misconfiguration
Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717)
Advanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service providers with a custom-made …
Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom
Cybercriminals are breaking into organizations’ cloud storage containers, exfiltrating their sensitive data and, in several cases, have been paid off by the victim …
Building a strong cloud security posture
In this Help Net Security video, David Kellerman, Field CTO at Cymulate, discusses how cloud security still seems to lag even as the cloud grows in popularity and usage. Many …
Common cloud security mistakes and how to avoid them
According to recent surveys, 98% of organizations keep their financial, business, customer and/or employee information in the cloud but, at the same time, 95% of cloud …
DIY attack surface management: Simple, cost-effective and actionable perimeter insights
Modern-day attack surface management (ASM) can be an intimidating task for most organizations, with assets constantly changing due to new deployments, assets being …
How to avoid the 4 main pitfalls of cloud identity management
Securing cloud identities isn’t easy. Organizations need to complete a laundry list of actions to confirm proper configuration, ensure clear visibility into identities, …
The blueprint for a highly effective EASM solution
In this Help Net Security interview, Adrien Petit, CEO at Uncovery, discusses the benefits that organizations can derive from implementing external attack surface management …
Experts demand clarity as they struggle with cloud security prioritization
Cloud Native Application Protection Platforms (CNAPPs) have emerged as a critical category of security tooling in recent years due to the complexity of comprehensively …
Maintaining consistent security in diverse cloud infrastructures
As cloud infrastructures become increasingly API-driven and dynamically spread across expansive attack surfaces, achieving clarity proves difficult. Compounding this challenge …
Kubernetes clusters face widespread attacks across numerous organizations
In this Help Net Security video, Assaf Morag, Lead Threat Intelligence Analyst at Aqua Security, discusses research that discovered openly accessible and unprotected …
Common insecure configuration opens Apache Superset servers to compromise
An insecure default configuration issue (CVE-2023-27524) makes most internet-facing Apache Superset servers vulnerable to attackers, Horizon3.ai researchers have discovered. …
Financial organizations more prone to accidental data leakage
Netwrix announced additional findings for the financial and banking sector from its global 2022 Cloud Security Report. Compared to other industries surveyed, financial …
Featured news
Sponsored
Don't miss
- Exposed: Russian military Unit 29155 does digital sabotage, espionage
- Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)
- September 2024 Patch Tuesday forecast: Downgrade is the new exploit
- Human firewalls are essential to keeping SaaS environments safe
- Respotter: Open-source Responder honeypot