Orca aims to fix ‘fundamentally broken’ cloud security with latest funding round
The company raised $55 million in Series B funding, and from May 2020 to the end of next year expects to nearly triple its R&D team.
About SC Media
Cloud Security News and Analysis
NSA: Russian-linked hackers are exploiting new VMWare product vulnerabilities to steal data
NSA strongly urged network administrators that work in or with the Defense Department to prioritize patching, but the vulnerability extends to all companies that rely on the VMWare products.
CISOs face a whole new budget world this year
The first priority for CISOs has become building cyber resilience. This means migrating to the cloud, enforcing cloud security, and enabling a “work from anywhere” workforce. We’ll see this play out through investment in three distinct areas.
Cloud security mapping startup Lightspin comes out of stealth
The company uses graph-based tools and algorithms to analyze the security posture of an organization’s cloud stack, identifying misconfigurations or problematic permission policies in order plot out the most likely avenues of attack.
Attackers can abuse a misconfigured IAM role across 16 Amazon services
Researchers at Palo Alto’s Unit 42 have confirmed that they have compromised a customer’s AWS cloud account with thousands of workloads.
NYC demonstrates ‘gold standard’ in cyber resilience amid pandemic
Because it was prepared, Cyber Command was able to essentially “move from a centralized SOC to a managed, distributed environment,” said Quiessence Phillips, deputy CISO of the NYC Cyber Command.
Cisco moves to buy cloud and container security startup
The deal is emblematic of how networking and application development have become increasingly tethered to one another in the marketplace.
Security teams struggle with ransomware, cloud services
Ransomware, insecure internet-facing systems and attacks against cloud-based services are among the top threats facing industry this year, according to new and recent threat intelligence reporting. The Q2 threat report released today by Rapid7 and detailing the latest tools and tactics used in cyber campaigns targeting the private sector, pegged the manufacturing sector as the…
U.S. charges 7 alleged state-sanctioned Chinese hackers
The Department of Justice on Wednesday unsealed indictments secured between August 2019 and August 2020 of seven foreign nationals accused of a bevy of international hacking incidents. The five Chinese and two Malaysian defendants are alleged members of a group often called APT 41, Wicked Panda or Wicked Spider, which is known to commit economic…
G Suite flaw mitigated after disclosure, but Google Drive still vulnerable
The validation vulnerability in Google Drive could result in users downloading malware.
Want to read more?
Next post in Vulnerabilities
