This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T23:16:52+00:00 www.secnews.physaphae.fr Dark Reading - Informationweek Branch IaC is powerful. It brings speed, scale, and structure to cloud infrastructure. But none of that matters if your security can\'t keep up.]]> 2025-05-07T14:00:00+00:00 https://www.darkreading.com/cloud-security/infrastructure-code-iac-guide-cloud-security www.secnews.physaphae.fr/article.php?IdArticle=8672784 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch This year\'s top cyber challenges include cloud authorization sprawl, ICS cyberattacks and ransomware, a lack of cloud logging, and regulatory constraints keeping defenders from fully utilizing AI\'s capabilities.]]> 2025-05-01T23:28:19+00:00 https://www.darkreading.com/cloud-security/sans-top5-cyber-broken-out-soc www.secnews.physaphae.fr/article.php?IdArticle=8670317 False Ransomware,Industrial,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The tech giant is boosting Entra ID and MSA security as part of the wide-ranging Secure Future Initiative (SFI) that the company launched following a Chinese APT\'s breach of its Exchange Online environment in 2023.]]> 2025-04-22T21:29:35+00:00 https://www.darkreading.com/cloud-security/microsoft-millions-cloud-tenants-storm-0558 www.secnews.physaphae.fr/article.php?IdArticle=8666343 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens from within a browser, giving threat actors persistent access to key cloud services, including Microsoft 365 applications.]]> 2025-04-22T16:46:51+00:00 https://www.darkreading.com/remote-workforce/cookie-bite-entra-id-attack-exposes-microsoft-365 www.secnews.physaphae.fr/article.php?IdArticle=8666238 False Threat,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch The agency is recommending that organizations and individuals implement its recommendations to prevent the misuse of stolen data, though Oracle has yet to publicly do the same for its customers.]]> 2025-04-18T15:24:58+00:00 https://www.darkreading.com/cloud-security/cisa-alleged-oracle-cloud-breach www.secnews.physaphae.fr/article.php?IdArticle=8664541 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Cloud misconfigurations and cryptography flaws plague some of the top apps used in work environments, exposing organizations to risk and intrusion.]]> 2025-04-16T15:38:07+00:00 https://www.darkreading.com/endpoint-security/cloud-cryptography-flaws-mobile-apps-expose-enterprise-data www.secnews.physaphae.fr/article.php?IdArticle=8663614 False Mobile,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here\'s how experts say you can get eyes on it all.]]> 2025-04-14T16:34:17+00:00 https://www.darkreading.com/threat-intelligence/chinese-apt-exploit-edr-visibility-gap-cyber-espionage www.secnews.physaphae.fr/article.php?IdArticle=8662763 False Threat,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Some of the brightest minds in the industry will discuss how to strengthen cloud security.]]> 2025-04-14T14:00:00+00:00 https://www.darkreading.com/cloud-security/7-rsac-2025-cloud-security-sessions www.secnews.physaphae.fr/article.php?IdArticle=8662706 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Managing permissions and authorizations across dozens or hundreds of cloud services and platforms poses significant headaches for companies. An open specification aims to change that.]]> 2025-04-10T20:41:31+00:00 https://www.darkreading.com/cloud-security/authzen-aims-harmonize-fractured-authorization-controls www.secnews.physaphae.fr/article.php?IdArticle=8661502 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Google Unified Security brings together threat detection, AI-powered security, secure browser features, and Mandiant services, the company said at its Cloud Next conference.]]> 2025-04-09T22:40:04+00:00 https://www.darkreading.com/cloud-security/google-merges-security-offerings-cohesive-suite www.secnews.physaphae.fr/article.php?IdArticle=8661373 False Threat,Cloud,Conference None 3.0000000000000000 Dark Reading - Informationweek Branch The database company said its Oracle Cloud Infrastructure (OCI) was not involved in the breach. And at least one law firm seeking damages is already on the case.]]> 2025-04-09T18:59:10+00:00 https://www.darkreading.com/cyberattacks-data-breaches/oracle-breach-2-obsolete-servers www.secnews.physaphae.fr/article.php?IdArticle=8661226 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Cortex Cloud integrates Prisma Cloud with CDR to provide a consolidated security posture management and real-time threat detection and remediation.]]> 2025-04-07T22:14:51+00:00 https://www.darkreading.com/cloud-security/palo-alto-networks-begins-unified-security-rollout www.secnews.physaphae.fr/article.php?IdArticle=8660938 False Threat,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Tenable released details of a Google Cloud Run flaw that prior to remediation allowed a threat actor to escalate privileges.]]> 2025-04-01T14:00:00+00:00 https://www.darkreading.com/cloud-security/google-imagerunner-bug-enabled-privilege-escalation www.secnews.physaphae.fr/article.php?IdArticle=8659618 False Threat,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Although Oracle has denied its cloud infrastructure services were breached, security experts recommend Oracle customers independently verify if they were affected and take measures to reduce exposure to potential fallout.]]> 2025-03-31T21:29:43+00:00 https://www.darkreading.com/application-security/oracle-cloud-users-urged-take-action www.secnews.physaphae.fr/article.php?IdArticle=8659479 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch The General Services Administration is planning to use automation to speed up the process to determine which cloud services federal agencies are allowed to buy.]]> 2025-03-28T21:04:46+00:00 https://www.darkreading.com/cloud-security/gsa-plans-fedramp-revamp www.secnews.physaphae.fr/article.php?IdArticle=8659384 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Evidence suggests an attacker gained access to the company\'s cloud infrastructure environment, but Oracle insists that didn\'t happen.]]> 2025-03-28T18:26:49+00:00 https://www.darkreading.com/cyberattacks-data-breaches/oracle-still-denies-breach-researchers-persist www.secnews.physaphae.fr/article.php?IdArticle=8658939 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Attackers aren\'t just spending more time targeting the cloud - they\'re ruthlessly stealing more sensitive data and accessing more critical systems than ever before.]]> 2025-03-27T11:00:00+00:00 https://www.darkreading.com/cyber-risk/high-severity-cloud-security-alerts-tripled-2024 www.secnews.physaphae.fr/article.php?IdArticle=8658539 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch A threat actor posted data on Breachforums from an alleged supply-chain attack that affected more than 140K tenants, claiming to have compromised the cloud via a zero-day flaw in WebLogic, researchers say.]]> 2025-03-24T15:29:40+00:00 https://www.darkreading.com/cyberattacks-data-breaches/oracle-denies-claim-oracle-cloud-breach-6m-records www.secnews.physaphae.fr/article.php?IdArticle=8657835 False Vulnerability,Threat,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Research finds that organizations are granting root access by default and making other big missteps, including a Jenga-like building concept, in deploying and configuring AI services in cloud deployments.]]> 2025-03-19T17:05:03+00:00 https://www.darkreading.com/cloud-security/ai-cloud-adoption-cyber-mistakes www.secnews.physaphae.fr/article.php?IdArticle=8656742 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The all-cash deal offers a path for Google to better support cloud customers who have assets spread across public environments, including Azure and others.]]> 2025-03-18T20:16:44+00:00 https://www.darkreading.com/cloud-security/google-acquire-wiz-32b-multicloud-security-play www.secnews.physaphae.fr/article.php?IdArticle=8656546 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The new The F5 Application Delivery Controller and Security Platform combines BIG-IP, NGNIX and Distributed Cloud Services and new AI Gateway and AI Assistants.]]> 2025-03-13T12:31:50+00:00 https://www.darkreading.com/endpoint-security/f5-api-security-networking-ai-onslaught www.secnews.physaphae.fr/article.php?IdArticle=8655530 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The new cloud security startup uses AI to scan cloud applications and systems for issues before they are deployed.]]> 2025-03-05T20:45:33+00:00 https://www.darkreading.com/cloud-security/aryon-security-claims-to-bring-new-approach-to-cloud-security www.secnews.physaphae.fr/article.php?IdArticle=8654086 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch 2025-03-04T22:19:35+00:00 https://www.darkreading.com/cloud-security/glide-identity-partners-with-google-cloud-and-major-telcos www.secnews.physaphae.fr/article.php?IdArticle=8653596 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Excessive privileges and visibility gaps create a breeding ground for cyber threats.]]> 2025-02-20T22:28:09+00:00 https://www.darkreading.com/cloud-security/data-suggests-time-to-rethink-cloud-permissions www.secnews.physaphae.fr/article.php?IdArticle=8649570 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch The new Cloud Key Management Service is part of Google\'s new roadmap for implementing the new NIST-based post-quantum cryptography (PQC) standards.]]> 2025-02-20T17:00:22+00:00 https://www.darkreading.com/cloud-security/google-quantum-resistant-digital-signatures-cloud-kms www.secnews.physaphae.fr/article.php?IdArticle=8649325 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch 2025-02-20T16:14:06+00:00 https://www.darkreading.com/cloud-security/zest-security-s-cloud-risk-exposure-impact-report-reveals-62-of-incidents-are-related-to-risks-known-to-the-organization www.secnews.physaphae.fr/article.php?IdArticle=8649302 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch New research highlights how bad actors could abuse deleted AWS S3 buckets to create all sorts of mayhem, including a SolarWinds-style supply chain attack.]]> 2025-02-05T17:30:04+00:00 https://www.darkreading.com/remote-workforce/abandoned-aws-cloud-storage-cyberattack-vector www.secnews.physaphae.fr/article.php?IdArticle=8647090 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Funnull CDN rents IPs from legitimate cloud service providers and uses them to host criminal websites, continuously cycling cloud resources in and out of use and acquiring new ones to stay ahead of cyber-defender detection.]]> 2025-02-04T19:26:22+00:00 https://www.darkreading.com/cloud-security/chinese-infrastructure-laundering-abuses-aws-microsoft-cloud www.secnews.physaphae.fr/article.php?IdArticle=8646884 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch 2025-02-03T23:01:49+00:00 https://www.darkreading.com/cloud-security/emea-cisos-plan-2025-cloud-security-investment www.secnews.physaphae.fr/article.php?IdArticle=8646675 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.]]> 2025-02-03T22:10:32+00:00 https://www.darkreading.com/cloud-security/name-that-edge-toon-in-the-cloud www.secnews.physaphae.fr/article.php?IdArticle=8646678 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The rate of evolution has been glacial, but tools now understand cloud environments and can target Web applications.]]> 2025-01-30T15:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/automated-pen-testing-improving-slowly www.secnews.physaphae.fr/article.php?IdArticle=8644892 False Tool,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Managing third-party risk in the SaaS era demands a proactive, data-driven approach beyond checkbox compliance.]]> 2025-01-29T15:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/old-ways-vendor-risk-management-no-longer-good-enough www.secnews.physaphae.fr/article.php?IdArticle=8644336 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch The MITRE framework\'s applied exercise provides defenders with critical feedback about how to detect and defend against common, but sophisticated, attacks.]]> 2025-01-24T19:47:37+00:00 https://www.darkreading.com/cybersecurity-operations/mitre-simuluations-shine-light-on-attackers-techniques www.secnews.physaphae.fr/article.php?IdArticle=8642223 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Set for release in March, Cisco AI Defense will provide algorithmic red teaming of large language models with technology that came over as part of the Robust Intelligence acquisition last year.]]> 2025-01-21T15:07:41+00:00 https://www.darkreading.com/cloud-security/cisco-previews-ai-defense-cloud-security www.secnews.physaphae.fr/article.php?IdArticle=8641076 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch BeyondTrust has patched all cloud instances of the vulnerability and has released patches for self-hosted versions.]]> 2025-01-15T16:51:35+00:00 https://www.darkreading.com/vulnerabilities-threats/cisa-warns-of-second-vuln-found-in-beyondtrust-breach-investigation www.secnews.physaphae.fr/article.php?IdArticle=8637823 False Vulnerability,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The acquisition accelerates 1Password\'s ongoing efforts to expand the role of the password manager with secure SaaS management.]]> 2025-01-14T21:52:52+00:00 https://www.darkreading.com/identity-access-management-security/1password-trelica-buy-shadow-it-play www.secnews.physaphae.fr/article.php?IdArticle=8637730 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware.]]> 2025-01-13T20:44:00+00:00 https://www.darkreading.com/cloud-security/cloud-attackers-exploit-max-critical-aviatrix-rce-flaw www.secnews.physaphae.fr/article.php?IdArticle=8636859 False Malware,Vulnerability,Threat,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch The attack used a stolen remote support SaaS API key to exfiltrate data from workstations in the Treasury Department\'s Office of Foreign Assets Control.]]> 2025-01-09T21:11:38+00:00 https://www.darkreading.com/cyberattacks-data-breaches/hacking-group-silk-typhoon-linked-us-treasury-breach www.secnews.physaphae.fr/article.php?IdArticle=8635410 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch The deal will enhance 1Password Extended Access Management offering with capabilities to address challenges around SaaS sprawl and shadow IT.]]> 2025-01-07T23:25:51+00:00 https://www.darkreading.com/identity-access-management-security/1password-acqiures-saas-access-management-trelica www.secnews.physaphae.fr/article.php?IdArticle=8634884 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch The results of Dark Reading\'s 2024 Strategic Security survey suggest that security teams continue to grapple with the challenges that come with increased cloud adoption such as data visibility and loss of controls. Managing cloud risks will be a focus for security teams in 2025.]]> 2024-12-31T20:19:30+00:00 https://www.darkreading.com/cloud-security/managing-cloud-risks-big-headache-2024 www.secnews.physaphae.fr/article.php?IdArticle=8632739 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Cyberattackers used fake DocuSign links and HubSpot forms to try to solicit Azure cloud logins from hundreds of thousands of employees across Europe.]]> 2024-12-18T17:24:00+00:00 https://www.darkreading.com/cloud-security/manufacturing-orgs-azure-creds-hubspot-phishing-attack www.secnews.physaphae.fr/article.php?IdArticle=8627179 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Actions direct agencies to deploy specific security configurations to reduce cyber-risk.]]> 2024-12-17T18:20:08+00:00 https://www.darkreading.com/cloud-security/cisa-directs-federal-agencies-secure-cloud-environments www.secnews.physaphae.fr/article.php?IdArticle=8626695 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Three vulnerabilities in the service\'s Apache Airflow integration could have allowed attackers to take shadow administrative control over an enterprise cloud infrastructure, gain access to and exfiltrate data, and deploy malware.]]> 2024-12-17T16:21:38+00:00 https://www.darkreading.com/cloud-security/azure-data-factory-bugs-expose-cloud-infrastructure www.secnews.physaphae.fr/article.php?IdArticle=8626651 False Malware,Vulnerability,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-12-13T22:32:53+00:00 https://www.darkreading.com/cloud-security/zerto-introduces-cloud-vault-solution-for-enhanced-cyber-resilience-through-msps www.secnews.physaphae.fr/article.php?IdArticle=8624788 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Researchers demonstrate how to hack Ruijie Reyee access points without Wi-Fi credentials or even physical access to the device.]]> 2024-12-12T20:47:27+00:00 https://www.darkreading.com/ics-ot-security/iot-cloud-cracked-open-sesame-attack www.secnews.physaphae.fr/article.php?IdArticle=8624215 False Hack,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch A critical flaw in the company\'s rate limit for failed sign-in attempts allowed unauthorized access to a user account, including Outlook emails, OneDrive files, Teams chats, Azure Cloud, and more.]]> 2024-12-11T20:47:50+00:00 https://www.darkreading.com/cyberattacks-data-breaches/researchers-crack-microsoft-azure-mfa-hour www.secnews.physaphae.fr/article.php?IdArticle=8623644 False Cloud None 4.0000000000000000 Dark Reading - Informationweek Branch The Nemesis and ShinyHunters attackers scanned millions of IP addresses to find exploitable cloud-based flaws, though their operation ironically was discovered due to a cloud misconfiguration of their own doing.]]> 2024-12-10T16:12:01+00:00 https://www.darkreading.com/endpoint-security/cybercrime-gangs-steal-thousands-aws-credentials www.secnews.physaphae.fr/article.php?IdArticle=8622949 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch More than 4% of US attempted e-commerce transactions between Thanksgiving and Cyber Monday suspected to be fraudulent.]]> 2024-12-09T18:00:33+00:00 https://www.darkreading.com/physical-security/genetec-physical-security-report-shows-accelerating-hybrid-cloud-adoption www.secnews.physaphae.fr/article.php?IdArticle=8622397 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The "Census of Free and Open Source Software" report, which identifies the most critical software projects, sees more cloud infrastructure and Python software designated as critical software components.]]> 2024-12-06T14:59:11+00:00 https://www.darkreading.com/application-security/critical-open-source-rankings-shuffle-popularity-python-cloud-grows www.secnews.physaphae.fr/article.php?IdArticle=8620690 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Cloudflare Tunnels is just the latest legitimate cloud service that cybercriminals and state-sponsored threat actors are abusing to hide their tracks.]]> 2024-12-05T22:04:39+00:00 https://www.darkreading.com/cloud-security/russias-bluealpha-apt-cloudflare-tunnels www.secnews.physaphae.fr/article.php?IdArticle=8620316 False Threat,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Protection ranged from 0.38% to 50.57% for security effectiveness.]]> 2024-11-26T16:19:35+00:00 https://www.darkreading.com/cloud-security/cyberratings-org-announces-test-results-cloud-service-provider-native-firewalls www.secnews.physaphae.fr/article.php?IdArticle=8617910 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Dazz\'s remediation engine will boost risk management in Wiz\'s cloud security portfolio.]]> 2024-11-21T21:01:44+00:00 https://www.darkreading.com/cloud-security/cloud-security-startup-wiz-to-acquire-dazz-in-risk-management-play www.secnews.physaphae.fr/article.php?IdArticle=8615641 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Cloud service providers are getting better at protecting data, pushing adversaries to develop new cloud ransomware scripts to target PHP applications, a new report says.]]> 2024-11-13T23:40:17+00:00 https://www.darkreading.com/cloud-security/cloud-ransomware-scripts-web-applications www.secnews.physaphae.fr/article.php?IdArticle=8611201 False Ransomware,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The shift to cloud means securing your organization\'s digital assets requires a proactive, multi-layered approach]]> 2024-11-13T20:31:41+00:00 https://www.darkreading.com/cloud-security/5-ways-save-organization-cloud-security-threats www.secnews.physaphae.fr/article.php?IdArticle=8610636 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Google Cloud will take a phased approach to make multi-factor authentication mandatory for all users.]]> 2024-11-06T21:38:35+00:00 https://www.darkreading.com/identity-access-management-security/google-cloud-enforce-mfa-2025 www.secnews.physaphae.fr/article.php?IdArticle=8607259 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The large-scale operation took advantage of open repositories, hardcoded credentials in source code, and other cloud oversights.]]> 2024-11-01T21:54:23+00:00 https://www.darkreading.com/cloud-security/emeraldwhale-massive-git-breach-config-gaps www.secnews.physaphae.fr/article.php?IdArticle=8604814 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The company\'s data loss prevention platform helps customers identify and classify data across SaaS and GenAI applications, endpoints, and emails.]]> 2024-10-31T00:43:04+00:00 https://www.darkreading.com/cyberattacks-data-breaches/mind-launches-intelligent-dlp-platform www.secnews.physaphae.fr/article.php?IdArticle=8603979 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch A professional-grade tool set, appropriately dubbed "CloudScout," is infiltrating cloud apps like Microsoft Outlook and Google Drive, targeting sensitive info for exfiltration.]]> 2024-10-29T21:05:22+00:00 https://www.darkreading.com/cloud-security/china-evasive-panda-apt-cloud-hijacking www.secnews.physaphae.fr/article.php?IdArticle=8603431 False Tool,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Amazon\'s open source Cloud Development Kit generates dangerously predictable naming patterns that could lead to an account takeover.]]> 2024-10-24T21:55:42+00:00 https://www.darkreading.com/threat-intelligence/aws-cdk-default-s3-bucket-naming-pattern-lets-adversaries-waltz-into-admin-access www.secnews.physaphae.fr/article.php?IdArticle=8601611 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch 2024-10-24T21:39:12+00:00 https://www.darkreading.com/vulnerabilities-threats/grip-security-releases-2025-saas-security-risks-report www.secnews.physaphae.fr/article.php?IdArticle=8601612 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Popular titles on both Google Play and Apple\'s App Store include hardcoded and unencrypted AWS and Azure credentials in their codebases or binaries, making them vulnerable to misuse by threat actors.]]> 2024-10-23T15:44:38+00:00 https://www.darkreading.com/cloud-security/mobile-apps-millions-downloads-expose-cloud-credentials www.secnews.physaphae.fr/article.php?IdArticle=8601407 False Threat,Mobile,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-10-22T21:16:06+00:00 https://www.darkreading.com/ics-ot-security/honeywell-and-google-cloud-to-accelerate-auto-operations-with-ai-agents-for-the-industrial-sector www.secnews.physaphae.fr/article.php?IdArticle=8601411 False Industrial,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-10-22T21:04:41+00:00 https://www.darkreading.com/cloud-security/softwareone-launches-cloud-competency-centre-in-malaysia www.secnews.physaphae.fr/article.php?IdArticle=8601413 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch These types of "long-lived" credentials pose a risk for users across all major cloud service providers, and must meet their very timely ends, researchers say.]]> 2024-10-21T21:03:09+00:00 https://www.darkreading.com/cloud-security/unmanaged-cloud-credentials-risk-half-orgs www.secnews.physaphae.fr/article.php?IdArticle=8601213 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The FHE Technical Consortium for Hardware (FHETCH) brings together developers, hardware manufacturers and cloud providers to collaborate on technical standards necessary to develop commercial fully homomorphic encryption solutions and lower adoption barriers.]]> 2024-10-15T20:18:54+00:00 https://www.darkreading.com/data-privacy/fhe-consortium-quantum-resilient-cryptography-standards www.secnews.physaphae.fr/article.php?IdArticle=8598425 False Cloud,Technical,Commercial None 3.0000000000000000 Dark Reading - Informationweek Branch Suspected nation-state actors are spotted stringing together three different zero-days in the Ivanti Cloud Services Application to gain persistent access to a targeted system.]]> 2024-10-14T22:16:17+00:00 https://www.darkreading.com/cyberattacks-data-breaches/serious-adversaries-circle-ivanti-csa-flaws www.secnews.physaphae.fr/article.php?IdArticle=8597822 False Vulnerability,Threat,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The security bugs were found susceptible to exploitation in connection to the previously disclosed, critical CVE-2024-8963 vulnerability in the security vendor\'s Cloud Services Appliance (CSA).]]> 2024-10-09T18:47:44+00:00 https://www.darkreading.com/cyberattacks-data-breaches/three-more-ivanti-cloud-vulns-exploited www.secnews.physaphae.fr/article.php?IdArticle=8594982 False Vulnerability,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Cyber pros are scrambling to stay up-to-date as the businesses they work for quickly roll out AI tools and keep expanding their cloud initiatives.]]> 2024-10-09T18:02:57+00:00 https://www.darkreading.com/cloud-security/cloud-ai-talent-gaps-cybersecurity-teams www.secnews.physaphae.fr/article.php?IdArticle=8594958 False Tool,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Since April, attackers have increased their use of Dropbox, OneDrive, and SharePoint to steal the credentials of business users and conduct further malicious activity.]]> 2024-10-09T10:56:04+00:00 https://www.darkreading.com/cyberattacks-data-breaches/microsoft-creative-abuse-cloud-files-bec-attacks www.secnews.physaphae.fr/article.php?IdArticle=8594822 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Amid the noise of new solutions and buzzwords, understanding the balance between securing infrastructure and implementing runtime security is key to crafting an effective cloud strategy.]]> 2024-10-01T16:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/infrastructure-vs-runtime-where-are-your-priorities www.secnews.physaphae.fr/article.php?IdArticle=8589754 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Microsoft warns that ransomware group Storm-0501 has shifted from buying initial access to leveraging weak credentials to gain on-premises access before moving laterally to the cloud.]]> 2024-09-27T18:06:20+00:00 https://www.darkreading.com/application-security/sloppy-entra-id-credentials-hybrid-cloud-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8589006 False Ransomware,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Who needs advanced malware when you can take advantage of a bunch of OSS tools and free cloud services to compromise your target?]]> 2024-09-26T04:30:00+00:00 https://www.darkreading.com/cloud-security/sloppylemming-apt-cloudflare-pakistan-attacks www.secnews.physaphae.fr/article.php?IdArticle=8585337 False Malware,Tool,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch The company has jettisoned hundreds of thousands of unused apps and millions of unused tenants as part of its Secure Future Initiative.]]> 2024-09-23T21:23:49+00:00 https://www.darkreading.com/cloud-security/microsoft-trims-cloud-cyberattack-surface-security-push www.secnews.physaphae.fr/article.php?IdArticle=8583327 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The critical bug, CVE-2024-8963, can be used in conjunction with the prior known flaw to achieve remote code execution (RCE).]]> 2024-09-20T20:40:12+00:00 https://www.darkreading.com/cyberattacks-data-breaches/ivanti-cloud-service-appliance-attacked-vuln www.secnews.physaphae.fr/article.php?IdArticle=8580784 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Regulators fine AT&T $13 million for failing to protect customer information held by a third-party vendor, and extend consumer data protections to the cloud.]]> 2024-09-18T19:20:34+00:00 https://www.darkreading.com/cybersecurity-operations/fcc-att-did-not-protect-cloud-data www.secnews.physaphae.fr/article.php?IdArticle=8579327 False Cloud None 1.00000000000000000000 Dark Reading - Informationweek Branch Attackers could have exploited a dependency confusion vulnerability affecting various Google Cloud services to execute a sprawling supply chain attack via just one malicious Python code package.]]> 2024-09-17T09:49:32+00:00 https://www.darkreading.com/cloud-security/cloudimposer-flaw-google-cloud-affected-millions-servers www.secnews.physaphae.fr/article.php?IdArticle=8578481 False Vulnerability,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Three days after Ivanti published an advisory about the high-severity vulnerability CVE-2024-8190, threat actors began to abuse the flaw.]]> 2024-09-16T21:04:22+00:00 https://www.darkreading.com/threat-intelligence/ivanti-cloud-bug-exploit-alarms-raised www.secnews.physaphae.fr/article.php?IdArticle=8577950 False Vulnerability,Threat,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The incident is a reminder why organizations need to pay attention to how they store and secure data in SaaS and cloud environments.]]> 2024-09-13T19:51:28+00:00 https://www.darkreading.com/cloud-security/fortinet-customer-data-breach-third-party www.secnews.physaphae.fr/article.php?IdArticle=8576124 False Data Breach,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The dangerous ransomware group is targeting financial and insurance sectors using smishing and vishing against IT service desk administrators, cybersecurity teams, and other employees with top-level privileges.]]> 2024-09-12T19:55:57+00:00 https://www.darkreading.com/cloud-security/socially-savvy-scattered-spider-traps-cloud-admins-in-web www.secnews.physaphae.fr/article.php?IdArticle=8575474 False Ransomware,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The combination of immutability, indelibility, centralized governance, and user empowerment provides a comprehensive backup strategy, Google said.]]> 2024-09-11T22:55:48+00:00 https://www.darkreading.com/cloud-security/google-updates-cloud-backup-disaster-recovery-service www.secnews.physaphae.fr/article.php?IdArticle=8574576 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Wiz Code identifies and flags cloud risks in code to help improve collaboration between security and development teams.]]> 2024-09-10T21:47:40+00:00 https://www.darkreading.com/application-security/wiz-launches-wiz-code-application-security-tool www.secnews.physaphae.fr/article.php?IdArticle=8574337 False Tool,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch New threats, an overburdened workforce, and regulatory pressures mean cloud service providers need a more resilient model than the shared responsibility framework. That\'s where "shared fate" comes in.]]> 2024-09-05T23:11:27+00:00 https://www.darkreading.com/cloud-security/what-is-the-shared-fate-model www.secnews.physaphae.fr/article.php?IdArticle=8570852 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-09-05T21:09:38+00:00 https://www.darkreading.com/cybersecurity-operations/palo-alto-networks-closes-acquisition-of-ibm-s-qradar-saas-assets www.secnews.physaphae.fr/article.php?IdArticle=8570755 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Public-facing vulnerabilities, cloud sprawl, access to back-end servers are just a few of the challenges travel and hospitality companies must address.]]> 2024-08-29T19:34:28+00:00 https://www.darkreading.com/threat-intelligence/top-travel-sites-have-some-first-class-security-issues-to-clean-up www.secnews.physaphae.fr/article.php?IdArticle=8566389 False Vulnerability,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted cloud environments into cryptomining networks.]]> 2024-08-28T18:03:59+00:00 https://www.darkreading.com/threat-intelligence/attackers-exploit-critical-atlassian-confluence-flaw-for-cryptojacking www.secnews.physaphae.fr/article.php?IdArticle=8565592 False Threat,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Confidential computing safeguards data in use, making it a crucial component of cloud security.]]> 2024-08-27T14:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/why-every-business-should-prioritize-confidential-computing www.secnews.physaphae.fr/article.php?IdArticle=8564746 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The ShinyHunters attackers are skipping selling stolen data on hacker forums in favor of using deadline-driven ransom notes for financial gain.]]> 2024-08-27T11:39:29+00:00 https://www.darkreading.com/threat-intelligence/threat-group-bling-libra-extortion-cloud-attacks www.secnews.physaphae.fr/article.php?IdArticle=8564813 False Threat,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch A server-side request forgery (SSRF) bug in Microsoft\'s tool for creating custom AI chatbots potentially exposed info across multiple tenants within cloud environments.]]> 2024-08-21T10:59:17+00:00 https://www.darkreading.com/remote-workforce/microsoft-copilot-studio-exploit-leaks-sensitive-cloud-data www.secnews.physaphae.fr/article.php?IdArticle=8562727 False Tool,Threat,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Cloud services and thus millions of end users who access them could have been affected by the poisoning of artifacts in the development workflow of open source projects.]]> 2024-08-14T14:16:57+00:00 https://www.darkreading.com/cloud-security/github-attack-vector-google-microsoft-aws-projects www.secnews.physaphae.fr/article.php?IdArticle=8557726 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch The weaknesses gave attackers an avenue to take over millions of photovoltaic devices connected to Solarman and Deye\'s cloud-hosted management systems.]]> 2024-08-09T18:31:09+00:00 https://www.darkreading.com/ics-ot-security/solar-power-installations-worldwide-open-to-cloud-api-bugs www.secnews.physaphae.fr/article.php?IdArticle=8554850 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Black Hat presentation reveals adversaries don\'t need to complete all seven stages of a traditional kill chain to achieve their objectives.]]> 2024-08-08T13:00:00+00:00 https://www.darkreading.com/application-security/saas-apps-present-abbreviated-kill-chain-for-attackers www.secnews.physaphae.fr/article.php?IdArticle=8554071 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Invisible authentication mechanisms in Microsoft allow any attacker to escalate from privileged to super-duper privileged in cloud environments, paving the way for complete takeover.]]> 2024-08-07T23:20:00+00:00 https://www.darkreading.com/application-security/hazy-issue-entra-id-privileged-users-become-global-admins www.secnews.physaphae.fr/article.php?IdArticle=8553725 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Cybersecurity startup RAD Security, a finalist in this year\'s Black Hat USA Startup Spotlight competition, looks for "drift events," or events that vary from the baseline.]]> 2024-08-06T15:59:16+00:00 https://www.darkreading.com/cloud-security/startup-spotlight-rad-security-cloud-behavioral-profiling www.secnews.physaphae.fr/article.php?IdArticle=8553076 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch In the cloud, patches disseminate automatically. On your computer, you get notified. IoT devices, meanwhile, can escape attention for years on end.]]> 2024-08-05T19:51:26+00:00 https://www.darkreading.com/ics-ot-security/20k-ubiquiti-iot-cameras-and-routers-are-sitting-ducks-for-hackers www.secnews.physaphae.fr/article.php?IdArticle=8552298 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch The sustained cyberattack, likely made worse by a mitigation snafu, disrupted several Azure cloud services for nearly eight hours on July 30.]]> 2024-07-31T19:11:50+00:00 https://www.darkreading.com/cloud-security/microsoft-azure-ddos-attack-amplified-cyber-defense-error www.secnews.physaphae.fr/article.php?IdArticle=8548228 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch The campaign is laser-targeted, bucking the trend of "spray-and-pray" malicious open source packages turning up in code repositories seemingly every other day.]]> 2024-07-26T20:28:55+00:00 https://www.darkreading.com/threat-intelligence/targeted-pypi-package-steals-google-cloud-credentials-macos-devs www.secnews.physaphae.fr/article.php?IdArticle=8544996 False Prediction,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Cybersecurity startup Zest Security emerged from stealth with an AI-powered cloud risk resolution platform to reduce time from discovery to remediation.]]> 2024-07-24T21:25:32+00:00 https://www.darkreading.com/cloud-security/zest-security-aims-to-resolve-cloud-risks www.secnews.physaphae.fr/article.php?IdArticle=8543929 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch The more we use the cloud, the more maintaining browser security becomes crucial.]]> 2024-07-24T14:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/navigating-complex-landscape-web-browser-security www.secnews.physaphae.fr/article.php?IdArticle=8543434 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch 2024-07-22T20:29:12+00:00 https://www.darkreading.com/cloud-security/cloud-security-alliance-sets-new-standard-in-cloud-security-expertise-with-the-certificate-of-cloud-security-knowledge www.secnews.physaphae.fr/article.php?IdArticle=8542269 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Latest version of CSA\'s Cloud Security Knowledge Certificate provides a comprehensive catalog of the essential skills cybersecurity professionals need to master.]]> 2024-07-19T22:16:33+00:00 https://www.darkreading.com/cybersecurity-careers/csa-updates-cloud-security-certificate-training www.secnews.physaphae.fr/article.php?IdArticle=8540223 False Cloud None 3.0000000000000000