Latest coverage for Cloud
Stay updated with the latest trends and security protocols in cloud computing. Navigate the evolving landscape of Cloud Information Security with us.
Refine the feed
Search across headline titles and summaries.
Tag briefing
Background for this topic.
Cloud computing involves delivering computing services—such as storage, processing, and networking—over the internet using remote data centers. This model enables organizations to scale resources dynamically without owning physical infrastructure. In security terms, the cloud environment is defined by multi-tenant infrastructure where multiple customers share hardware and software resources managed by a cloud provider.
Key security concerns include controlling access through strong identity and access management (IAM), protecting data with encryption both at rest and in transit, and managing vulnerabilities in shared infrastructure components. The cloud’s shared responsibility model requires customers to secure their applications and data while providers secure the underlying platform. Misconfigurations, weak access controls, and insufficient monitoring can expose cloud assets to unauthorized access or data leakage, making precise configuration and continuous security assessment essential.
Citrix shares mitigations for ongoing Netscaler password spray attacks
Citrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to breach corporate networks. [...]
IoT Cloud Cracked by 'Open Sesame' Over-the-Air Attack
Researchers demonstrate how to hack Ruijie Reyee access points without Wi-Fi credentials or even physical access to the device.
Chinese APT Groups Targets European IT Companies
Evidence Mounts for Chinese Hacking 'Quartermaster'A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure cloud infrastructure to target Western technology firms for espionage, security firms Tinexta Cyber and SentinelLabs said. The companies call the campaign "Operation Digital Eye."
Researchers Crack Microsoft Azure MFA in an Hour
A critical flaw in the company's rate limit for failed sign-in attempts allowed unauthorized access to a user account, including Outlook emails, OneDrive files, Teams chats, Azure Cloud, and more.
Three more vulns spotted in Ivanti CSA, all critical, one 10/10
Patch up, everyone – that admin portal is mighty attractive to your friendly cyberattacker Ivanti just put out a security advisory warning of three critical vulnerabilities in its Cloud Services Application (CSA), including a perfect 10.…
Financial Sector Turning to Multi-Cloud Strategies
Report: Financial Orgs Shift to Multi-Cloud to Address Cyber Threats and RegulationFinancial institutions are increasingly adopting multi-cloud strategies to mitigate rising cyber risks and comply with complex regulations, according to a new report. Although the move enhances flexibility and disaster recovery, challenges remain, from implementation costs to a growing skills gap.
Snowflake Pledges to Make MFA Mandatory
The multi-cloud data warehousing platform said it will completely phase out single factor authentication with passwords by November 2025
Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities
Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution
Citrix Acquisitions Boost Zero-Trust Defense for Hybrid Work
deviceTrust, Strong Network Acquisitions Improve Zero Trust, Developer ProtectionsCitrix enhances its security for hybrid work by acquiring deviceTrust and Strong Network. Purchasing these European startups boosts protection for VDI, DaaS and cloud development, empowering organizations to enforce zero-trust principles and reduce risks across their hybrid environments.
Financial Sector Turning to Multi-Vendor Cloud Strategies
Report: Financial Orgs Shift to Multi-Cloud to Address Cyber Threats and RegulationFinancial institutions are increasingly adopting multi-cloud strategies to mitigate rising cyber risks and comply with complex regulations, according to a new report. The move enhances flexibility and disaster recovery, though challenges remain, from implementation costs to a growing skills gap.
Ivanti warns of maximum severity CSA auth bypass vulnerability
Ivanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. [...]
Cybercrime Gangs Abscond With Thousands of AWS Credentials
The Nemesis and ShinyHunters attackers scanned millions of IP addresses to find exploitable cloud-based flaws, though their operation ironically was discovered due to a cloud misconfiguration of their own doing.
Genetec Physical Security Report Shows Accelerating Hybrid Cloud Adoption
More than 4% of US attempted e-commerce transactions between Thanksgiving and Cyber Monday suspected to be fraudulent.