Cloud Security Archives - Page 6 of 20

Mozilla Blocks Malicious Firefox Add-Ons Abusing Proxy API

Issued by: Security Week

The API allows add-ons to control the manner in which the browser connects to the Internet, and some extensions were found to abuse this. Specifically, the manner in which the offending add-ons interacted with the API prevented users from accessing updated blocklists, from downloading updates, and from updating content remotely configured. According to Mozilla, a…

Application Security, Cloud Security

Cybersecurity M&A Roundup for October 1-10, 2021

Issued by: Security Week

A total of nine cybersecurity-related acquisitions were announced in the first 10 days of October 2021. 11:11 Systems acquires Green Cloud Defense Managed infrastructure solutions provider 11:11 Systems acquired Green Cloud Defense, a cloud infrastructure-as-a-service provider that specializes in managed cloud security solutions. The deal will help 11:11 Systems expand its capabilities and grow its…

Cloud Security

Microsec.ai Exits Stealth With Cloud Application Runtime Protection Platform

Issued by: Security Week

The company’s agentless CNAPP solution aims to secure multi-cloud IaaS and PaaS environments, as well as containers and data, through a single, unified interface. Founded in February 2021, the Santa Clara, California-based company offers support for major cloud infrastructure providers, including AWS, Azure, Google, IBM, and Oracle. Microsec.ai claims to provide visibility into containers, microservices,…

Vulnerabilities

ESET Discovers UEFI Bootkit in Cyber Espionage Campaign

Issued by: Security Week

The ESET discovery is the second real-world UEFI bootkit to be publicly documented in recent weeks, following Kaspersky’s report on a new Windows UEFI bootloader fitted into the FinSpy surveillance spyware product. According to ESET researchers Anton Cherepanov and Martin Smolar, the malware has evaded detection for almost a decade and was engineered to bypass…

Cloud Security

Cloud Services Providers Introduce Trusted Cloud Principles

Issued by: Security Week

Trusted Cloud Principles signatories say they are committed to maintaining consistent human rights standards across their services, while also ensuring that cloud services providers’ interests are protected. The initiative has received support from heavy industry names, including Amazon, Atlassian, Cisco, Google, Microsoft, and IBM, among others. “Trusted Cloud Principles signatories are committed to protecting the…

Mobile Security

Apple Confirms New Zero-Day Attacks on Older iPhones

Issued by: Security Week

This is the 16th documented in-the-wild zero-day exploitation of security defects in Apple’s iOS and macOS platforms so far this year. “Apple is aware of reports that an exploit for this issue exists in the wild,” the company said without elaborating. No other details of IOCs (indicators of compromise) were provided. The Cupertino, Calif. software…

Software Security

A Journey in Organizational Cyber Resilience Part 2: Business Continuity

Issued by: Security Intelligence

Keeping a business up and running during a problem takes the right people for the job. When it comes to cyber resilience through tough times, many things come down to the human factor. We focused on that in the first piece in this series, but it also makes a big difference to the second topic:…

Cloud Security

Data Is Quicksand: Does Your Current Data Security Solution Pull You Out or Sink You Deeper?

Issued by: Security Intelligence

If you grew up on Saturday morning cartoons, you probably worried about the Bermuda Triangle, piranhas in the tub and quicksand. It didn’t matter where you lived. One second, you’re hiking in the park behind your house, and the next you’re sinking like Indiana Jones. To make a massive jump, this is similar to the…