misconfiguration
Maintaining consistent security in diverse cloud infrastructures
As cloud infrastructures become increasingly API-driven and dynamically spread across expansive attack surfaces, achieving clarity proves difficult. Compounding this challenge …
Kubernetes clusters face widespread attacks across numerous organizations
In this Help Net Security video, Assaf Morag, Lead Threat Intelligence Analyst at Aqua Security, discusses research that discovered openly accessible and unprotected …
Common insecure configuration opens Apache Superset servers to compromise
An insecure default configuration issue (CVE-2023-27524) makes most internet-facing Apache Superset servers vulnerable to attackers, Horizon3.ai researchers have discovered. …
Financial organizations more prone to accidental data leakage
Netwrix announced additional findings for the financial and banking sector from its global 2022 Cloud Security Report. Compared to other industries surveyed, financial …
The cybersecurity trends organizations will soon be dealing with
In this interview with Help net Security, Brad Jones, VP of Information Security at Seagate Technology, talks about cybersecurity trends organizations will be dealing with …
Security “sampling” puts US federal agencies at risk
Titania launched an independent research report that uncovers the impact of exploitable misconfigurations on the security of networks in the US federal government. The study, …
Risk management focus shifts from external to internal exposure
Coalfire released its fourth annual Securealities Penetration Risk Report which analyzes enterprise and cloud service providers (CSPs) internal and external attack vectors, …
Organizations should fear misconfigurations more than vulnerabilities
Censys launched its State of the Internet Report, a holistic view into internet risks and organizations’ exposure to them. Through careful examination of which ports, …
The impact of exploitable misconfigurations on network security
Network professionals feel confident with their security and compliance practices but data suggests that they also leave their organizations open to risk, which is costing a …
The most common exploit paths enterprises leave open for attackers
Exposed version control repositories, leaked secrets in public code repositories, a subdomain vulnerable to takover, exposed Amazon S3 buckets, and Microsoft Exchange Server …
Top attack techniques for breaching enterprise and cloud environments
In this video for Help Net Security, Zur Ulianitzky, Head of Research at XM Cyber, talks about the top attack techniques used by threat actors to compromise critical assets in …
The perils of SaaS misconfigurations
The Cloud Security Alliance (CSA) released the findings of an Adaptive Shield survey, offering insight into the industry’s knowledge, attitudes, and opinions regarding SaaS …
Featured news
Resources
Don't miss
- Identifying high-risk APIs across thousands of code repositories
- Want fewer security fires to fight? Start with threat modeling
- Build a mobile hacking rig with a Pixel and Kali NetHunter
- Infostealer crackdown: Operation Secure takes down 20,000 malicious IPs and domains
- Connectwise is rotating code signing certificates. What happened?