March 1, 2024 at 06:15AM The text discusses the concept of “blameless” postmortems in tech companies and provides detailed examples of such postmortems from GitLab, Tarsnap, Roblox, and Cloudflare. These case studies uncover the root causes of outages, the impact of the incidents, and the lessons learned in data security and continuity planning. The examples … Read more
February 27, 2024 at 04:56PM The threat group “Midnight Blizzard,” associated with Russian intelligence services, has shifted tactics, targeting cloud environments at organizations. Strategies include exploiting automated cloud services accounts, dormant accounts, and using OAuth tokens and MFA bombing attacks for unauthorized access. Mitigations recommended include multifactor authentication, strong passwords, and least privilege principles for … Read more
February 27, 2024 at 05:45AM Cybersecurity and intelligence agencies from the Five Eyes nations have issued a joint advisory on the evolving tactics of the Russian state-sponsored threat actor APT29, also known by several aliases. The advisory details the group’s affiliation with the SVR and their targeting of organizations through cloud-based infrastructure and techniques such … Read more
February 26, 2024 at 12:35PM The Five Eyes intelligence alliance issued a warning about increased targeting of cloud services by APT29, a Russian hacking group. A joint advisory by international cybersecurity agencies highlights APT29’s tactics, including compromising access credentials and exploiting dormant accounts. Recommendations for defenders include enabling multi-factor authentication and strong passwords, among others, … Read more
February 23, 2024 at 10:20AM The fast adoption of Generative Artificial Intelligence (GenAI) in the Middle East and Africa is prompting organizations to increase data privacy and cloud security measures. Concerns about GenAI are driving a 24% and 17% increase in budgets for data privacy and cloud security, respectively, according to Gartner. However, the potential … Read more
February 23, 2024 at 08:46AM “Join Palo Alto Networks’ webinar on 26 February to learn about the challenges of cyber threats, technology refresh cycles, and multi-cloud architectures. Discover how Prisma Cloud, a cloud-native application protection platform, provides automated policy management and ‘code-to-cloud’ security. The session will also cover advanced remediation capabilities and practical demonstrations. Register … Read more
February 22, 2024 at 05:51AM SSH-Snake, a network mapping tool, has been repurposed by threat actors to conduct malicious activities. The self-replicating worm leverages SSH credentials to spread throughout the network and harvest credentials and IP addresses. It has been observed in real-world attacks, highlighting the importance of comprehensive security measures. Additionally, a new botnet … Read more
February 21, 2024 at 10:45AM Live Webinar: Join SecurityWeek and Lacework on Thursday, February 22nd at 1PM ET to learn about active threats targeting cloud deployments and practical strategies to mitigate them. Gain insights into AI and ML in threat detection, user behavior analytics, and continuous monitoring of network traffic and user activities. Key Takeaways … Read more
February 21, 2024 at 10:41AM VMware has urged network administrators to remove an out-of-date plug-in for its VSphere due to two critical flaws — CVE-2024-22245 and CVE-2024-22250. These vulnerabilities allow attackers to hijack cloud computing sessions. The company has released a security advisory with instructions on removal, as the plug-in is no longer supported. VMware … Read more
February 21, 2024 at 09:07AM Businesses face significant complexity in transitioning to cloud-native applications and multi-cloud architectures, placing cloud teams at the forefront of implementing security policies. Palo Alto Networks’ Prisma® Cloud offers “code-to-cloud” security, utilizing advanced automation to streamline security monitoring and management across cloud infrastructures. Join the webinar on 26 February to discover … Read more