Articles about Cloud

A new report from Sysdig highlights the growing cost and scale of cloud attacks and the evolution of tactics being used by attackers.

Among the findings are that over $100,000 is lost per day to AI resource jacking. It hasn't taken long for threat actors to leverage stolen cloud access to exploit large language models (LLMs), as illustrated by an LLMjacking attack that left one victim on the hook for $30,000 in just three hours. Left unchecked, an LLMjacking operation can cost more than $100,000 per day.

Continue reading →

Long-lived credentials on major cloud platforms continue to be a huge risk for organizations, according to a new report from Datadog.

Long-lived cloud credentials never expire and frequently get leaked in source code, container images, build logs and application artifacts, making them a major security risk. The report finds that 46 percent of organizations are still using unmanaged users with long-lived credentials.

Continue reading →

Unless you’re an Olympic athlete, you probably don’t want a stopwatch tracking your performance -- pushing you to work harder and move faster. But, according to Six Degrees’ newly published independent research, one in five IT decision-makers at SMEs feel that the clock is on them when implementing public cloud migration projects.

Six Degrees’ UK SME Cloud Intelligence Report 2024 found that the extent to which IT decision-makers feel rushed varies considerably between sectors. Finance and insurance (57 percent), blue light (55 percent) and education (42 percent) are impacted the most compared to those working in government (33 percent), healthcare (32 percent) and manufacturing (29 percent).

Continue reading →

Organizations are facing an ever-growing volume of risk alerts spread across multiple, disconnected top-10 dashboards. This fragmented view can result in conflicting analyses, duplicate work, missed threats, and strategies that fail to fully protect the organization.

Cloud-based security firm Qualys is addressing this with the launch of a new Risk Operations Center (ROC) with Enterprise TruRisk Management (ETM) that enables CISOs and business leaders to manage cybersecurity risks in real time, transforming fragmented, siloed data into actionable insights that align cyber risk operations with business priorities.

Continue reading →

It might sound like a Chinese secret society, but a new report warns that a 'toxic cloud triad' of publicly exposed, critically vulnerable and highly privileged cloud workloads is putting almost four in 10 organizations at risk.

Security gaps caused by misconfigurations, risky entitlements and vulnerabilities combine to dramatically increase cloud risk according to the Tenable Cloud Risk Report.

Continue reading →

Around a quarter of businesses don't know where their sensitive data is according to a new report from Normalyze and the Enterprise Strategy Group (ESG).

As enterprises move more operations to the cloud, the volume and exposure of sensitive data stored in public cloud services is also rapidly increasing. Despite efforts by security teams to manage data risks, many organizations lack clarity on where data is located, how sensitive it is, and who has access to it.

Continue reading →

A new report from IBM X-Force looks at the biggest risks enterprises are facing and highlights how attackers know that credentials are the keys to cloud environments, making them highly sought-after on dark web marketplaces.

Attackers are using phishing, keylogging, watering hole and brute force attacks to harvest credentials. Also dark web research highlights the popularity of infostealers, used to steal cloud platform and service-specific credentials.

Continue reading →

Traditional processes for ensuring employees have the right levels of access to systems have come under strain and become harder to manage because of the spread of cloud-based software.

A new AI-powered identity governance and administration (IGA) platform from Zilla Security aims to tackle the long-standing challenge of managing hundreds of roles or group membership rules to ensure organizations give users job-appropriate access.

Continue reading →

Swiss company Proton is known for its privacy focused solutions including secure mail, VPN and password manager. Today the company launches a new service, Proton Drive for Business.

This is a comprehensive solution designed to provide secure and private cloud storage, file sharing, and real-time document collaboration for organizations. In an era where data breaches and unauthorized use of company documents are common, this new service offers security and privacy to businesses of all sizes, with end-to-end encryption.

Continue reading →

Biometric access control, video surveillance, and intrusion alarms enhance on-site protection by promptly addressing unauthorized access -- these advanced systems monitor who enters your facilities and allow for real-time responses to incidents.

Meanwhile, cybersecurity remains a key aspect of business demanding great attention. The emergence of generative AI and automation technologies can evaluate threats and make decisions significantly faster, heightening the effect of your defense mechanisms.

Continue reading →

With more business applications and data existing outside of the traditional network perimeter and across multiple clouds, organizations have a harder job than ever before to maintain security and reliability of critical services. This challenge is shared by the majority of IT leaders -- as 81 percent recently surveyed believe the increasing number of cloud applications is adding additional pressure on network performance.

This issue is heightened by the 44 percent of UK workers that now work remotely. Every new remote worker and device added to the organization's network, also expands its attack surface. In fact, 85 percent of IT leaders say remote and hybrid working has contributed to an increase in network security threats. Over two-thirds (69 percent) of UK organizations have experienced an increase in network security threats in the past 18 months.

Continue reading →

A new study reveals that 93 percent of enterprise platform teams face persistent challenges with cloud costs, Kubernetes complexity and developer productivity.

The research from Rafay Systems shows that despite the widespread adoption of platform teams within IT organizations, survey respondents across the board confirm that these teams often are stretched to their limits managing complex multi-cluster Kubernetes and cloud environments.

Continue reading →

Tenant-to-tenant cloud migrations have become pivotal for organizations striving to boost operational efficiencies and seamlessly adapt to dynamic changes such as mergers, acquisitions, and organizational restructuring.

These migrations are about more than transferring data and applications between cloud environments. They also represent a strategic move towards greater scalability and improved resource management, enabling businesses to respond more agilely to market demands and growth opportunities.

Continue reading →

July 19th 2024 will go down as a tough day for many IT teams, and the day started even worse for businesses using Microsoft Azure and its supported services. In addition to the widely publicized global outage caused by a CrowdStrike update, Microsoft Azure's Central US Region was down for five hours due to an unrelated failure, impacting millions of business users worldwide.

As if that wasn't enough, less than two weeks later, Microsoft Azure experienced another global outage lasting more than six hours. According to the company's service status page, it was Microsoft's 8th service status-related incident.

Continue reading →

Covering one of the most important subjects to our society today, Deep Learning Approaches to Cloud Security delves into solutions taken from evolving deep learning approaches, solutions allowing computers to learn from experience and understand the world in terms of a hierarchy of concepts, with each concept defined through its relation to simpler concepts.

Deep learning is the fastest growing field in computer science. Deep learning algorithms and techniques are found to be useful in different areas like automatic machine translation, automatic handwriting generation, visual recognition, fraud detection, and detecting developmental delay in children. However, applying deep learning techniques or algorithms successfully in these areas needs a concerted effort, fostering integrative research between experts ranging from diverse disciplines from data science to visualization.

Continue reading →