Latest coverage for Cloud
Stay updated with the latest trends and security protocols in cloud computing. Navigate the evolving landscape of Cloud Information Security with us.
Refine the feed
Search across headline titles and summaries.
Tag briefing
Background for this topic.
Cloud computing involves delivering computing services—such as storage, processing, and networking—over the internet using remote data centers. This model enables organizations to scale resources dynamically without owning physical infrastructure. In security terms, the cloud environment is defined by multi-tenant infrastructure where multiple customers share hardware and software resources managed by a cloud provider.
Key security concerns include controlling access through strong identity and access management (IAM), protecting data with encryption both at rest and in transit, and managing vulnerabilities in shared infrastructure components. The cloud’s shared responsibility model requires customers to secure their applications and data while providers secure the underlying platform. Misconfigurations, weak access controls, and insufficient monitoring can expose cloud assets to unauthorized access or data leakage, making precise configuration and continuous security assessment essential.
Microsoft Azure-Based Kerberos Attacks Crack Open Cloud Accounts
Two common attacks against on-premises Kerberos authentication servers — known as Pass the Ticket and Silver Ticket — can be used against Microsoft's Azure AD Kerberos, a security firms says.
The Definitive Browser Security Checklist
Security stakeholders have come to realize that the prominent role the browser has in the modern corporate environment requires a re-evaluation of how it is managed and protected. While not long-ago web-borne risks were still addressed by a patchwork of endpoint, network, and cloud solutions, it is now clear that the partial protection these solutions provided is no longer sufficient. Therefore,
Go to security school, GoTo – theft of encryption keys shows you need it
Ongoing investigation into cloud storage attack finds customer data exfiltrated Remote access outfit GoTo has admitted that a threat actor exfiltrated an encryption key that allowed access to "a portion" of encrypted backup files.…
LastPass Parent Company GoTo Suffers Data Breach, Customers' Backups Compromised
LastPass-owner GoTo (formerly LogMeIn) on Tuesday disclosed that unidentified threat actors were able to steal encrypted backups of some customers' data along with an encryption key for some of those backups in a November 2022 incident
GoTo admits: Customer cloud backups stolen together with decryption key
We were going to write, "Once more unto the breach, dear friends, once more"... but it seems to go without saying these days.
Skyhawk Security Launches Multicloud Runtime Threat Detection and Response Platform
Skyhawk Synthesis extends cloud security misconfiguration detection across multiple clouds, the company says — throwing cloud security posture management in for free.
The 2022-2023 Cloud Awards Announces Its Finalists
SaaS Security Posture Management (SSPM) as a Layer in Your Identity Fabric
The move to SaaS and other cloud tools has put an emphasis on Identity & Access Management (IAM). After all, user identity is one of the only barriers standing between sensitive corporate data and any unauthorized access. The tools used to define IAM make up its identity fabric. The stronger the fabric, the more resistant identities are to pressure from threat actors. However, those pressures