Tag: cloud
-
5 questions CISOs should ask vendors
2. Will it reduce my workload, add value or improve operations?: A common starting point is to ask questions about how a new tool will reduce workload, minimize risk, improve resilience or simplify operations.Basu wants to know whether the product can consolidate capabilities instead of adding yet another point solution. “Without that, each tool only…
-
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials
Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS).The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF) that…
-
Datensicherheit wird vernachlässigt – Mega-Trend Cloud, aber zu wenig Bewusstsein für die Risiken
First seen on security-insider.de Jump to article: www.security-insider.de/mega-trend-cloud-aber-zu-wenig-bewusstsein-fuer-die-risiken-a-82c564ede2fcd967eaa5ca33c9feb8a5/
-
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials
Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS).The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF) that…
-
Datensicherheit wird vernachlässigt – Mega-Trend Cloud, aber zu wenig Bewusstsein für die Risiken
First seen on security-insider.de Jump to article: www.security-insider.de/mega-trend-cloud-aber-zu-wenig-bewusstsein-fuer-die-risiken-a-82c564ede2fcd967eaa5ca33c9feb8a5/
-
Application Security Posture Management ein Kaufratgeber
Tags: application-security, cloud, compliance, container, gartner, supply-chain, tool, vulnerabilityUm eine geeignete ASPM-Plattform auswählen zu können, ist ein tiefgreifendes Verständnis der eigenen Applikationsstruktur unerlässlich.Ähnlich wie Cyberbedrohungen sind auch die Anwendungen von Unternehmen mit der Zeit immer komplexer geworden. Das liegt vor allem daran, dass sie in einer Vielzahl von Domänen betrieben werden etwa der Cloud, Containern oder lokalen Systemen. Traditionelle Security-Tools stellt das vor…
-
Application Security Posture Management ein Kaufratgeber
Tags: application-security, cloud, compliance, container, gartner, supply-chain, tool, vulnerabilityUm eine geeignete ASPM-Plattform auswählen zu können, ist ein tiefgreifendes Verständnis der eigenen Applikationsstruktur unerlässlich.Ähnlich wie Cyberbedrohungen sind auch die Anwendungen von Unternehmen mit der Zeit immer komplexer geworden. Das liegt vor allem daran, dass sie in einer Vielzahl von Domänen betrieben werden etwa der Cloud, Containern oder lokalen Systemen. Traditionelle Security-Tools stellt das vor…
-
Exposed Docker Daemons Fuel DDoS Botnet
The for-hire platform leverages legitimate cloud-native tools to make detection and disruption harder for defenders and SOC analysts. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/exposed-docker-daemons-fuel-ddos-botnet
-
Service Accounts in Active Directory: These OG NHIs Could Be Your Weakest Link
While non-human identities (NHIs) in cloud and SaaS operations may be getting lots of attention right now, securing your Active Directory service accounts can go a long way in reducing risk. Here are three steps you can take right now. Key takeaways Expect sprawl: Agentic AI and cloud native development accelerate non-human identity (NHI) growth. …
-
How Webb City School District Improved Google Security and Safety Without Adding Costs
Systems Engineer shares how Cloud Monitor streamlines investigations, secures PII, and provides peace of mind without increasing his budget Webb City School District in Missouri serves approximately 4,500 students and employs around 500 staff members. The district primarily uses Google Workspace for communication, collaboration, and data storage with students and staff. “Before Cloud Monitor, we…
-
SonicWall customers warned about brute force attacks against cloud backup service
Hackers have gained access to key information that could help exploit firewalls. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/sonicwall-brute-force-attacks-cloud-backup/760890/
-
ShadowV2 turns DDoS into a cloud-native subscription service
From botnet to business platform: ShadowV2 is not just malware, it is a marketplace. Darktrace uncovered a full operator interface built with Tailwind and FastAPI, complete with Swagger documentation, admin and user privilege tiers, blacklists, and modular attack options. The design mirrors legitimate SaaS platforms, featuring dashboards and animations that make DDoS as easy as…
-
ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoSHire Service
Cybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service (DDoS) attacks against targets of interest.The ShadowV2 botnet, according to Darktrace, predominantly targets misconfigured Docker containers on Amazon Web Services (AWS) cloud servers to deploy a Go-based malware that turns infected systems into attack nodes First seen…
-
OAuth-Token-Leck Weckruf für Supply-Chain-Risikomanagement
Cloud-Dienste und SaaS-Anwendungen sind aus dem Unternehmensalltag nicht mehr wegzudenken. Sie steigern Effizienz, vereinfachen Prozesse und ermöglichen flexible Zusammenarbeit. Gleichzeitig entstehen jedoch immer komplexere Integrationen zwischen verschiedenen Plattformen und genau diese Schnittstellen entwickeln sich zunehmend zu einem kritischen Einfallstor für Angriffe. Wer die Vorteile der Cloud nutzt, muss daher auch die wachsenden Sicherheitsrisiken im […]…
-
Enterprise Security and Digital Transformation in 2025 Navigating Risks and Opportunities
Explore how enterprise security aligns with digital transformation in 2025, leveraging AI, cloud, and risk management for resilient growth. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/enterprise-security-and-digital-transformation-in-2025-navigating-risks-and-opportunities/
-
$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations
Researchers earned $150K for “L1TF Reloaded,” combining L1TF and half-Spectre to leak VM memory from public clouds despite mitigations. Researchers from Vrije Universiteit Amsterdam earned $150K for exploiting L1TF Reloaded, a flaw combining L1TF (Foreshadow) and half-Spectre. The attack bypasses prior mitigations, showing that transient CPU vulnerabilities remain practical and can leak memory from VMs…
-
Hackers Abuse IMDS Service for Cloud Initial Access
Cloud environments rely on the Instance Metadata Service (IMDS) to provide virtual machines with temporary credentials and essential configuration data. IMDS allows applications to securely retrieve credentials without embedding secrets in code or configuration files. However, threat actors have found ways to misuse this convenience, turning IMDS into a springboard for stealing credentials, moving laterally,…
-
Hackers Abuse IMDS Service for Cloud Initial Access
Cloud environments rely on the Instance Metadata Service (IMDS) to provide virtual machines with temporary credentials and essential configuration data. IMDS allows applications to securely retrieve credentials without embedding secrets in code or configuration files. However, threat actors have found ways to misuse this convenience, turning IMDS into a springboard for stealing credentials, moving laterally,…
-
6 novel ways to use AI in cybersecurity
Tags: access, ai, attack, authentication, business, ceo, cloud, cyberattack, cybersecurity, data, defense, detection, email, infrastructure, intelligence, malicious, malware, network, phishing, risk, service, tactics, technology, threat, tool, training2. Machine-learning generative adversarial networks: Michel Sahyoun, chief solutions architect with cybersecurity technology firm NopalCyber, recommends using generative adversarial networks (GANs) to create, as well as protect against, highly sophisticated previously unseen cyberattacks. “This technique enables cybersecurity systems to learn and adapt by training against a very large number of simulated threats,” he says.GANs allow…
-
6 novel ways to use AI in cybersecurity
Tags: access, ai, attack, authentication, business, ceo, cloud, cyberattack, cybersecurity, data, defense, detection, email, infrastructure, intelligence, malicious, malware, network, phishing, risk, service, tactics, technology, threat, tool, training2. Machine-learning generative adversarial networks: Michel Sahyoun, chief solutions architect with cybersecurity technology firm NopalCyber, recommends using generative adversarial networks (GANs) to create, as well as protect against, highly sophisticated previously unseen cyberattacks. “This technique enables cybersecurity systems to learn and adapt by training against a very large number of simulated threats,” he says.GANs allow…
-
Anton’s Security Blog Quarterly Q3 2025
Tags: ai, automation, breach, ciso, cloud, cyber, defense, detection, edr, google, governance, guide, metric, office, RedTeam, risk, siem, soc, software, supply-chain, threat, vulnerability, vulnerability-management, zero-trustAmazingly, Medium has fixed the stats so my blog / podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify). Gemini for docs based on this blog Top 10 posts with the most…
-
Technical Analysis of Zloader Updates
Tags: access, attack, banking, cloud, communications, control, corporate, data, data-breach, detection, dns, encryption, malware, network, ransomware, strategy, threat, update, windowsIntroductionZloader (a.k.a. Terdot, DELoader, or Silent Night) is a Zeus-based modular trojan that emerged in 2015. Zloader was originally designed to facilitate banking, but has since been repurposed for initial access, providing an entry point into corporate environments for the deployment of ransomware. Following an almost two-year hiatus, Zloader reemerged in September 2023 with significant enhancements…
-
Schutz, Compliance, Flexibilität: – Die Zukunft der E-Mail-Sicherheit liegt in der Cloud
First seen on security-insider.de Jump to article: www.security-insider.de/cloud-basierte-email-sicherheitsloesungen-retarus-a-20a775fc24e78e27f27bbbb5c16ba5b9/
-
God Mode Vulnerability Lets Attackers Access Any Resource in Microsoft Cloud Tenants
A recently disclosed flaw, tracked as CVE-2025-55241, allowed any attacker in possession of a single “Actor token” from a test or lab tenant to assume full administrative control overeveryMicrosoft Entra ID (Azure AD) customer globally. Security researcher Dirk-Jan Mollema revealed that a critical validation error in Microsoft’s token-based service communication could have turned a low-privilege…
-
CSO Awards winners highlight security innovation and transformation
Tags: ai, attack, automation, awareness, best-practice, business, ciso, cloud, compliance, conference, control, cyber, cybersecurity, data, defense, detection, finance, flaw, framework, governance, group, guide, infrastructure, intelligence, login, malicious, metric, mitre, network, penetration-testing, phishing, privacy, programming, risk, risk-management, service, siem, skills, soc, software, technology, threat, tool, training, update, vulnerability, vulnerability-managementFSU tackles third-party risk with tighter vendor management program: Organization: Florida State UniversityProject: Third-Party Risk Management ProgramSecurity leader: Bill Hunkapiller, CISOOfficials at Florida State University wanted to ensure that data shared with outside entities was well protected. To achieve that, CISO Bill Hunkapiller and his team revamped its third-party risk management program so that the…
-
Pentagon Bans China-Based Engineers Over Hacking Concerns
The Pentagon bans China-based staff from cloud work after reports warn of espionage risks and urge tighter supply chain security. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/pentagon-bans-china-based-engineers-over-hacking-concerns/
-
Stay Ahead with Advanced NHI Monitoring
How Secure is Your Organization’s Cloud Environment? Could your organization be overlooking the vital role of Non-Human Identities (NHIs) in cybersecurity? Where cloud environments are ubiquitous, ensuring their security is paramount. NHIs, which are essentially machine identities, facilitate critical functions in cloud-based systems but, if mismanaged, can expose organizations to severe risks. The growing complexity……
-
Gain Confidence with Stronger Cloud Defenses
How Can Non-Human Identities Fortify Your Cloud Security Strategy? When thinking about cybersecurity, how often do you consider the role of Non-Human Identities (NHIs)? With more organizations migrate to cloud-based systems, managing these machine identities has become critical to maintaining secure cloud. NHIs, which encompass encrypted passwords, tokens, and keys, function like digital passports and……
-
Hackers Steal SonicWall Firewall Configurations
Hackers Accessed Backup Firewall Preference Files. Firewall maker SonicWall is telling customers to reset credentials after hackers stole firewall configuration backup files stored in its cloud service. Hackers launched brute force attacks against servers storing backup files. They stole configuration data of roughly 5% of the install base. First seen on govinfosecurity.com Jump to article:…
-
Microsoft thinks cloud PCs might be overkill, starts streaming just apps under Windows 365
As old-school virtual desktop player Omnissa distances itself further from VMware First seen on theregister.com Jump to article: www.theregister.com/2025/09/18/microsoft_cloud_apps_omnissa_update/