Cloud Infrastructure

Cloud Security

Issued by: CSO Online

Recent destructive attacks against organizations that masquerade as a ransomware operation called DarkBit are likely performed by an advanced persistent threat (APT) group that’s affiliated with the Iranian government. During some of these operations the attackers didn’t limit themselves to on-premises systems but jumped into victims’ Azure AD environments where they deleted assets including entire…

Software Security

Issued by: Dark Reading

The intricate labyrinth of open source dependencies across the global software supply chain has created an application security puzzle of mammoth proportions. Whether open source or closed, most of the world’s software today is built on third-party components and libraries. Consequently, one piece of vulnerable code in even the smallest of open source projects can…

Cloud Security

Issued by: CIO Security

The move to the cloud has forced many CIOs to change how they think about security. Since much of the responsibility to secure infrastructure is now outsourced to cloud providers, CIOs need to focus higher in the stack to ensure that configurations are correct and data is not inadvertently exposed. As you assess your operations…

Cloud Security

Issued by: Security Intelligence

We have all heard the castle-and-moat analogy to describe traditional centralized approaches to cybersecurity. As cloud security becomes increasingly important in the modern landscape, I think we should add one more component to the analogies we use to think about security: fog. Sometimes the fog is so thick that you can barely see what is…

Cloud Security

Issued by: Dark Reading

RSA CONFERENCE 2020 – San Francisco – A recently spotted targeted attack employed a rootkit to sneak malicious traffic through the victim organization’s AWS firewall and drop a remote access Trojan onto its cloud-based servers. Researchers at Sophos discovered the attack while inspecting infected Linux and Windows EC2-based cloud infrastructure servers running in Amazon Web…

Cloud Security

Issued by: CSO

In the age of cloud computing where infrastructure needs to be extended or deployed rapidly to meet ever-changing organizational needs, the configuration of new servers and nodes is completely automated. This is done using machine-readable definition files, or templates, as part of a process known as infrastructure as code (IaC) or continuous configuration automation (CCA)….

Cloud Security

Issued by: Dark Reading

Public cloud infrastructure presents security teams with a new invisible management layer, creating new security challenges that demand better understanding. Many organizations don’t properly understand the cloud identity and access management layer and often fail to secure it. Such misunderstandings usually lead to dangerous misconfigurations that can drive customer risk; for example, in the case…

Cloud Security

Issued by: Help Net Security

Worldwide spending on public cloud services and infrastructure will more than double over the 2019-2023 forecast period, according to IDC. With a five-year compound annual growth rate (CAGR) of 22.3%, public cloud spending will grow from $229 billion in 2019 to nearly $500 billion in 2023. “Adoption of public (shared) cloud services continues to grow…

Cloud Security

Issued by: Security Intelligence

How Cloud Security Can Drive Innovation and Transform Your Business

I joined a number of security professionals at the IBM Security Summit in London last month during the “Innovating With Cloud Security” breakout session, which was hosted by Martin Borrett, chief technology officer (CTO) of IBM Security Europe. The audience took part in discussions about typical cloud transformation journeys, security for and from the cloud,…