Tag: cloud
-
Cloud Phones Linked to Rising Financial Fraud Threat
Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cloud-phones-financial-fraud/
-
Forescout: Routers Now Top the Riskiest Connected Devices List, With 11 New Device Types Emerging
Forescout’s annual >>Riskiest Connected Devices<< report is out for 2026, and the findings point to a fast-expanding set of device categories presenting serious risk to enterprise networks. Published by Forescout Research's Vedere Labs at RSAC 2026, the report analyzed millions of devices in Forescout's Device Cloud using a multifactor risk scoring methodology. The headline finding:..…
-
Broadcom Introduces Symantec CBX, Unifying Symantec and Carbon Black Into a Single XDR Platform
Broadcom has introduced Symantec CBX (Carbon Black XDR), a cloud-based platform that unifies Symantec and Carbon Black technologies into a single extended detection and response solution. The announcement was made March 23 at RSAC 2026 in San Francisco. The platform targets organizations that face serious threats but don’t have the staffing or budget to run..…
-
PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials
Tags: access, advisory, api, attack, cloud, container, credentials, data, exploit, extortion, github, group, infrastructure, malicious, malware, open-source, pypi, supply-chain, tactics, tool, vulnerabilityAn expanding supply-chain campaign: The LiteLLM incident has been confirmed to be a part of the rapidly unfolding TeamPCP supply chain campaign that first compromised Trivy.Trivy, developed by Aqua Security, is a widely used open-source vulnerability scanner designed to identify security issues in container images, file systems, and infrastructure-as-code (IaC) configurations. The ongoing attack, attributed…
-
SAP already shifting focus from ERP migration disaster in pursuit of AI-driven growth
New commercial models planned after cloud transition falls Euro2B behind target First seen on theregister.com Jump to article: www.theregister.com/2026/03/24/sap_commercial_focus/
-
CSA Launches CSAI Foundation for AI Security
Cloud Security Alliance creates dedicated nonprofit to govern autonomous AI agent ecosystems through risk intelligence and certification First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/csa-launches-csai-ai-security
-
TeamPCP Hits Trivy, Checkmarx, and LiteLLM in Credential Theft Campaign
Hackers compromised Trivy, Checkmarx, and LiteLLM in a supply chain attack, stealing cloud credentials, tokens, and crypto wallet data from developers. First seen on hackread.com Jump to article: hackread.com/teampcp-trivy-checkmarx-litellm-credential-theft/
-
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads
Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Windows intrusions against Israeli and Brazilian organizations, Pay2Key has re-emerged as a ransomware-as-a-service (RaaS) with explicit support for Linux environments. Recent research shows that newer…
-
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads
Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Windows intrusions against Israeli and Brazilian organizations, Pay2Key has re-emerged as a ransomware-as-a-service (RaaS) with explicit support for Linux environments. Recent research shows that newer…
-
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads
Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Windows intrusions against Israeli and Brazilian organizations, Pay2Key has re-emerged as a ransomware-as-a-service (RaaS) with explicit support for Linux environments. Recent research shows that newer…
-
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads
Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Windows intrusions against Israeli and Brazilian organizations, Pay2Key has re-emerged as a ransomware-as-a-service (RaaS) with explicit support for Linux environments. Recent research shows that newer…
-
Raus aus der Cloud: Ein Start-up auf EU-Infrastruktur? Schwieriger als gedacht!
Ja, es ist möglich, ein Start-up komplett auf europäischer Infrastruktur zu betreiben. Aber man muss es wollen. First seen on golem.de Jump to article: www.golem.de/news/europaeische-cloudinfrastruktur-made-in-eu-schwieriger-als-gedacht-2603-206865.html
-
Google Authenticator’s Hidden Passkey Design May Expose New Passwordless Attack Vectors
Google’s passkey ecosystem quietly depends on a powerful cloud-side component that changes where “passwordless trust” actually lives and that shift could open new avenues for account takeover in the real world. Most passkey discussions focus on WebAuthn and FIDO specs, but attackers care about implementations, not standards. In Google’s case, synced passkeys sit on top…
-
Julius v0.2.0: From 33 to 63 Probes, Now Detecting Cloud AI, Enterprise Inference, and RAG Pipelines
TL;DR: Julius v0.2.0 nearly doubles LLM fingerprinting probe coverage from 33 to 63, adding detection for cloud-managed AI services (AWS Bedrock, Azure OpenAI, Vertex AI), high-performance inference servers (SGLang, TensorRT-LLM, Triton), AI gateways (Portkey, Helicone, Bifrost), and self-hosted RAG platforms (PrivateGPT, RAGFlow, Quivr). This release also hardens the scanner itself with response size limiting and……
-
Tools to Measure Data Center Infrastructure Efficiency: The Complete Guide
Measuring data center efficiency requires the right tools, not guesswork. This guide covers 20 platforms across six categories, from enterprise DCIM suites to cloud-native options like Hyperview, helping IT leaders track PUE, reduce energy costs, and meet sustainability mandates with confidence. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/tools-to-measure-data-center-infrastructure-efficiency-the-complete-guide/
-
Securden Unveils Unified Identity Security Platform at RSAC 2026, Combining PAM, EPM, IGA, and More
Securden launched what it calls the world’s first truly unified identity security platform at RSA Conference 2026, consolidating privileged access management, endpoint privilege management, identity governance, cloud entitlement management, non-human identity security, and AI agent security into a single product. The announcement targets a persistent problem in enterprise security: organizations typically address these identity security..…
-
Effective API Security Testing Strategies for Modern Application Environments
Modern apps no longer have well-defined boundaries. In today’s SaaS ecosystem of cloud-native applications and hybrid setups, a mix of internal and third-party APIs often serve as the primary pipelines through which apps access information. Almost all transactions, whether authentication, data transfer or workflow automation, happen through APIs, which centralize access to business-critical data. The..…
-
News alert: DDoS attacks surge 150%”, Gcore analysis shows faster, cheaper more frequent attacks
LUXEMBOURG, Luxembourg, March 24, 2026, CyberNewswire”, Gcore, the global infrastructure and software provider for AI, cloud, network, and security solutions, today announced the findings of its Q3-Q4 2025 Gcore Radar report DDoS attack trends. The report reveals growing attack… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/news-alert-ddos-attacks-surge-150-gcore-analysis-shows-faster-cheaper-more-frequent-attacks/
-
Strengthening Cloud Resilience in Federal Environments
An OnDemand Webinar from Rubrik. As federal agencies expand their cloud footprint, managing both risk and cost becomes more complex. This session explores how to close operational gaps, strengthen resilience, and take a more strategic approach to cloud protection. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/strengthening-cloud-resilience-in-federal-environments-a-31139
-
CSA and Aembit Survey: 68% of Organizations Can’t Distinguish AI Agent Actions from Human Activity
AI agents are already deployed broadly across enterprise environments. The problem is that organizations can’t tell what they’re doing. That’s the core finding of a new survey report released at RSAC 2026 by the Cloud Security Alliance, commissioned by Aembit. The >>Identity and Access Gaps in the Age of Autonomous AI<< report surveyed 228 IT..…
-
AI Forces CISOs to Rebuild Defense Playbooks
Francis deSouza of Google Cloud on Fighting AI-Driven Threats With AI. AI has redrawn the threat landscape for security leaders and forced a new operating model. Francis deSouza of Google Cloud says CISOs must counter faster, AI-driven attacks with AI-led defense, stronger governance and teams fluent in AI. First seen on govinfosecurity.com Jump to article:…
-
Huntress Brings ITDR to Google Workspace as Identity Attacks Surge
Huntress has announced it is extending its Managed Identity Threat Detection and Response (ITDR) solution to Google Workspace, marking a significant expansion of the company’s cloud identity security coverage and coming at a telling moment. The announcement, made today at RSA Conference in San Francisco, coincides with Huntress surpassing 10 million Microsoft 365 identities protected…
-
Sysdig feiert 10-jähriges Jubiläum von Falco mit einer 70.000 US-Dollar-Spende
Sysdig gab bekannt, dass das Unternehmen im Rahmen der Crowdfunding-Initiative der Linux Foundation eine Spende in Höhe von 70.000 US-Dollar an das Falco-Projekt übergibt. Die Spende erfolgt anlässlich des 10-jährigen Jubiläums von Falco und kurz nach einer Umfrage der Cloud Native Computing Foundation (CNCF), aus der hervorgeht, dass 82 Prozent der KI-Workloads mittlerweile auf Kubernetes…
-
Tycoon2FA Operators Resume Cloud Account Phishing Following Infrastructure
Tycoon2FA operators have resumed large-scale cloud account phishing just days after law enforcement and industry partners disrupted the platform’s core infrastructure, underscoring the resilience of phishing-as-a-service (PhaaS) ecosystems and the limits of infrastructure-only takedowns. Authorities in Latvia, Lithuania, Portugal, Poland, Spain, and the UK worked with private-sector partners to seize 330 domains used to power…
-
TeamPCP Unleashes Iran-Targeted CanisterWorm Kubernetes Wiper
CanisterWorm’s latest evolution turns TeamPCP’s cloud-native toolkit into a geopolitically tuned wiper, capable of bricking entire Kubernetes clusters when it lands on systems configured for Iran. The campaign reuses the same Internet Computer Protocol (ICP) canister C2 and backdoor infrastructure seen in the earlier Trivy and NPM CanisterWorm incidents. However, it now adds selective destruction…
-
TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the Trivy supply chain attack.The workflows, both maintained by the supply chain security company Checkmarx, are listed below -checkmarx/ast-github-actioncheckmarx/kics-github-actionCloud security First seen on thehackernews.com Jump to article:…
-
Threat Actors Target MS-SQL Servers to Deploy ICE Cloud Scanner Malware
Threat actors are continuing to aggressively target Microsoft SQL (MS-SQL) servers in 2026, with new evidence showing the deployment of a scanner malware known as ICE Cloud Client. Larva-26002 has maintained a consistent focus on poorly secured MS-SQL servers exposed to the internet. These systems are typically compromised through brute-force or dictionary attacks using weak…
-
Gcore Radar report reveals 150% surge in DDoS attacks year-on-year
Luxembourg, Luxembourg, March 24th, 2026, CyberNewswire Gcore data highlights a threat landscape defined by newfound automated attack capabilities, scale, and frequency Gcore, the global infrastructure and software provider for AI, cloud, network, and security solutions, today announced the findings of its Q3-Q4 2025 Gcore Radar report DDoS attack trends. The report reveals growing attack volumes,…
-
Product showcase: Cross-platform and third-party endpoint patching with Action1
Keeping endpoints patched is one of the more annoying chores in IT operations. Action1 is a cloud-based autonomous endpoint management platform that addresses this challenge … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/24/product-showcase-action1-endpoint-patch-management-solution/