Cloud
JumpServer Flaws Allow Attackers to Bypass Authentication and Gain Full Control
JumpServer, a widely used open-source Privileged Access Management (PAM) tool developed by Fit2Cloud, has been found to have critical security vulnerabilities.These flaws, recently highlighted by SonarSource's vulnerability research...
Cloud
The Evolution Of Cloud Data Security: Why Traditional Tools Are No Longer Enough
Cloud technology has revolutionised how businesses function, with unprecedented scalability and flexibility. However, this transformation has also brought about an escalation of sophisticated security...
Cloud
Hackers Exploit ‘Any/Any’ Communication Configurations in Cloud Services to Host Malware
Recent research by Veriti has uncovered a disturbing trend in cybersecurity: malicious actors are increasingly leveraging cloud infrastructure to distribute malware and operate command-and-control...
Cloud
Microsoft Warns of Silk Typhoon Hackers Exploiting Cloud Services to Attack IT Supply Chain
Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese espionage group, now targeting common IT solutions such as...
Cloud
Google Introduces Quantum-Safe Digital Signatures in Cloud KMS
Google Cloud has unveiled a critical cybersecurity upgrade: quantum-safe digital signatures via its Key Management Service (Cloud KMS), now available in preview.This move aligns with the...
Cloud
Critical Vulnerability in Fluent Bit Exposes Cloud Services to Potential Cyber Attacks
A critical security flaw in Fluent Bit, a widely adopted log processing and metrics collection tool part of the Cloud Native Computing Foundation (CNCF),...
Cloud
Google to Issue CVEs for Critical Cloud Vulnerabilities
Google Cloud has announced a significant step forward in its commitment to transparency and security by stating it will begin issuing Common Vulnerabilities and...
Cloud
Hardcoded Creds in Popular Apps Put Millions of Android and iOS Users at Risk
Recent analysis has revealed a concerning trend in mobile app security: Many popular apps store hardcoded and unencrypted cloud service credentials directly within their...
Checklist
Cloud Penetration Testing Checklist – 2024
Cloud Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code.Cloud computing is...
Cloud
TeamTNT Hackers Attacking VPS Servers Running CentOS
TeamTNT is targeting CentOS VPS clouds with SSH brute force attacks. It has uploaded a malicious script that disables security, deletes logs, and modifies...
Cloud
CloudSOC – An OpenSource Project for SOC & Security Analysts
Security Operations Centers (SOCs) and security analysts are under immense pressure to stay ahead of potential attacks.Enter CloudSOC, an open-source project designed to...