Friday, March 28, 2025

Cloud

JumpServer Flaws Allow Attackers to Bypass Authentication and Gain Full Control

JumpServer, a widely used open-source Privileged Access Management (PAM) tool developed by Fit2Cloud, has been found to have critical security vulnerabilities.These flaws, recently highlighted by SonarSource's vulnerability research...

The Evolution Of Cloud Data Security: Why Traditional Tools Are No Longer Enough

Cloud technology has revolutionised how businesses function, with unprecedented scalability and flexibility. However, this transformation has also brought about an escalation of sophisticated security...

Hackers Exploit ‘Any/Any’ Communication Configurations in Cloud Services to Host Malware

Recent research by Veriti has uncovered a disturbing trend in cybersecurity: malicious actors are increasingly leveraging cloud infrastructure to distribute malware and operate command-and-control...

Microsoft Warns of Silk Typhoon Hackers Exploiting Cloud Services to Attack IT Supply Chain

Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese espionage group, now targeting common IT solutions such as...

Google Introduces Quantum-Safe Digital Signatures in Cloud KMS

Google Cloud has unveiled a critical cybersecurity upgrade: quantum-safe digital signatures via its Key Management Service (Cloud KMS), now available in preview.This move aligns with the...

Critical Vulnerability in Fluent Bit Exposes Cloud Services to Potential Cyber Attacks

A critical security flaw in Fluent Bit, a widely adopted log processing and metrics collection tool part of the Cloud Native Computing Foundation (CNCF),...

Google to Issue CVEs for Critical Cloud Vulnerabilities

Google Cloud has announced a significant step forward in its commitment to transparency and security by stating it will begin issuing Common Vulnerabilities and...

Hardcoded Creds in Popular Apps Put Millions of Android and iOS Users at Risk

Recent analysis has revealed a concerning trend in mobile app security: Many popular apps store hardcoded and unencrypted cloud service credentials directly within their...

Cloud Penetration Testing Checklist – 2024

Cloud Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code.Cloud computing is...

TeamTNT Hackers Attacking VPS Servers Running CentOS

TeamTNT is targeting CentOS VPS clouds with SSH brute force attacks. It has uploaded a malicious script that disables security, deletes logs, and modifies...

CloudSOC – An OpenSource Project for SOC & Security Analysts

Security Operations Centers (SOCs) and security analysts are under immense pressure to stay ahead of potential attacks.Enter CloudSOC, an open-source project designed to...