#CloudSecurity

HPE Aruba Networking Strengthens Cyber Defenses With AI-Powered Network Detection and Response

by

August 9, 2024 at 01:57PM Hewlett Packard Enterprise (HPE) has expanded its AI-powered networking portfolio, introducing behavioral analytics-based network detection and response capabilities and enhancing its cloud-based universal ZTNA approach. The new NDR solution leverages AI models to monitor and detect unusual activity in IoT devices, addressing security blind spots and providing comprehensive network security … Read more

SaaS Apps Present an Abbreviated Kill Chain for Attackers

by

August 8, 2024 at 09:06AM Security researchers at Black Hat USA 2024 highlighted the evolving threat landscape for organizations due to the expanded use of SaaS applications. They revealed that attackers are leveraging valid credentials to breach SaaS environments, bypassing traditional cyber kill chain steps. It’s crucial for security teams to reassess defenses and implement … Read more

Critical AWS Vulnerabilities Allow S3 Attack Bonanza

by

August 8, 2024 at 08:07AM Aqua Security researchers discovered six critical vulnerabilities in Amazon Web Services (AWS) that could have allowed remote code execution, exfiltration, denial of service attacks, and account takeovers. Attack methods such as “Bucket Monopoly” and “Shadow Resources” were uncovered and reported to AWS, which rolled out mitigations between March and June. … Read more

AWS Patches Vulnerabilities Potentially Allowing Account Takeovers

by

August 8, 2024 at 06:30AM AWS recently addressed potentially critical vulnerabilities, including flaws that could have allowed attackers to take over accounts, disclosed by Aqua Security at Black Hat. The security holes could have enabled arbitrary code execution, account control, data exposure, DoS attacks, data exfiltration, and AI model manipulation in AWS services such as … Read more

Cloud storage lockers from Microsoft and Google used to store and spread state-sponsored malware

by

August 7, 2024 at 10:07PM Symantec’s threat hunters have observed an increase in state-sponsored cyber spies and criminals using legitimate cloud services for attacking victims. The criminals are making use of platforms like Google Drive and Microsoft for free accounts, along with encryption to avoid detection. Symantec has identified several campaigns and published a list … Read more

Hazy Issue in Entra ID Allows Privileged Users to Become Global Admins

by

August 7, 2024 at 07:26PM At the Black Hat USA conference, it was revealed that an obscure issue in Microsoft’s Entra ID identity and access management service could enable a hacker with admin-level access to gain global administrator privileges. This could lead to unauthorized access, including accessing sensitive data and planting malware in an organization’s … Read more

Knostic Wins 2024 Black Hat Startup Spotlight Competition

by

August 7, 2024 at 03:25PM At Black Hat USA in Las Vegas, Eitan Worcel of Mobb Security, last year’s winner, passed the torch to Knostic, the 2024 winner. Sounil Yu, Knostic’s CTO, accepted the award. Four finalists, including LeakSignal, RAD Security, DryRun Security, and Knostic, made final pitches. Knostic’s tool focuses on access control of … Read more

GhostWrite Vulnerability Facilitates Attacks on Devices With RISC-V CPU

by

August 7, 2024 at 03:06PM A team from the CISPA Helmholtz Center for Information Security in Germany has revealed a new vulnerability in the XuanTie C910 CPU based on RISC-V architecture. Named GhostWrite, the flaw could allow attackers to gain unrestricted access to targeted devices. Although no specific tools or methods to detect attacks currently … Read more

New Go-based Backdoor GoGra Targets South Asian Media Organization

by

August 7, 2024 at 06:57AM An unnamed media organization in South Asia was targeted using a previously undocumented Go-based backdoor called GoGra, which utilizes the Microsoft Graph API for C&C purposes. Other new malware families have employed similar techniques, suggesting that threat actors are increasingly utilizing legitimate cloud services for low-key operations. Based on the … Read more

Your copilot for improved cyber protection

by

August 5, 2024 at 11:24AM Palo Alto Networks utilizes generative AI (GenAI) to automate copilots, enhancing network security, cloud security, and security operations. The technology provides cyber security specialists with easier, better, and faster capabilities, including searching documentation, offering suggested actions, and initiating fixes with a single click. Watch the video for a comprehensive overview … Read more