cloud security
![key](https://img.helpnetsecurity.com/wp-content/uploads/2018/06/09100900/key-400x200.jpg)
How Chinese hackers got their hands on Microsoft’s token signing key
The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 …
![eyes](https://img.helpnetsecurity.com/wp-content/uploads/2023/08/19143700/eyes-400x200.jpg)
Lack of visibility into cloud access policies leaves enterprises flying blind
Fragmented access policies are top security concern in multi-cloud environments, with more than 75% of enterprises reporting they do not know where applications are deployed …
![Kennedy Torkura](https://img.helpnetsecurity.com/wp-content/uploads/2023/08/16131056/kennedy_torkura-2-mitigant-400x200.jpg)
Maintaining consistent security in diverse cloud infrastructures
As cloud infrastructures become increasingly API-driven and dynamically spread across expansive attack surfaces, achieving clarity proves difficult. Compounding this challenge …
![AWS](https://img.helpnetsecurity.com/wp-content/uploads/2023/08/02145128/aws-depth-400x200.jpg)
Attackers can turn AWS SSM agents into remote access trojans
Mitiga researchers have documented a new post-exploitation technique attackers can use to gain persistent remote access to AWS Elastic Compute Cloud (EC2) instances (virtual …
![cloud](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/25142723/cloudfiles1-400x200.jpg)
Keeping the cloud secure with a mindset shift
Gartner estimates that in 2023 worldwide end-user spending on public cloud services will grow by 21.7% and hit nearly $600 billion. Even as the economic downturn has most …
![Microsoft](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/20122917/microsoft-storm2-400x200.jpg)
Thanks Storm-0558! Microsoft to expand default access to cloud logs
Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, …
![lock](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/07131850/lock-texture-400x200.jpg)
Exploring the macro shifts in enterprise security
The number of successful ransomware attacks and data breach attempts fell by 30% over the last year, the number of reported security incident types at organizations increased, …
![servers](https://img.helpnetsecurity.com/wp-content/uploads/2023/05/23131508/servers-cloud-400x200.png)
Only 45% of cloud data is currently encrypted
39% of businesses have experienced a data breach in their cloud environment last year, an increase on the 35% reported in 2022, according to Thales. In addition, human error …
![Microsoft](https://img.helpnetsecurity.com/wp-content/uploads/2021/02/19130114/microsoft-hand-400x200.jpg)
Chinese hackers forged authentication tokens to breach government emails
Sophisticated hackers have accessed email accounts of organizations and government agencies via authentication tokens they forged by using an acquired Microsoft account (MSA) …
![gap](https://img.helpnetsecurity.com/wp-content/uploads/2017/01/09105311/gap-400x200.png)
One third of security breaches go unnoticed by security professionals
While surface-level confidence around hybrid cloud security is high, with 94% of global respondents stating their security tools and processes provide them with complete …
![cloud](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/25142723/cloudfiles1-400x200.jpg)
95% fear inadequate cloud security detection and response
Although numerous respondents acknowledged employing risky practices and behaviors within their cloud environments, they strongly believe in the effectiveness of their …
![honeypot](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/21105315/honeypot1-400x200.jpg)
Uncovering attacker tactics through cloud honeypots
Attackers typically find exposed “secrets” – pieces of sensitive information that allow access to an enterprise cloud environment — in as little as two minutes and, in …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege