reins to a recent hire who previously served as CTO and President at Bridgewater. The post Microsoft Hires New CISO in Major Security

React to this headline:

Loading spinner

Microsoft Hires New CISO in Major Security Shakeup Read More »

Top Guns: Defending Corporate Clouds from Malicious Mavericks

Cloud, cloud security, pentesting /

Top Guns: Defending Corporate Clouds from Malicious Mavericks 04/12/2023 at 19:49 By Tom Eston While applications and cloud infrastructure present different risk profiles and require different security assessments, they must not be viewed separately with regards to enterprise defense. The post Top Guns: Defending Corporate Clouds from Malicious Mavericks appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Top Guns: Defending Corporate Clouds from Malicious Mavericks Read More »

Bridging the gap between cloud vs on-premise security

Cato Networks, Cloud, cloud security, cybersecurity, Don't miss, Expert analysis, Expert corner, firewall, Hot stuff, News, opinion, policy /

Bridging the gap between cloud vs on-premise security 01/12/2023 at 08:03 By Help Net Security With the proliferation of SaaS applications, remote work and shadow IT, organizations feel obliged to embrace cloud-based cybersecurity. And rightly so, because the corporate resources, traffic, and threats are no longer confined within the office premises. Cloud-based security initiatives, such

React to this headline:

Loading spinner

Bridging the gap between cloud vs on-premise security Read More »

Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets

access, AWS, Cloud, cloud security, IAM, Identity & Access /

Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets 28/11/2023 at 17:17 By Eduard Kovacs AWS announces Amazon One Enterprise, a palm-based identity service that enables users to easily access physical locations and digital assets. The post Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets Read More »

Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets

Aqua Security, cloud security, container, Data Breaches, Kubernetes, supply chain, Supply Chain Security /

Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets 22/11/2023 at 20:31 By Ryan Naraine Researchers at Aqua call urgent attention to the public exposure of Kubernetes configuration secrets, warning that hundreds of organizations are vulnerable to this “ticking supply chain attack bomb.” The post Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets appeared first on

React to this headline:

Loading spinner

Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets Read More »

Traditional cloud security isn’t up to the task

Cloud, cloud security, cybersecurity, data, data breach, Illumio, News, report, strategy, survey, zero trust /

Traditional cloud security isn’t up to the task 17/11/2023 at 09:02 By Help Net Security In the last year, 47% of all data breaches originated in the cloud, and more than 6 in 10 respondents believe cloud security is lacking and poses a severe risk to their business operations, according to Illumio. The average organization

React to this headline:

Loading spinner

Traditional cloud security isn’t up to the task Read More »

Critical Authentication Bypass Flaw in VMware Cloud Director Appliance

cloud security, CVE-2023-34060, CVSS 9.8, Network Security, Patch Tuesday, VMWare, Vulnerabilities /

Critical Authentication Bypass Flaw in VMware Cloud Director Appliance 15/11/2023 at 00:32 By Ryan Naraine VMware flaw carries a CVSS severity-score of 9.8/10 and can be exploited to bypass login restrictions when authenticating on certain ports. The post Critical Authentication Bypass Flaw in VMware Cloud Director Appliance appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Critical Authentication Bypass Flaw in VMware Cloud Director Appliance Read More »

MySQL Servers, Docker Hosts Infected With DDoS Malware

botnet, cloud security, cybercrime, DDoS, Docker, Malware & Threats, MySQL /

MySQL Servers, Docker Hosts Infected With DDoS Malware 14/11/2023 at 19:47 By Ionut Arghire Researchers warn attackers are targeting MySQL servers and Docker hosts to plant malware capable of launching distributed DDoS attacks. The post MySQL Servers, Docker Hosts Infected With DDoS Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

MySQL Servers, Docker Hosts Infected With DDoS Malware Read More »

Palo Alto to Acquire Talon, Intensifying Competition in Cloud Data Security 

Chromium, cloud security, Enterprise Browser, Funding/M&A, Identity & Access, Island, M&A Tracker, Palo Alto Networks, Talon /

Palo Alto to Acquire Talon, Intensifying Competition in Cloud Data Security  06/11/2023 at 20:31 By Ryan Naraine Technology powerhouse Palo Alto Networks is officially on a billion-dollar shopping spree in the cloud data security space. The post Palo Alto to Acquire Talon, Intensifying Competition in Cloud Data Security  appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Palo Alto to Acquire Talon, Intensifying Competition in Cloud Data Security  Read More »

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks 

Cloud, cloud security, exploited, Featured, Linux /

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks  06/11/2023 at 17:06 By Eduard Kovacs Glibc vulnerability affecting major Linux distributions and tracked as Looney Tunables exploited in cloud attacks by Kinsing group.  The post ‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks  Read More »

Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop

BeyondTrust, CISO Strategy, cloud security, Cloudflare, Data Breaches, HAR files, Identity & Access, Okta /

Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop 04/11/2023 at 19:31 By Ryan Naraine Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop. The post Okta Hack Blamed on Employee Using Personal Google Account on Company

React to this headline:

Loading spinner

Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop Read More »

Microsoft launches new initiative to augment security

Application Security, Artificial Intelligence, cloud security, Don't miss, Hot stuff, identity protection, Microsoft, News, software development, strategy /

Microsoft launches new initiative to augment security 03/11/2023 at 14:48 By Zeljka Zorz Nearly 22 years after Bill Gates announced a concerted Microsoft-wide push to deliver Trustworthy Computing, the company is launching the Secure Future Initiative, to boost the overall security of Microsoft’s products and its customers and users. A new Microsoft initiative focused on

React to this headline:

Loading spinner

Microsoft launches new initiative to augment security Read More »

Scroll to Top