Cloud
Google to Issue CVEs for Critical Cloud Vulnerabilities
Google Cloud has announced a significant step forward in its commitment to transparency and security by stating it will begin issuing Common Vulnerabilities and Exposures (CVEs) for critical vulnerabilities...
Cloud
Hardcoded Creds in Popular Apps Put Millions of Android and iOS Users at Risk
Recent analysis has revealed a concerning trend in mobile app security: Many popular apps store hardcoded and unencrypted cloud service credentials directly within their...
Checklist
Cloud Penetration Testing Checklist – 2024
Cloud Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code.Cloud computing is...
Cloud
TeamTNT Hackers Attacking VPS Servers Running CentOS
TeamTNT is targeting CentOS VPS clouds with SSH brute force attacks. It has uploaded a malicious script that disables security, deletes logs, and modifies...
Cloud
CloudSOC – An OpenSource Project for SOC & Security Analysts
Security Operations Centers (SOCs) and security analysts are under immense pressure to stay ahead of potential attacks.Enter CloudSOC, an open-source project designed to...
Cloud
Hackers Exploited Digital Advertising Tools to Launch Malicious Campaigns
Cybersecurity researchers from Mandiant and Google Cloud have uncovered a sophisticated scheme where hackers exploit digital advertising tools to conduct malicious campaigns.These tools, originally...
Cloud
Hackers Abusing Google Cloud For Phishing
Threat actors often attack cloud services for several illicit purposes. Google Cloud is targeted due to its extensive and powerful resources, which could be...
Bug Bounty
New TE.0 HTTP Request Smuggling Flaw Impacts Google Cloud Websites
HTTP Request Smuggling is a flaw in web security that is derived from variations in the way different web servers or intermediaries, such as...
Cloud
Cloud-Based Malware Attack Abusing Google Drive & Dropbox
A phishing email with a malicious zip attachment initiates the attack. The zip contains a single executable disguised as an Excel file using Left-To-Right...
Cloud
Critical Memory Corruption In Cloud Logging Infrastructure Enables Code Execution Attack
Fluent Bit, a widely used open-source data collector and processor, has been found to have a major memory loss flaw.Many big cloud providers use...
Cloud
New LLMjacking Used Stolen Cloud Credentials to Attack Cloud LLM Servers
Researchers have identified a new form of cyberattack termed "LLMjacking," which exploits stolen cloud credentials to hijack cloud-hosted large language models (LLMs).This sophisticated attack...