cloud computing
Misconfigurations and IAM weaknesses top cloud security concerns
Traditional cloud security issues often associated with cloud service providers (CSPs) are continuing to decrease in importance, according to the Top Threats to Cloud …
Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080)
VMware by Broadcom has fixed two critical vulnerabilities (CVE-2024-37079, CVE-2024-37080) affecting VMware vCenter Server and products that contain it: vSphere and Cloud …
Critical Fluent Bit flaw affects major cloud platforms, tech companies’ offerings (CVE-2024-4323)
Tenable researchers have discovered a critical vulnerability (CVE-2024-4323) in Fluent Bit, a logging utility used by major cloud providers and tech companies, which may be …
VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250)
VMware Enhanced Authentication Plug-in (EAP), a plugin for VMware vSphere, has two vulnerabilities (CVE-2024-22245, CVE-2024-22250) that could be exploited by attackers to …
Embracing offensive cybersecurity tactics for defense against dynamic threats
In this Help Net Security, Alexander Hagenah, Head of Cyber Controls at SIX, discusses the critical steps in creating effective offensive security operations and their impact …
4 warning signs that your low-code development needs DevSecOps
Low code platforms have democratized development in the enterprise. They improve efficiency and enable companies to do more with less. But as you begin to do more you will …
Looney Tunables bug exploited for cryptojacking
Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into …
Cybersecurity workforce shortages: 67% report people deficits
The global cybersecurity workforce has reached 5.5 million people, an 8.7% increase from 2022, representing 440,000 new jobs, according to ISC2. While this is the highest …
The hidden costs of Java, and the impact of pricing changes
An overwhelming 98% of all the businesses surveyed use Java in their software applications or infrastructure, and 57% of those organizations indicate that Java is the backbone …
High-business-impact outages are incredibly expensive
In this Help Net Security video, Peter Pezaris, Chief Strategy and Design Officer at New Relic, discusses observability adoption and how full-stack observability leads to …
What AppSec and developers working in cloud-native environments need to know
All enterprise organizations are, in essence, software publishers, regardless of their industry. This is because every enterprise relies on custom software applications for …
Access control in cloud-native applications in multi-location environments (NIST SP 800-207)
NIST released Special Publication (SP) 800-207A – “A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Location …
Featured news
Sponsored
Don't miss
- Gateways to havoc: Overprivileged dormant service accounts
- The growing danger of visual hacking and how to protect against it
- Beyond human IAM: The rising tide of machine identities
- Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)
- EchoStrike: Generate undetectable reverse shells, perform process injection