Content Paint
Search
Sign in

cloud security

cloud security  | Jun 26, 2024
Malware that spreads via Redis now capable of deploying ransomware
Malware that spreads via Redis now capable of deploying ransomware

P2Pinfect now able to deploy ransomware and crypto miner payloads.

AWS  | Apr 16, 2024
AWS overhauls IAM control plane after vulnerability exposed users
AWS amplify IAM vulnerability CVE-2024-28056

Datadog suggests AWS Amplify users conduct "an audit of your roles and potential threat activity" after investigation.

AWS  | Apr 10, 2024
AWS took 6 months to fix Security Token Service bug - IAM policy simulator inadequate, says Stedi
AWS took 6 months to fix Security Token Service bug - IAM policy simulator inadequate, says Stedi

"No system is infallible. Sometimes, it is AWS..."

Kubernetes  | Jan 29, 2024
A NASDAQ-listed firm left its Kubernetes clusters perilously exposed. 1,000+ have fallen into the same trap. Here’s why
A NASDAQ-listed firm left its Kubernetes clusters perilously exposed. 1,000+ have fallen into the same trap. Here’s why

Google says "we've taken several steps to reduce the risk of users making authorization errors with the Kubernetes built-in users and groups, including..."

News  | Aug 29, 2023
Google talks up AI, security for cloud
Google talks up AI, security for cloud

Google unveiled a series of AI-centric features for its various cloud offerings, with security in particular being a focus

cloud security  | Jul 04, 2023
Reimagining cloud-native security for developers and platform owners
Reimagining cloud-native security for developers and platform owners

Even with ‘traditional’ configuration of resources in the cloud - and Kubernetes becomes a more extreme example of this – what is crystal clear is that security cannot stay outside of the development and DevOps teams."

Azure  | Jun 22, 2023
Microsoft admits “insecure pattern” in Azure AD exposed customers to risk of data loss, account takeover
Microsoft admits “insecure pattern” in Azure AD exposed customers to risk of data loss, account takeover

"The risk is mainly with multi-tenant applications where this misconfiguration could result [in] account and privilege escalation" -- here's what you need to do.

Cybersecurity  | May 08, 2023
Cryptojacking: Low Risk for Them, High Cost for You
Cryptojacking: Low Risk for Them, High Cost for You

With harvested credentials some groups spun up additional resources until they exhausted the credit cards on file...

Cybersecurity  | Mar 01, 2023
Novel cloud attack pivoted from K8s to Lambda, pulled IAM keys from Terraform
Novel cloud attack pivoted from K8s to Lambda, pulled IAM keys from Terraform

A recent attack tracked by researchers at cloud security company Sysdig saw the attackers use an exposed Kubernetes container to move laterally to the victim’s AWS account – gaining initial access by exploiting a public-facing service in a self-managed Kubernetes cluster hosted inside an AWS cloud account. The company'

Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.