Cloud Security | News, how-tos, features, reviews, and videos
Vulnerabilities affect data center services commonly used by organizations and could be exploited by attackers to gain system access and perform remote code execution.
Exploiting Cloudflare Tunnel requires little skill and potentially could compromise and entire network.
A new proof of concept shows that attackers can use Azure AD CTS to leap to Microsoft and non-Microsoft application across tenants.
Permissions for predefined Google Cloud Build user roles can be abused for privilege escalation.
Threat actors are concealing campaigns to evade detection and establish stronger footholds in compromised systems.
Threat actors now use Legion to steal AWS-specific credentials from web servers to enable email and SMS spam campaigns.
Cloud threat detection and response vendor has applied ChatGPT features to its platform in two distinct ways — earlier detection of malicious activity and explicability of attacks as they progress.
The quickly fixed flaw could have allowed attackers to take over accounts in the CDE and perform remote code execution.
A demonstrated attack by cybersecurity researchers in IBM’s cloud infrastructure were able to gain access to the internal server used to build database images for customer deployments.
Meta researchers say their Online Operations Kill Chain framework offers a common taxonomy to understand the threat landscape and spot vulnerabilities.