Tag: cloud
-
When Identity is the Attack Path
Consider a cached access key on a single Windows machine. It got there the way most cached credentials do – a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything or violated a policy. Yet that single key, which was easily accessible to a minor-league attacker, could have…
-
P2PInfect Botnet Targets Kubernetes via Exposed Redis
A persistent P2Pinfect botnet campaign targeting Google Kubernetes Engine (GKE) clusters through exposed Redis instances, highlighting how a single cloud misconfiguration can enable long-term compromise. In several investigated environments, attackers maintained access for up to six months, with consistent botnet activity detected through FortiCNAPP composite alerts. The intrusion chain began with publicly exposed Redis services,…
-
P2PInfect Botnet Targets Kubernetes via Exposed Redis
A persistent P2Pinfect botnet campaign targeting Google Kubernetes Engine (GKE) clusters through exposed Redis instances, highlighting how a single cloud misconfiguration can enable long-term compromise. In several investigated environments, attackers maintained access for up to six months, with consistent botnet activity detected through FortiCNAPP composite alerts. The intrusion chain began with publicly exposed Redis services,…
-
Kritische Sicherheitslücken – Hacker schmuggeln bösartigen Code in S/4HANA und Commerce Cloud
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-sap-luecken-s4hana-enterprise-search-commerce-cloud-a-20786255ab6f2eaef179986862cf9f13/
-
Third-Party Risk Management Needs to Evolve
Annual vendor risk assessments are no longer enough as AI, cloud services, and fourth-party ecosystems rapidly expand risk exposure. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/third-party-risk-management-needs-to-evolve/
-
Bulgaria fires up Google Cloud for national cyber security
The Bulgarian national systems integrator, BIS, has deployed Google Cloud’s Cybershield government security service as part of a national federated SOC deployment. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643458/Bulgaria-fires-up-Google-Cloud-for-national-cyber-security
-
Digitale Souveränität: Thales und Google Cloud kündigen von USA unabhängige Cloud an
Thales und Google Cloud wollen mit einer neuen Plattform deutsche Daten vor Zugriffen aus den USA schützen. First seen on golem.de Jump to article: www.golem.de/news/digitale-souveraenitaet-thales-und-google-cloud-kuendigen-von-usa-unabhaengige-cloud-an-2605-208888.html
-
Avoid expensive AI agents with these five design imperatives
Dell Technologies’ chief operating officer Jeff Clarke offers a blueprint for the AI-native enterprise, warning that failing to integrate data and control tokenomics will result in high cloud bills and fragmented tools First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643493/Avoid-expensive-AI-agents-with-these-five-design-imperatives
-
GraphWorm Malware Abuses Microsoft OneDrive for Stealthy C2 Operations
A new activity from Webworm, a China-aligned advanced persistent threat (APT) group, revealing a significant evolution in its cyber espionage toolkit during 2025. The group, first publicly documented in 2022, has shifted its targeting from primarily Asian organizations to government entities across Europe, while adopting stealthier techniques and cloud-based command-and-control (C2) infrastructure. One of the…
-
GraphWorm Malware Abuses Microsoft OneDrive for Stealthy C2 Operations
A new activity from Webworm, a China-aligned advanced persistent threat (APT) group, revealing a significant evolution in its cyber espionage toolkit during 2025. The group, first publicly documented in 2022, has shifted its targeting from primarily Asian organizations to government entities across Europe, while adopting stealthier techniques and cloud-based command-and-control (C2) infrastructure. One of the…
-
Railway: Google sperrt Kundenkonto und legt ganze Cloudplattform lahm
Die Cloud-Deployment-Plattform Railway hat einen mehrstündigen Ausfall gehabt. Ursache ist ein plötzlich und unerwartet gesperrtes Google-Cloud-Konto gewesen. First seen on golem.de Jump to article: www.golem.de/news/railway-google-sperrt-kundenkonto-und-legt-ganze-cloudplattform-lahm-2605-208869.html
-
Qualys knackt höchste US-Sicherheitsstufe: FedRAMP High für TotalCloud
Mit der FedRAMP-High-Zulassung positioniert sich Qualys zunehmend als Anbieter für Cloud-native Sicherheitsplattformen im Behördenumfeld. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/qualys-knackt-hoechste-us-sicherheitsstufe-fedramp-high-fuer-totalcloud/a45219/
-
As AI costs spiral, Dell pitches return to on-premise datacentres
With agentic AI driving up public cloud consumption, Dell Technologies is pitching local and hybrid infrastructure to shield enterprises from soaring token costs First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643353/As-AI-costs-spiral-Dell-pitches-return-to-on-premise-datacentres
-
The Invisible Workforce: Why Your Household Apps Now Have Their Own Digital IDs
Most people understand what it means to protect a human identity because the dangers of someone impersonating you online or stealing and cloning your card are immediately obvious. Today, organisations rely on thousands of non-human identities that belong to software applications, cloud workloads, APIs, bots, and now AI agents as well, which can affect almost…
-
US cyber agency CISA exposed reams of passwords and cloud keys to the open web
The federal cybersecurity agency left plaintext passwords in a spreadsheet uploaded to a public GitHub repository, per a report by independent journalist Brian Krebs. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/19/us-cyber-agency-cisa-exposed-reams-of-passwords-and-cloud-keys-to-the-open-web/
-
Qualys erhält FedRAMP-Zulassung der Stufe ‘High” für <> und bietet nun Schutz von Cloud-Workloads für Behörden
Qualys gibt bekannt, dass seine <>-Lösung die FedRAMP-High-Zulassung erhalten hat, die von der US-Drogenbekämpfungsbehörde (DEA) gefördert wird. Dieser Meilenstein erweitert den FedRAMP-High-Status der Qualys-Government-Platform um die Cloud-Native-Application-Protection-Platform (CNAPP). Qualys-Totalcloud ist nun im FedRAMP-Marketplace gelistet, sodass Bundesbehörden, Lieferanten und stark regulierte Branchen die umfassenden Cloud-Sicherheitsfunktionen nutzen können. Die FedRAMP-High-Zulassung stellt die strengste Compliance-Stufe innerhalb des Federal-Risk…
-
Looking Back, Looking Forward: Digesting a Dynamic Bouillabaisse of Cyber Evolution
Dark Reading editors reflect on two decades of dramatic change, from perimeter defense to assume-breach strategies, and warn that while AI, cloud, and COVID-19 have transformed the threat landscape, organizations are still failing at fundamental security hygiene that could stop sophisticated attacks in their tracks. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/looking-back-looking-forward-bouillabaisse-cyber-evolution
-
(g+) Zero Trust: Abschied vom klassischen Perimeter
Homeoffice, Cloud und mobile Geräte sprengen alte Security-Konzepte – Zero Trust verspricht maximale Sicherheit für die geänderten Rahmenbedingungen. First seen on golem.de Jump to article: www.golem.de/news/zero-trust-abschied-vom-klassischen-perimeter-2605-208812.html
-
7 tips for accelerating cyber incident recovery
Tags: attack, awareness, backup, breach, business, ceo, cio, ciso, cloud, communications, control, cyber, cybersecurity, data, defense, finance, framework, governance, incident, incident response, infection, insurance, international, lessons-learned, malicious, malware, monitoring, nist, risk, service, technology, threat, updateEmphasize scoping and containment from the outset: Because you can’t recover from what you can’t stop, scoping and containment should be the absolute first priority during incident recovery, says Amit Basu, CIO and CISO at freight shipping firm International Seaway.”Before anything else, you must stop the bleeding,” he says. This means understanding the true scope…
-
Hackers Exploit Entra ID Accounts to Steal Microsoft 365, Azure Data
Hackers Abuse Microsoft Entra ID Accounts to Exfiltrate Microsoft 365 and Azure Data. A highly sophisticated cyberattack campaign carried out by a threat actor tracked as Storm-2949, targeting Microsoft Entra ID accounts to steal sensitive data from Microsoft 365 and Azure environments. Instead of deploying malicious payloads, Storm-2949 abused legitimate cloud management features to gain…
-
Microsoft Details Storm-2949 Cloud Attack on Azure and Microsoft 365
Tags: attack, breach, cloud, cyberattack, data, identity, infrastructure, intelligence, microsoft, service, theft, threatMicrosoft Threat Intelligence has disclosed details of a cyberattack carried out by a threat actor tracked as Storm-2949, which escalated from a targeted identity compromise into a large-scale breach of cloud infrastructure and sensitive enterprise systems. The campaign focused heavily on data theft from Microsoft 365 services, Azure-hosted production environments, and cloud storage resources, demonstrating how compromised identities can…
-
Dell Technologies Bets on AI Infrastructure
Dell Conference Speakers Say 67% of AI Innovation Is Running Outside the Cloud Dell predicts up to $4 trillion in AI infrastructure investment by 2030, with 67% of AI workloads are already run outside the cloud. If this estimate is even roughly correct, the idea that enterprise AI mainly exists in hyperscaler environments is more…
-
Compromised Nx Console VS Code Extension Steals Developer and Cloud Secrets
Nx Console’s popular VS Code extension was briefly weaponized into a credential-stealing tool that can leak developer and cloud secrets and plant a persistent backdoor. Anyone who installed v18.95.0 should treat their environment as fully compromised. On May 18, 2026, a malicious build of the Nx Console VS Code extension, nrwl.angular-console v18.95.0 was published to the Visual…
-
Secure, Fast, Reliable: The Best Cloud Storage Providers for Businesses in 2026
Discover the X best business cloud storage providers of 2026. Secure, fast, and reliable solutions reviewed to streamline your workflow. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/cloud/best-cloud-storage-for-business/
-
âš¡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted.The pattern is clear. One weak dependency can leak keys. One leaked key…
-
Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq
A hotel check-in system exposed over 1 million passports, IDs, and selfies online due to a misconfigured cloud storage bucket. A security lapse in the Reqrea’s Tabiq hotel check-in system exposed over 1 million passports, driver’s licenses, and selfie verification photos online. The issue came from a misconfigured Amazon cloud storage bucket that was left…
-
Kriminelle Konkurrenz – Hacker verdrängen andere Hacker aus kompromittierten Cloud-Systemen
First seen on security-insider.de Jump to article: www.security-insider.de/pcpjack-hacker-kapern-teampcp-systeme-cloud-a-5172799969181a22e6cd9dc02acee0cf/
-
Developer Workstations Are Now Part of the Software Supply Chain
Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns hit npm, PyPI, and Docker Hub in a 48-hour window, and all three targeted secrets from developer environments and CI/CD pipelines, including API keys, cloud…
-
Why the best security investment a board can make in 2026 isn’t another tool
Tags: access, ai, api, attack, automation, breach, cloud, credentials, data, detection, endpoint, governance, monitoring, network, risk, service, technology, toolAttackers don’t break through your defenses. They walk between them: The most effective attacks today don’t target any single tool’s coverage area. They move through the seams. An attacker who compromises a valid credential doesn’t trigger endpoint detection. An attacker who moves from one cloud service to another using legitimate trust relationships doesn’t trip network…
-
Hackers Abuse Cloudflare Storage to Exfiltrate Network Files
A sophisticated cyber espionage campaign targeting multiple Malaysian organizations has been uncovered, revealing a highly structured attack chain that blends custom tooling, cloud infrastructure, and stealthy data exfiltration. At the center of the operation is an Azure virtual machine (IP: 20.17.161.118) used to orchestrate attacks across government-linked networks. The infrastructure contained a wide range of…