Cyber Security Minute » Cloud Security
228 FOLLOWERS
Cyber Security Minute delivers constantly updated press releases and blog posts covering today's cloud security issues. Whether you're looking for updates on the latest cloud security threats, or for new solutions to protect your business, our editorial team will keep you informed with a fresh stream of news. Find out more by following our feed.
Cyber Security Minute » Cloud Security
4M ago
The latest security announcements from Amazon aim to address a wide range of security issues for businesses, including an all-in-one hand-scanning biometric system and new capabilities for its Detective security visualization tool and GuardDuty continuous monitoring solution.
Amazon One Enterprise is the most novel of the company’s announcements, which were made this week at its AWS re:Invent event in Las Vegas. One Enterprise is a palm-based identity tool for both physical and digital security — users can authenticate using a handprint, instead of carrying an access fob for building access, o ..read more
Cyber Security Minute » Cloud Security
4M ago
Bringing its security and data analysis capabilities to a new potential audience, data security and multicloud data management provider Cohesity is now taking signups for access to its Turing generative AI features via Amazon’s Bedrock front-end for cloud-based AI.
Cohesity Turing’s AWS-available features, the company announced Monday, will center on three main areas. The first is data management, security and analysis via Cohesity Data Cloud, providing for secure indexing of data and letting users use the Turing AI’s capabilities to glean new insights into their data, and allowing the system ..read more
Cyber Security Minute » Cloud Security
5M ago
As organizations increasingly move their data and workloads to the cloud, securing cloud identities has become paramount. Identities are the keys to accessing cloud resources, and, if compromised, they enable attackers to gain access to sensitive data and systems.
Most attacks we see today are client-side attacks, in which attackers compromise someone’s account and use their privileges to move laterally and access sensitive data and resources. To prevent this, you need visibility into your cloud’s identity infrastructure. Unless you know the identity of all the people and objects that are acce ..read more
Cyber Security Minute » Cloud Security
6M ago
Cisco’s massive $28 billion acquisition of Splunk in September was the financial highlight of a quarter during which several other vendors also made strategic purchases to position themselves for emerging enterprise requirements around cloud, application, and identity security.
The acquisitions added to a better-than-expected quarter ended Sept. 30, 2023, with venture funding also picking up steam after a slowdown earlier this year following the collapse of Silicon Valley Bank. IPO activity showed early signs of a revival for the first time since late 2021 and provided further evidence of the ..read more
Cyber Security Minute » Cloud Security
7M ago
Lacework, the data-driven cloud security company, today announced an expansion of its partnership with Google Cloud. Several new features will allow joint customers to innovate even faster in Google Cloud environments with the confidence that their cloud environment is even more secure. Customers can now choose to have the full Lacework platform, which provides data-driven protection from code to cloud from a single location, on Google Cloud to leverage its unique benefits. Further enhancements like low latency ingestion of Google Cloud audit logs events activity, Lacework Query Language (LQL ..read more
Cyber Security Minute » Cloud Security
9M ago
Researchers warn that a permission associated with the Google Cloud Build service in Google Cloud can be easily abused by attackers with access to a regular account to elevate their privileges and potentially poison container images used in production environments. Google Cloud Build is a CI/CD platform that allows organizations and developers to execute code building tasks on Google Cloud in a variety of programming languages. The service supports importing source code from repositories and cloud storage locations, builds the code based on a configured specification, and produces artifacts su ..read more
Cyber Security Minute » Cloud Security
10M ago
This month, Netflix stumbled backward into a policy that may have lasting security benefits for users. Its accidental pro-customer safety move could be an object lesson for other business-to-consumer (B2C) organizations looking to improve customer account security.
The streaming giant brought its new “household” policy to US customers on May 23. From now on, accounts will be restricted to a single Wi-Fi network and related mobile devices (with certain exceptions). It’s a shot in the arm to cure a post-COVID hangover, boosting user growth after months of stagnation and investor skittishness.
Th ..read more
Cyber Security Minute » Cloud Security
1y ago
Recent destructive attacks against organizations that masquerade as a ransomware operation called DarkBit are likely performed by an advanced persistent threat (APT) group that’s affiliated with the Iranian government. During some of these operations the attackers didn’t limit themselves to on-premises systems but jumped into victims’ Azure AD environments where they deleted assets including entire server farms and storage accounts.
Researchers from Microsoft track this cluster of malicious activity under the temporary identifier DEV-1084, but they found strong links between it and resources a ..read more
Cyber Security Minute » Cloud Security
1y ago
Managing identities and their access permissions is becoming more complicated. Digital sprawl has led to an explosion in permissions across multicloud environments, and consistent oversight is lacking. As many as 99% of cloud permissions are going unused, and this represents a significant risk for enterprise businesses.
As more organizations transition to Zero Trust security models, traditional identity and access management (IAM) models must evolve in kind. These new models should deliver comprehensive identity and permissions management for any cloud deployment while ensuring security and ma ..read more
Cyber Security Minute » Cloud Security
1y ago
Although only seeing tepid adoption to date, adaptive access and authentication is set to gain steam among businesses this year as organizations pursue zero-trust capabilities that grant and restrict access to data and systems based on context.
In the latest sign of life in the evolving industry, startup company Oleria announced on March 21 that it had jumped into the market for providing adaptive access that can keep applications secure and allow access while minimizing blind spots and the overprovisioning of privileges. The company’s executives maintained that easing deployment of granular a ..read more