February 21, 2024
Via: The RegisterThe complexity facing businesses as they make the necessary transition to cloud-native applications and multi-cloud architectures keeps cloud teams firmly on the frontline when it comes to implementing security policies. The constant risks of misconfiguration and malicious attack demand that […]
February 9, 2024
Via: SecureWorldThe cloud is the de facto platform for delivery of applications and services in the modern digital era. Identity as the new digital perimeter is the cornerstone for assuring secure “Anytime, Anywhere, Authorized” access to protect enterprise security and privacy. […]
Threats & Malware, Vulnerabilities
February 7, 2024
Via: The RegisterJetBrains is encouraging all users of TeamCity (on-prem) to upgrade to the latest version following the disclosure of a critical vulnerability in the CI/CD tool. Tracked as CVE-2024-23917, the vulnerability has been assigned a provisional 9.8 CVSS score and allows […]
Application security, Security
February 2, 2024
Via: The RegisterApplication programming interfaces (APIs) play a significant role in today’s digital economy, but at the same time they can also represent a data security vulnerability. While APIs serve as building blocks to modern app development, their proliferation and sprawl have […]
January 18, 2024
Via: The RegisterReports suggest that forward-looking organisations are ditching legacy point-based cloud security offerings and replacing them with more efficient integrated platforms which slash management overheads while significantly improving the app security. Cybersecurity Insiders notes that, in the past, companies have typically […]
January 11, 2024
Via: SecureWorldArun DeSouza is an award-winning thought leader with more than two decades of experience in global security leadership and organizational transformation. Working as CISO, DeSouza’s areas of expertise include strategic planning, risk management, identity management, cloud computing, and privacy. DeSouza […]
December 13, 2023
Via: The RegisterClose to a million records containing personally identifiable information belonging to donors that sent money to non-profits were found exposed in an online database. The database is owned and operated by DonorView – provider of a cloud-based fundraising platform used […]
December 13, 2023
Via: The RegisterIn China, clouds are a symbol of luck. See multiple layering of clouds in a blue sky can mean you are in line to receive eternal happiness. If only that was true in the complex world of IT, where multi-cloud […]
December 12, 2023
Via: The RegisterAn ex-First Republic Bank cloud engineer was sentenced to two years in prison for causing more than $220,000 in damage to his former employer’s computer network after allegedly using his company-issued laptop to watch pornography. Miklos Daniel Brody, 38, of […]
December 11, 2023
Via: The RegisterIn the natural world, there are ten different kinds of cloud – a rare simplicity in meteorological terms. But in our global business environment, there’s no single defining feature to aid classification. Multi-cloud environments in particular spawn a lot of […]
December 7, 2023
Via: The RegisterAustralia is building a top-secret cloud to host intelligence data and share it with the US and UK, which have their own clouds built for the same purpose. The three clouds were discussed on Monday by Andrew Shearer, Australia’s director-general […]
November 16, 2023
Via: The RegisterRackspace’s costs from last year’s ransomware infection continue to mount: the cloud hosting biz told America’s financial watchdog, the SEC, its total expenses to date regarding that cyberattack have reached $12 million – so far. The extortionware raid on the […]
Threats & Malware, Vulnerabilities
November 15, 2023
Via: Security AffairsVMware disclosed an authentication bypass vulnerability, tracked as CVE-2023-34060 (CVSS score 9.8), in its Cloud Director Appliance that can be exploited by an attacker with network access to the appliance bypassing login restrictions when authenticating on port 22 (ssh) or […]
Threats & Malware, Vulnerabilities
November 6, 2023
Via: TechRadarCybersecurity researchers from Zscaler have discovered more than a hundred vulnerabilities in Microsoft 365 that were introduced with the addition of SketchUp into the cloud productivity suite. To make matters worse, they claim to have managed to bypass the patches […]
November 3, 2023
Via: Dark ReadingOracle now requires multifactor authentication on all instances within its cloud environment, Oracle Cloud Infrastructure. Every new tenancy is created with MFA enabled by default for cloud administrators, Oracle said. The company also “seeded” all preexisting systems to have a […]
November 3, 2023
Via: Dark ReadingBusinesses value the availability, scalability, and reliability of the cloud. They recognize that cloud computing can enable data to flow freely to where it needs to be accessed and processed, providing a huge advantage for organizations that operate on a […]
Application security, Security
October 23, 2023
Via: The RegisterThere is no longer an off button for businesses and organizations, no closed signs, or downtime. This means enterprise IT operations and data assets must be protected round the clock in all operating environments. In the past this has often […]
September 18, 2023
Via: TechRadarOf all the vulnerabilities an organization’s system has, the majority sit within its cloud environment, a new report from cybersecurity researchers Unit 42, part of Palo Alto Networks, has found. As per the report, four in five (80%) of all […]
September 13, 2023
Via: Help Net SecurityMirantis released Mirantis Kubernetes Engine (MKE) 3.7.0, that adds an automatic rollback feature along with fine-grained observability of components, which ensure maximum uptime and high performance, as part of Mirantis’ ZeroOps approach to streamline operations. “Our ZeroOps approach to cloud […]
September 13, 2023
Via: Help Net SecurityCisco has unveiled Cisco Secure Application (previously Security Insights for Cloud Native Application Observability) on the Cisco Full-Stack Observability Platform, enabling organizations to bring together application and security teams to securely develop and deploy applications. The latest release of Cisco […]