Improper cloud IAM leaving organizations at risk
There is an industry-wide cloud permissions gap crisis, leaving countless organizations at risk due to improper identity and access management (IAM), a CloudKnox Security …
misconfiguration
Using Salesforce? Here are 5 security and compliance considerations
When it comes to mission-critical cloud applications, today’s security teams have a laundry list of different focus areas. From ensuring cloud providers deliver adequate …
The SOC is blind to the attackable surface
A security operations center (SOC) is the central nervous system of any advanced cybersecurity program. Yet even the most well-funded, highly organized and properly equipped …
Cloud-native watering hole attack: Simple and potentially devastating
In this era of increasing technological complexity, watering hole attacks build on a model of simplicity. Just like predatory animals that hover near sources of water favored …
58% of IT and security pros concerned about security in the cloud
The Cloud Security Alliance and AlgoSec published research which queried nearly 1,900 IT and security professionals from a variety of organization sizes and locations, sought …
Open-source tool BlobHunter helps pinpoint public Azure blobs that might contain sensitive files
CyberArk researchers have released BlobHunter, an open-source tool organizations can use to discover Azure blobs containing sensitive files they have inadvertently made …
The 5G toolbox of defense
For the mobile communications industry, security has always held a prominent role. However, the onset of 5G – which introduces new network architectures, services and devices …
Accelerated cloud migration may leave business data insecure
The pandemic has accelerated digital transformation for 88% of global organizations. However, this increase in cloud adoption may leave business data insecure, Trend Micro …
Attackers exploit Twilio’s misconfigured cloud storage, inject malicious code into SDK
Twilio has confirmed that, for 8 or so hours on July 19, a malicious version of their TaskRouter JS SDK was being served from their one of their AWS S3 buckets. “Due to …
70% of organizations experienced a public cloud security incident in the last year
70% of organizations experienced a public cloud security incident in the last year – including ransomware and other malware (50%), exposed data (29%), compromised accounts …
Top security risks for companies to address as cloud migration accelerates
The ease and speed at which new cloud tools can be deployed is also making it harder for security teams to control their usage, IBM Security reveals. According to the data, …
Most companies suffered a cloud data breach in the past 18 months
Nearly 80% of the companies had experienced at least one cloud data breach in the past 18 months, and 43% reported 10 or more breaches, a new Ermetic survey reveals. According …
