Cloud security

Center of Excellence

Cloud security

Improper configuration and neglect for system hardening can leave organizations' cloud environments vulnerable to attack.

Hardening and monitoring cloud configuration

Daniel ThomasAugust 12, 2022

Security experts have repeatedly recommended system hardening to reduce vulnerabilities in the cloud. But what does that entail? This article explains while offering additional guidance to better monitor the integrity of cloud configurations.

Cloud security

Cloudflare avoided breach despite employees falling for same scam that snared Twilio

Stephen WeigandAugust 9, 2022

One day after Twilio announced a breach after an attacker successfully stole employee credentials in a phishing scam, Cloudflare posted on its blog Tuesday that it believes its employees were targeted in a similar attack.

Cloud security

SMS phishing nabs Twilio employee credentials, allowed access to customer data

Stephen WeigandAugust 8, 2022

Cloud-based communications platform Twilio said a limited number of customer accounts were accessed after a sophisticated phishing attack successfully nabbed employee credentials.

Cloud security

Qualys’ new approach to reducing vulnerabilities and cyber risk

Paul WagenseilJuly 1, 2022

Qualys' new version of its VMDR vulnerability-management platform adds cyber-risk assessment and management tools. The company's Mahul Revankar takes time at RSAC 2022 to explain how it all works to Bill Brenner.

Cloud security

Most companies are at an entry-level when it comes to cloud security

Steve ZurierAugust 5, 2022

Only 16% of respondents ranked on the Ermetic Cloud Security Model at the top two levels, and 80% of companies said they lack a dedicated security team responsible for protecting cloud resources from threats.

Cloud security

IT security company ZeroFox goes public despite concerns over market conditions

Steve ZurierAugust 4, 2022

Security industry analysts pointed out that ZeroFox may be the only “pure” cyber threat intelligence (CTI) company to have ever gone public.

Cloud security

A new type of cryptomining attack aims to hijack network bandwidth

Steve ZurierAugust 3, 2022

Security researchers say these cryptoming attacks are focused less on the average person’s computers and more on the large cloud providers.

Cloud security

Twitter account takeovers possible as thousands of apps found to leak API keys

Steve ZurierAugust 2, 2022

Security researchers say Twitter API keys case stands as one in a long line of cloud security incidents caused by misconfigured APIs.

Cloud security

Two XSS vulnerabilities found in Google Cloud Platform

Steve ZurierAugust 1, 2022

A security researcher late last week disclosed that they found two vulnerabilities in the Google Cloud Platform, one on DevSite, the other on Google Play — bad code that could have led to hijacked accounts via cross-site scripting (XSS) attacks.

Hardening and monitoring cloud configuration

Cloudflare avoided breach despite employees falling for same scam that snared Twilio

SMS phishing nabs Twilio employee credentials, allowed access to customer data

Qualys’ new approach to reducing vulnerabilities and cyber risk

Most companies are at an entry-level when it comes to cloud security

IT security company ZeroFox goes public despite concerns over market conditions

A new type of cryptomining attack aims to hijack network bandwidth

Twitter account takeovers possible as thousands of apps found to leak API keys

Two XSS vulnerabilities found in Google Cloud Platform

Related Events

Palo Alto – The rise of the XDR market: Tracing its growth and debunking its myths

How to Protect Your Applications in the Multi-Cloud

Managing Network Exposure in AWS

Perspectives

Digital experience has become a security issue

Why managing machine identities has become a critical part of the security equation

Don’t let IaaS overshadow SaaS apps

Briefs

Microsoft Azure, Google sites exploited in large-scale crypto theft campaign

CISA: Windows, UnRAR vulnerabilities under active exploitation

Funding round secures $16M for Spin Technology