-
Hackers steal 15,000 cloud credentials from exposed Git config files
A global large-scale dubbed "EmeraldWhale" exploited misconfigured Git configuration files to steal over 15,000 cloud account credentials from thousands of private repositories.
- October 30, 2024
- 10:00 AM
0
-
AWS, Azure auth keys found in Android and iOS apps used by millions
Multiple popular mobile applications for iOS and Android come with hardcoded, unencrypted credentials for cloud services like Amazon Web Services (AWS) and Microsoft Azure Blob Storage, exposing user data and source code to security breaches.
- October 22, 2024
- 04:19 PM
0
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Severe flaws in E2EE cloud storage platforms used by millions
Several end-to-end encrypted (E2EE) cloud storage platforms are vulnerable to a set of security issues that could expose user data to malicious actors.
- October 20, 2024
- 12:06 PM
- 0
-
Critical flaw in NVIDIA Container Toolkit allows full host takeover
A critical vulnerability in NVIDIA Container Toolkit impacts all AI applications in a cloud or on-premise environment that rely on it to access GPU resources.
- September 29, 2024
- 10:23 AM
- 0
-
Embargo ransomware escalates attacks to cloud environments
Microsoft warns that ransomware threat actor Storm-0501 has recently switched tactics and now targets hybrid cloud environments, expanding its strategy to compromise all victim assets.
- September 27, 2024
- 11:09 AM
- 3
-
Ransomware gangs now abuse Microsoft Azure tool for data theft
Ransomware gangs like BianLian and Rhysida increasingly use Microsoft's Azure Storage Explorer and AzCopy to steal data from breached networks and store it in Azure Blob storage.
- September 17, 2024
- 12:14 PM
- 0
-
Massive AT&T data breach exposes call logs of 109 million customers
AT&T is warning of a massive data breach where threat actors stole the call logs for approximately 109 million customers, or nearly all of its mobile customers, from an online database on the company's Snowflake account.
- July 12, 2024
- 09:37 AM
- 3
-
CloudSorcerer hackers abuse cloud services to steal Russian govt data
A new advanced persistent threat (APT) group named CloudSorcerer abuses public cloud services to steal data from Russian government organizations in cyberespionage attacks.
- July 08, 2024
- 11:11 AM
- 1
-
Proton launches free, privacy-focused Google Docs alternative
Proton has launched 'Docs in Proton Drive,' a free and open-source end-to-end encrypted web-based document editing and collaboration tool.
- July 03, 2024
- 06:00 AM
- 0
-
BBC suffers data breach impacting current, former employees
The BBC has disclosed a data security incident that occurred on May 21, involving unauthorized access to files hosted on a cloud-based service, compromising the personal information of BBC Pension Scheme members.
- May 30, 2024
- 10:02 AM
- 0
-
Google Workspace rolls out multi-admin approval feature for risky changes
Google is rolling out a new Workspace feature that requires multiple admins to approve high-risk setting changes to prevent unauthorized or accidental modifications that could reduce security.
- April 10, 2024
- 03:13 PM
- 0
-
Microsoft to shut down 50 cloud services for Russian businesses
Microsoft plans to limit access to over fifty cloud products for Russian organizations by the end of March as part of the sanctions requirements against the country issued by EU regulators last December.
- March 23, 2024
- 10:14 AM
- 2
-
CISA, NSA share best practices for securing cloud services
The NSA and the Cybersecurity and Infrastructure Security Agency (CISA) have released five joint cybersecurity bulletins containing on best practices for securing a cloud environment.
- March 07, 2024
- 06:05 PM
- 0
-
Get certified in Microsoft Azure with $61 off this exam prep bundle
Azure is one of the most popular cloud platforms, and knowing how it works can be key to safer, better IT systems. This six-course Azure prep bundle upgrades your skills for $34.99, $61 off the $96 MSRP.
- February 28, 2024
- 02:09 PM
- 0
-
Russian hackers shift to cloud attacks, US and allies warn
Members of the Five Eyes (FVEY) intelligence alliance warned today that APT29 Russian Foreign Intelligence Service (SVR) hackers are now switching to attacks targeting their victims' cloud services.
- February 26, 2024
- 12:31 PM
- 0
-
Hackers abuse Google Cloud Run in massive banking trojan campaign
Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban.
- February 21, 2024
- 04:07 PM
- 0
-
Ongoing Microsoft Azure account hijacking campaign targets executives
A phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments, including those of senior executives.
- February 12, 2024
- 02:16 PM
- 0
-
Leaky Vessels flaws allow hackers to escape Docker, runc containers
Four vulnerabilities collectively called "Leaky Vessels" allow hackers to escape containers and access data on the underlying host operating system.
- February 04, 2024
- 10:17 AM
- 0
-
Docker hosts hacked in ongoing website traffic theft scheme
A new campaign targeting vulnerable Docker services deploys an XMRig miner and the 9hits viewer app on compromised hosts, allowing a dual monetization strategy.
- January 18, 2024
- 06:00 AM
- 0
-
Hacker spins up 1 million virtual servers to illegally mine crypto
A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency.
- January 13, 2024
- 10:09 AM
- 4
