cloud computing
Looney Tunables bug exploited for cryptojacking
Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into …
Cybersecurity workforce shortages: 67% report people deficits
The global cybersecurity workforce has reached 5.5 million people, an 8.7% increase from 2022, representing 440,000 new jobs, according to ISC2. While this is the highest …
The hidden costs of Java, and the impact of pricing changes
An overwhelming 98% of all the businesses surveyed use Java in their software applications or infrastructure, and 57% of those organizations indicate that Java is the backbone …
High-business-impact outages are incredibly expensive
In this Help Net Security video, Peter Pezaris, Chief Strategy and Design Officer at New Relic, discusses observability adoption and how full-stack observability leads to …
What AppSec and developers working in cloud-native environments need to know
All enterprise organizations are, in essence, software publishers, regardless of their industry. This is because every enterprise relies on custom software applications for …
Access control in cloud-native applications in multi-location environments (NIST SP 800-207)
NIST released Special Publication (SP) 800-207A – “A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Location …
Lack of visibility into cloud access policies leaves enterprises flying blind
Fragmented access policies are top security concern in multi-cloud environments, with more than 75% of enterprises reporting they do not know where applications are deployed …
Maintaining consistent security in diverse cloud infrastructures
As cloud infrastructures become increasingly API-driven and dynamically spread across expansive attack surfaces, achieving clarity proves difficult. Compounding this challenge …
Attackers can turn AWS SSM agents into remote access trojans
Mitiga researchers have documented a new post-exploitation technique attackers can use to gain persistent remote access to AWS Elastic Compute Cloud (EC2) instances (virtual …
How CISOs navigate security and compliance in a multi-cloud world
Due to the increasing importance of multi-cloud and the intricate nature of cloud infrastructure, obtaining a comprehensive understanding of the various cloud workloads …
Organizations face an uphill battle to keep their sensitive data secure
On average, organizations store 61% of their sensitive data in the cloud, and most have experienced at least one cybersecurity breach (90%), threat (89%) and/or theft of data …
Application and cloud security is a shared responsibility
Cloud environments and application connectivity have become a critical part of many organizations’ digital transformation initiatives. In fact, nearly 40% of North American …
Featured news
Resources
Don't miss
- Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703)
- 18 arrested in €300 million global credit card fraud scheme
- PortGPT: How researchers taught an AI to backport security patches automatically
- AI can flag the risk, but only humans can close the loop
- VulnRisk: Open-source vulnerability risk assessment platform