Amazon debuts biometric security device, updates Detective and GuardDuty
Cyber Security Minute » Cloud Security
by ITCurated
4M ago
The latest security announcements from Amazon aim to address a wide range of security issues for businesses, including an all-in-one hand-scanning biometric system and new capabilities for its Detective security visualization tool and GuardDuty continuous monitoring solution. Amazon One Enterprise is the most novel of the company’s announcements, which were made this week at its AWS re:Invent event in Las Vegas. One Enterprise is a palm-based identity tool for both physical and digital security — users can authenticate using a handprint, instead of carrying an access fob for building access, o ..read more
Visit website
Cohesity taps Amazon for generative AI, cloud-based security
Cyber Security Minute » Cloud Security
by ITCurated
4M ago
Bringing its security and data analysis capabilities to a new potential audience, data security and multicloud data management provider Cohesity is now taking signups for access to its Turing generative AI features via Amazon’s Bedrock front-end for cloud-based AI. Cohesity Turing’s AWS-available features, the company announced Monday, will center on three main areas. The first is data management, security and analysis via Cohesity Data Cloud, providing for secure indexing of data and letting users use the Turing AI’s capabilities to glean new insights into their data, and allowing the system ..read more
Visit website
Securing Cloud Identities to Protect Assets and Minimize Risk
Cyber Security Minute » Cloud Security
by Glen Pendley, Chief Technology Officer, Tenable
5M ago
As organizations increasingly move their data and workloads to the cloud, securing cloud identities has become paramount. Identities are the keys to accessing cloud resources, and, if compromised, they enable attackers to gain access to sensitive data and systems. Most attacks we see today are client-side attacks, in which attackers compromise someone’s account and use their privileges to move laterally and access sensitive data and resources. To prevent this, you need visibility into your cloud’s identity infrastructure. Unless you know the identity of all the people and objects that are acce ..read more
Visit website
Cloud Security Demand Drives Better Cyber-Firm Valuations — and Deals
Cyber Security Minute » Cloud Security
by Jai Vijayan, Contributing Writer, Dark Reading
6M ago
Cisco’s massive $28 billion acquisition of Splunk in September was the financial highlight of a quarter during which several other vendors also made strategic purchases to position themselves for emerging enterprise requirements around cloud, application, and identity security. The acquisitions added to a better-than-expected quarter ended Sept. 30, 2023, with venture funding also picking up steam after a slowdown earlier this year following the collapse of Silicon Valley Bank. IPO activity showed early signs of a revival for the first time since late 2021 and provided further evidence of the ..read more
Visit website
Lacework Expands Partnership With Google Cloud to Deliver Enterprise Flexibility in the Cloud
Cyber Security Minute » Cloud Security
by ITCurated
7M ago
Lacework, the data-driven cloud security company, today announced an expansion of its partnership with Google Cloud. Several new features will allow joint customers to innovate even faster in Google Cloud environments with the confidence that their cloud environment is even more secure. Customers can now choose to have the full Lacework platform, which provides data-driven protection from code to cloud from a single location, on Google Cloud to leverage its unique benefits. Further enhancements like low latency ingestion of Google Cloud audit logs events activity, Lacework Query Language (LQL ..read more
Visit website
Attackers can abuse Google Cloud Build to poison production environments
Cyber Security Minute » Cloud Security
by ITCurated
9M ago
Researchers warn that a permission associated with the Google Cloud Build service in Google Cloud can be easily abused by attackers with access to a regular account to elevate their privileges and potentially poison container images used in production environments. Google Cloud Build is a CI/CD platform that allows organizations and developers to execute code building tasks on Google Cloud in a variety of programming languages. The service supports importing source code from repositories and cloud storage locations, builds the code based on a configured specification, and produces artifacts su ..read more
Visit website
Can Cloud Services Encourage Better Login Security? Netflix’s Accidental Model
Cyber Security Minute » Cloud Security
by Nate Nelson, Contributing Writer, Dark Reading
10M ago
This month, Netflix stumbled backward into a policy that may have lasting security benefits for users. Its accidental pro-customer safety move could be an object lesson for other business-to-consumer (B2C) organizations looking to improve customer account security. The streaming giant brought its new “household” policy to US customers on May 23. From now on, accounts will be restricted to a single Wi-Fi network and related mobile devices (with certain exceptions). It’s a shot in the arm to cure a post-COVID hangover, boosting user growth after months of stagnation and investor skittishness. Th ..read more
Visit website
Iranian APT group launches destructive attacks in hybrid Azure AD environments
Cyber Security Minute » Cloud Security
by ITCurated
1y ago
Recent destructive attacks against organizations that masquerade as a ransomware operation called DarkBit are likely performed by an advanced persistent threat (APT) group that’s affiliated with the Iranian government. During some of these operations the attackers didn’t limit themselves to on-premises systems but jumped into victims’ Azure AD environments where they deleted assets including entire server farms and storage accounts. Researchers from Microsoft track this cluster of malicious activity under the temporary identifier DEV-1084, but they found strong links between it and resources a ..read more
Visit website
BrandPost: Evolving identity and permissions management for the multicloud world
Cyber Security Minute » Cloud Security
by ITCurated
1y ago
Managing identities and their access permissions is becoming more complicated. Digital sprawl has led to an explosion in permissions across multicloud environments, and consistent oversight is lacking. As many as 99% of cloud permissions are going unused, and this represents a significant risk for enterprise businesses. As more organizations transition to Zero Trust security models, traditional identity and access management (IAM) models must evolve in kind. These new models should deliver comprehensive identity and permissions management for any cloud deployment while ensuring security and ma ..read more
Visit website
Adaptive Access Technologies Gaining Traction for Security, Agility
Cyber Security Minute » Cloud Security
by Robert Lemos, Contributing Writer, Dark Reading
1y ago
Although only seeing tepid adoption to date, adaptive access and authentication is set to gain steam among businesses this year as organizations pursue zero-trust capabilities that grant and restrict access to data and systems based on context. In the latest sign of life in the evolving industry, startup company Oleria announced on March 21 that it had jumped into the market for providing adaptive access that can keep applications secure and allow access while minimizing blind spots and the overprovisioning of privileges. The company’s executives maintained that easing deployment of granular a ..read more
Visit website

Follow Cyber Security Minute » Cloud Security on FeedSpot

Continue with Google
Continue with Apple
OR