Tag: cloud
-
Verantwortung in der Cloud: Das Shared-Responsibility-Modell
Tags: cloudFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/verantwortung-cloud-shared-resposibility
-
Public GitLab repositories exposed more than 17,000 secrets
After scanning all 5.6 million public repositories on GitLab Cloud, a security engineer discovered more than 17,000 exposed secrets across over 2,800 unique domains. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/public-gitlab-repositories-exposed-more-than-17-000-secrets/
-
GrapheneOS bails on OVHcloud over France’s privacy stance
Project cites fears of state access as cloud sovereignty row deepens First seen on theregister.com Jump to article: www.theregister.com/2025/11/28/grapheneos_ovhcloud/
-
Alibaba Cloud can’t deploy servers fast enough to satisfy demand for AI
Chinese giant adds to ‘No AI bubble’ babble by citing oversubscribed infrastructure and surging demand First seen on theregister.com Jump to article: www.theregister.com/2025/11/26/alibaba_q2_2025/
-
Alibaba Cloud can’t deploy servers fast enough to satisfy demand for AI
Chinese giant adds to ‘No AI bubble’ babble by citing oversubscribed infrastructure and surging demand First seen on theregister.com Jump to article: www.theregister.com/2025/11/26/alibaba_q2_2025/
-
Alibaba Cloud can’t deploy servers fast enough to satisfy demand for AI
Chinese giant adds to ‘No AI bubble’ babble by citing oversubscribed infrastructure and surging demand First seen on theregister.com Jump to article: www.theregister.com/2025/11/26/alibaba_q2_2025/
-
Alibaba Cloud can’t deploy servers fast enough to satisfy demand for AI
Chinese giant adds to ‘No AI bubble’ babble by citing oversubscribed infrastructure and surging demand First seen on theregister.com Jump to article: www.theregister.com/2025/11/26/alibaba_q2_2025/
-
Alibaba Cloud can’t deploy servers fast enough to satisfy demand for AI
Chinese giant adds to ‘No AI bubble’ babble by citing oversubscribed infrastructure and surging demand First seen on theregister.com Jump to article: www.theregister.com/2025/11/26/alibaba_q2_2025/
-
Neues ToddyCat-Toolkit greift Outlook und Microsoft-Token an
Tags: access, apt, backdoor, browser, chrome, cloud, cyberattack, exploit, governance, government, Internet, kaspersky, mail, microsoft, open-source, powershell, tool, update, vulnerability, windowsDie APT-Gruppe ToddyCat hat ihren Fokus auf den Diebstahl von Outlook-E-Mail-Daten und Microsoft 365-Zugriffstoken verlagert.Forscher von Kaspersky Labs haben festgestellt, dass sich die APT-Gruppe (Advanced Persistent Threat) ToddyCat jetzt darauf spezialisiert hat, Outlook-E-Mail-Daten und Microsoft 365-Zugriffstoken zu stehlen.Demnachhat die Hackerbande ihr Toolkit Ende 2024 und Anfang 2025 weiterentwickelt, um nicht nur wie bisher Browser-Anmeldedaten zu…
-
Utimaco-Dienst soll Kontrolle über Cloud-Schlüssel verbessern – Enterprise Key Manager as a Service für Microsoft Azure
First seen on security-insider.de Jump to article: www.security-insider.de/utimaco-ekmaas-schluesselverwaltung-fuer-azure-nutzer-a-eb4c8f6e8441b055f410465bfda3e778/
-
Von LLM generierte Malware wird immer besser
Forscher tricksen Chatbots aus, stoßen aber auf unzuverlässige Ergebnisse.Cyberkriminelle versuchen bereits seit geraumer Zeit, mit Hilfe von Large Language Models (LLM) ihre dunklen Machenschaften zu automatisieren. Aber können sie schon bösartigen Code generieren, der ‘marktreif” und bereit für den operativen Einsatz ist? Das wollten die Forschenden von Netskope Threat Labs herausfinden, indem sie Chatbots dazu…
-
Keine digitale Souveränität: Französischer Richter Nicolas Guillou nach US-Sanktionen in Digitaler Steinzeit; OVH soll Daten eines Kunden an Kanada liefern
Tags: cloudUS-Sanktionen des am Internationalen Strafgerichtshof tätigen französischen Richters Nicolas Guillou katapultieren diesen in die digitale Steinzeit der neunziger Jahre zurück. Und in Kanada hat ein Gericht den französischen Cloud-Anbieter OVH dazu verdonnert, Daten herauszugeben, die auf europäischen Cloud-Servern liegen. Die Fälle … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/27/franzoesischer-richter-nicolas-guillou-nach-us-sanktionen-in-digitaler-steinzeit/
-
Microsoft tightens cloud login process to prevent common attack
Hackers have spent decades exploiting a ubiquitous type of vulnerability. Microsoft is trying to change that. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/microsoft-change-cloud-login-entra-id-xss/806556/
-
Microsoft tightens cloud login process to prevent common attack
Hackers have spent decades exploiting a ubiquitous type of vulnerability. Microsoft is trying to change that. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/microsoft-change-cloud-login-entra-id-xss/806556/
-
The Attack Surface of Cloud-Based Generative AI Applications is Evolving
It is the right time to talk about this. Cloud-based Artificial Intelligence, or specifically those big, powerful Large Language Models we see everywhere, they’ve completely changed the game. They’re more than just a new application tier. They’re an entirely new attack surface. You’ve moved your critical applications to the public cloud. You did it for..…
-
Hochsicherheits-Pakt – NATO und Google Cloud schließen Deal für KI-fähige Cloud
First seen on security-insider.de Jump to article: www.security-insider.de/google-cloud-nato-ncia-vertrag-ki-cloud-a-f3dae3879522c203fcae1c31bc97a2b0/
-
ToddyCat APT evolves to target Outlook archives and Microsoft 365 tokens
Outlook in the Crosshairs: Another evolution involves accessing actual mail data. ToddyCat deployed a tool named TCSectorCopya C++ utility that opens the disk as a read-only device and copies Outlook’s offline storage files (OST) sector by sector, bypassing any file-lock mechanisms that Outlook may enforce.Once OST files are extracted, they are fed into XstReader, an…
-
ToddyCat APT evolves to target Outlook archives and Microsoft 365 tokens
Outlook in the Crosshairs: Another evolution involves accessing actual mail data. ToddyCat deployed a tool named TCSectorCopya C++ utility that opens the disk as a read-only device and copies Outlook’s offline storage files (OST) sector by sector, bypassing any file-lock mechanisms that Outlook may enforce.Once OST files are extracted, they are fed into XstReader, an…
-
Emergency alerts go dark after cyberattack on OnSolve CodeRED
Cyberattack on OnSolve CodeRED disrupted emergency alert services for U.S. state, local, police, and fire agencies. A cyberattack on the OnSolve CodeRED alert platform disrupted emergency notification services used by U.S. state and local governments, police, and fire agencies. OnSolve CodeRED is a cloud-based emergency alert system used by U.S. state and local governments to…
-
Unifying Cloud Strategy to Unlock AI Potential
Talcott Financial Group’s Dalavi on Oracle to Azure Migration and AI Innovation. Talcott Financial Group’s move from a dual-cloud setup to a unified Azure environment is reshaping performance, efficiency and AI readiness, says Sudhakar Dalavi, head of software engineering. He explains how data unification and continuous learning drive the next phase of innovation. First seen…
-
Alliances between ransomware groups tied to recent surge in cybercrime
Tags: access, attack, awareness, backup, business, cloud, cybercrime, cybersecurity, data, encryption, exploit, extortion, group, healthcare, incident response, intelligence, law, leak, monitoring, ransom, ransomware, saas, service, software, tactics, theft, threat, vpn, vulnerability, zero-dayRansomware groups change tactics to evade law enforcement: The latest quarterly study from Rapid7 also found that newly forged alliances are leading to a spike in ransomware activity while adding that tactical innovations, from refined extortion to double extortion and use of zero day, are also playing a part in increased malfeasance.The quarter also saw…
-
Zero Day in Chrome – Google warnt vor gefährlichen Sicherheitslücken in Cloud und Browser
First seen on security-insider.de Jump to article: www.security-insider.de/google-warnt-vor-sicherheitsluecken-in-cloud-plattform-und-chrome-browser-a-9fe83e203bd3c0b320821877aebfa899/
-
Is investing in advanced NHIs justified?
Why Are Non-Human Identities Essential for Modern Cybersecurity Strategies? Have organizations truly secured their cloud environments from lurking cyber threats? With the increasing reliance on technology, the management of Non-Human Identities (NHIs) becomes a pivotal aspect of cybersecurity strategies. These machine identities, entwined with secrets like encrypted passwords or tokens, play a crucial role in……
-
Am I free to choose different Agentic AI frameworks?
Are Non-Human Identities the Key to Secure Cloud Environments? How do we ensure our systems remain secure, especially when it comes to machine identities and their secrets? The management of Non-Human Identities (NHIs) is a crucial aspect of cybersecurity, offering a comprehensive approach to protecting machine identities and their associated credentials in the cloud. Understanding……
-
Is investing in advanced NHIs justified?
Why Are Non-Human Identities Essential for Modern Cybersecurity Strategies? Have organizations truly secured their cloud environments from lurking cyber threats? With the increasing reliance on technology, the management of Non-Human Identities (NHIs) becomes a pivotal aspect of cybersecurity strategies. These machine identities, entwined with secrets like encrypted passwords or tokens, play a crucial role in……
-
Am I free to choose different Agentic AI frameworks?
Are Non-Human Identities the Key to Secure Cloud Environments? How do we ensure our systems remain secure, especially when it comes to machine identities and their secrets? The management of Non-Human Identities (NHIs) is a crucial aspect of cybersecurity, offering a comprehensive approach to protecting machine identities and their associated credentials in the cloud. Understanding……