Tuesday, April 29, 2025

Cloud

Cookie-Bite Attack Enables MFA Bypass and Persistent Cloud Server Access

Researchers have exposed a sophisticated cyberattack technique dubbed the "Cookie-Bite Attack," which allows adversaries to bypass Multi-Factor Authentication (MFA) and maintain persistent access to cloud servers such as Microsoft...

Super-Smart AI Could Launch Attacks Sooner Than We Think

In a development for cybersecurity, large language models (LLMs) are being weaponized by malicious actors to orchestrate sophisticated attacks at an unprecedented pace. Despite built-in...

Google Cloud Composer Flaw Allows Attackers to Gain Elevated Privileges

Research disclosed a now-patched high-severity vulnerability in Google Cloud Platform’s (GCP) Cloud Composer service, dubbed ConfusedComposer. It could have allowed attackers to hijack cloud workflows and...

Cloud Misconfigurations – A Leading Cause of Data Breaches

Cloud computing has transformed the way organizations operate, offering unprecedented scalability, flexibility, and cost savings. However, this rapid shift to the cloud has also introduced...

JumpServer Flaws Allow Attackers to Bypass Authentication and Gain Full Control

JumpServer, a widely used open-source Privileged Access Management (PAM) tool developed by Fit2Cloud, has been found to have critical security vulnerabilities. These flaws, recently...

The Evolution Of Cloud Data Security: Why Traditional Tools Are No Longer Enough

Cloud technology has revolutionised how businesses function, with unprecedented scalability and flexibility. However, this transformation has also brought about an escalation of sophisticated security...

Hackers Exploit ‘Any/Any’ Communication Configurations in Cloud Services to Host Malware

Recent research by Veriti has uncovered a disturbing trend in cybersecurity: malicious actors are increasingly leveraging cloud infrastructure to distribute malware and operate command-and-control...

Microsoft Warns of Silk Typhoon Hackers Exploiting Cloud Services to Attack IT Supply Chain

Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese espionage group, now targeting common IT solutions such as...

Google Introduces Quantum-Safe Digital Signatures in Cloud KMS

Google Cloud has unveiled a critical cybersecurity upgrade: quantum-safe digital signatures via its Key Management Service (Cloud KMS), now available in preview. This move aligns with the...

Critical Vulnerability in Fluent Bit Exposes Cloud Services to Potential Cyber Attacks

A critical security flaw in Fluent Bit, a widely adopted log processing and metrics collection tool part of the Cloud Native Computing Foundation (CNCF),...

Google to Issue CVEs for Critical Cloud Vulnerabilities

Google Cloud has announced a significant step forward in its commitment to transparency and security by stating it will begin issuing Common Vulnerabilities and...