misconfiguration
Unprotected CVS database exposed sensitive customer searches
Researchers have discovered an unprotected, exposed online database with over a billion records belonging to American healthcare company CVS Health. The discovery, made by …
Most organizations fail to fix cloud misconfiguration issues in a timely manner
A significant majority of companies that move to multi-cloud environments are not properly configuring their cloud-based services, Aqua Security reveals. According to the …
Acting on a security risk assessment of your organization’s use of Salesforce
Salesforce isn’t rocket science, but the software has an incredible array of tools, which is why securing it demands a unique (and sometimes complex) approach. If you’re …
Cloud native adoption increasing security concerns
Cloud native adoption has both transformed the way organizations build modern applications and resulted in increased security threats and concerns, according to a research by …
Kubestriker: A security auditing tool for Kubernetes clusters
Kubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters. It performs a variety of checks on a range of services …
Complexity and budgetary constraints complicate cloud security
While spending on cloud services is high, with more than half of respondents having spent more than $10 million and 11% having spent more than $100 million in the last three …
Improper cloud IAM leaving organizations at risk
There is an industry-wide cloud permissions gap crisis, leaving countless organizations at risk due to improper identity and access management (IAM), a CloudKnox Security …
Using Salesforce? Here are 5 security and compliance considerations
When it comes to mission-critical cloud applications, today’s security teams have a laundry list of different focus areas. From ensuring cloud providers deliver adequate …
The SOC is blind to the attackable surface
A security operations center (SOC) is the central nervous system of any advanced cybersecurity program. Yet even the most well-funded, highly organized and properly equipped …
Cloud-native watering hole attack: Simple and potentially devastating
In this era of increasing technological complexity, watering hole attacks build on a model of simplicity. Just like predatory animals that hover near sources of water favored …
58% of IT and security pros concerned about security in the cloud
The Cloud Security Alliance and AlgoSec published research which queried nearly 1,900 IT and security professionals from a variety of organization sizes and locations, sought …
Open-source tool BlobHunter helps pinpoint public Azure blobs that might contain sensitive files
CyberArk researchers have released BlobHunter, an open-source tool organizations can use to discover Azure blobs containing sensitive files they have inadvertently made …
Featured news
Resources
Don't miss
- Researchers warn of ongoing Entra ID account takeover campaign
- LockBit panel data leak shows Chinese orgs among the most targeted
- Identifying high-risk APIs across thousands of code repositories
- Want fewer security fires to fight? Start with threat modeling
- Build a mobile hacking rig with a Pixel and Kali NetHunter