BlackCat ransomware hits Azure Storage with Sphynx encryptor
The BlackCat (ALPHV) ransomware gang now uses stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt targets' Azure cloud storage. [...]
Stay updated with the latest trends and security protocols in cloud computing. Navigate the evolving landscape of Cloud Information Security with us.
Search across headline titles and summaries.
Background for this topic.
Cloud computing involves delivering computing services—such as storage, processing, and networking—over the internet using remote data centers. This model enables organizations to scale resources dynamically without owning physical infrastructure. In security terms, the cloud environment is defined by multi-tenant infrastructure where multiple customers share hardware and software resources managed by a cloud provider.
Key security concerns include controlling access through strong identity and access management (IAM), protecting data with encryption both at rest and in transit, and managing vulnerabilities in shared infrastructure components. The cloud’s shared responsibility model requires customers to secure their applications and data while providers secure the underlying platform. Misconfigurations, weak access controls, and insufficient monitoring can expose cloud assets to unauthorized access or data leakage, making precise configuration and continuous security assessment essential.
The BlackCat (ALPHV) ransomware gang now uses stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt targets' Azure cloud storage. [...]
Software company Retool says the accounts of 27 cloud customers were compromised following a targeted and multi-stage social engineering attack. [...]
The shared responsibility model was good enough to cover the first years of the cloud revolution, but the model is showing its limitations. Shared fate is a more mature model for the future of cloud security.
Palo Alto Networks found that over 45% of organizations’ high-risk exposures in the cloud were due to cloud providers introducing new services
Company noticed data warehouse break-in via compromised account a month later Cloud-based bug tracking and monitoring platform Rollbar has warned users that attackers have rifled through their data.…
Employee offboarding is no one’s favorite task, yet it is a critical IT process that needs to be executed diligently and efficiently. That’s easier said than done, especially considering that IT organizations have less visibility and control over employees’ IT use than ever. Today, employees can easily adopt new cloud and SaaS applications whenever and wherever they want, and the old IT
But IBM warns credential compromise is number one initial access vector
Running unsupported and unpatched versions of Exchange Server will do that to a country Sri Lanka's Computer Emergency Readiness Team (CERT) is currently investigating a ransomware attack on the government's cloud infrastructure that affected around 5,000 email accounts, it revealed on Tuesday.…
The new IBM Cloud Security Compliance Center includes a data security broker from Baffle for field and file level encryption of sensitive data.
Rich security suite enables seamless and secure path to transition corporate networks to the cloud, and accelerate innovation.