Cloud Security | News, how-tos, features, reviews, and videos
Deleting unneeded cloud assets but not the records that point to them can allow attacker to exploit your subdomains.
New AI-driven tools aim to simplify and bolster policies, alerts and prevention to reduce complexity when setting security policies and assess traffic without decryption.
The AMBERSQUID cryptojacking campaign exploits cloud services without triggering AWS approval processes.
Vulnerabilities affect data center services commonly used by organizations and could be exploited by attackers to gain system access and perform remote code execution.
Exploiting Cloudflare Tunnel requires little skill and potentially could compromise and entire network.
A new proof of concept shows that attackers can use Azure AD CTS to leap to Microsoft and non-Microsoft application across tenants.
Permissions for predefined Google Cloud Build user roles can be abused for privilege escalation.
Threat actors are concealing campaigns to evade detection and establish stronger footholds in compromised systems.
Threat actors now use Legion to steal AWS-specific credentials from web servers to enable email and SMS spam campaigns.
Cloud threat detection and response vendor has applied ChatGPT features to its platform in two distinct ways — earlier detection of malicious activity and explicability of attacks as they progress.