Cloud Security

80 материалов

• Google Addresses Vertex Security Issues After Researchers Weaponize AI Agents

  Artificial Intelligence · Cloud Security

  Palo Alto Networks has disclosed the details of its analysis of Google Cloud Platform’s Vertex AI. The post Google Addresses Vertex Security Issues After Researchers Weaponize AI Agents appeared first on SecurityWeek.

• TeamPCP Moves From OSS to AWS Environments

  Cloud Security · Application Security

  After validating stolen credentials using TruffleHog, the hacking group started AWS services enumeration and lateral movement activities. The post TeamPCP Moves From OSS to AWS Environments appeared first on SecurityWeek.

• Cloud Security Startup Native Exits Stealth With $42 Million in Funding

  Cybersecurity Funding · Cloud Security

  Phil Venables, former CISO of Google Cloud and now a venture partner at Ballistic Ventures, has joined Native’s board of directors. The post Cloud Security Startup Native Exits Stealth With $42 Million in Funding appeared first on SecurityWeek.

• Wiz Joins Google Cloud as Landmark Acquisition Closes

  M&A Tracker · Cloud Security

  Google has completed its $32 billion acquisition of the cloud security giant, which will maintain its brand. The post Wiz Joins Google Cloud as Landmark Acquisition Closes appeared first on SecurityWeek.

• Iranian Strikes on Amazon Data Centers Highlight Industry’s Vulnerability to Physical Disasters

  Cloud Security · Cyberwarfare

  Two AWS data centers in the United Arab Emirates were “directly struck” and another facility in Bahrain was also damaged after a drone landed nearby. The post Iranian Strikes on Amazon Data Centers Highlight Industry’s Vulnerability to Physical Disasters appeared first on SecurityWeek.

• AWS Expands Security Hub Into a Cross-Domain Security Platform

  Cloud Security

  The AWS Security Hub Extended plan aims to reduce security tool sprawl by correlating findings across multiple security domains. The post AWS Expands Security Hub Into a Cross-Domain Security Platform appeared first on SecurityWeek.

• Google-Intel Security Audit Reveals Severe TDX Vulnerability Allowing Full Compromise

  Vulnerabilities · Cloud Security

  Dozens of vulnerabilities, bugs, and potential improvements have been identified by the tech giants’ security teams. The post Google-Intel Security Audit Reveals Severe TDX Vulnerability Allowing Full Compromise appeared first on SecurityWeek.

• Vulnerabilities Allowed Full Compromise of Google Looker Instances

  Vulnerabilities · Cloud Security

  The flaws dubbed LookOut can be exploited for remote code execution and data exfiltration. The post Vulnerabilities Allowed Full Compromise of Google Looker Instances appeared first on SecurityWeek.

• Upwind Raises $250 Million at $1.5 Billion Valuation

  Cybersecurity Funding · Cloud Security

  The CNAPP company will use the fresh investment to scale its runtime-first cloud security offering across data, AI and code. The post Upwind Raises $250 Million at $1.5 Billion Valuation appeared first on SecurityWeek.

• Palo Alto Networks, Google Cloud Strike Multibillion-Dollar AI and Cloud Security Deal

  Cloud Security · Artificial Intelligence

  The agreement strengthens technical and commercial ties as Palo Alto migrates workloads and adopts Google’s Vertex AI and Gemini models. The post Palo Alto Networks, Google Cloud Strike Multibillion-Dollar AI and Cloud Security Deal appeared first on SecurityWeek.

• Docker Makes 1,000 Hardened Images Free and Open Source

  Cloud Security

  Millions of developers can now use the secure, production-ready images made by Docker. The post Docker Makes 1,000 Hardened Images Free and Open Source appeared first on SecurityWeek.

• $320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits

  Cloud Security · Vulnerabilities

  Participants earned rewards at the hacking competition for Grafana, Linux Kernel, Redis, MariaDB, and PostgreSQL vulnerabilities. The post $320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits appeared first on SecurityWeek.

• MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations

  Endpoint Security · Cloud Security

  Eleven companies took part in the evaluations and several have boasted 100% detection and coverage rates. The post MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations appeared first on SecurityWeek.

• re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities

  Cloud Security

  AWS and cybersecurity vendors have made several announcements at the cloud giant’s re:Invent 2025 event. The post re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities appeared first on SecurityWeek.

• Fluent Bit Vulnerabilities Expose Cloud Services to Takeover

  Cloud Security · Vulnerabilities

  Five flaws in the open source tool may lead to path traversal attacks, remote code execution, denial-of-service, and tag manipulation. The post Fluent Bit Vulnerabilities Expose Cloud Services to Takeover appeared first on SecurityWeek.

• New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs

  Cloud Security

  Intel and AMD have published advisories after academics disclosed details of the new TEE.fail attack method. The post New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs appeared first on SecurityWeek.

• RMPocalypse: New Attack Breaks AMD Confidential Computing

  Cloud Security

  A vulnerability in RMP initialization allows the AMD processor’s x86 cores to maliciously control parts of the initial RMP state. The post RMPocalypse: New Attack Breaks AMD Confidential Computing appeared first on SecurityWeek.

• Critical Vulnerability Puts 60,000 Redis Servers at Risk of Exploitation

  Cloud Security

  Authenticated attackers can exploit the security flaw to trigger a use-after-free and potentially execute arbitrary code. The post Critical Vulnerability Puts 60,000 Redis Servers at Risk of Exploitation appeared first on SecurityWeek.

• $4.5 Million Offered in New Cloud Hacking Competition

  Cloud Security

  Wiz has teamed up with Microsoft, Google and AWS and is inviting cloud security researchers to its Zeroday.Cloud competition. The post $4.5 Million Offered in New Cloud Hacking Competition appeared first on SecurityWeek.

• Battering RAM Attack Breaks Intel and AMD Security Tech With $50 Device

  Cloud Security

  Intel and AMD say the research is not in scope of their threat model because the attack requires physical access to a device. The post Battering RAM Attack Breaks Intel and AMD Security Tech With $50 Device appeared first on SecurityWeek.

• CSA Unveils SaaS Security Controls Framework to Ease Complexity

  Cloud Security

  New framework from the Cloud Security Alliance helps SaaS customers navigate the shared responsibility model with confidence. The post CSA Unveils SaaS Security Controls Framework to Ease Complexity appeared first on SecurityWeek.

• All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: Researcher

  Cloud Security

  The strength of responsible disclosure is that it can solve problems before they are actioned. The weakness is that it potentially generates a false sense of security in the vendor. The post All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: Researcher appeared first on SecurityWeek.

• Researchers Earn $150,000 for L1TF Exploit Leaking Data From Public Cloud

  Cloud Security

  L1TF Reloaded is a vulnerability combining the old L1TF and half-Spectre hardware flaws to bypass deployed software mitigations. The post Researchers Earn $150,000 for L1TF Exploit Leaking Data From Public Cloud appeared first on SecurityWeek.

• VMScape: Academics Break Cloud Isolation With New Spectre Attack

  Cloud Security

  Exploiting incomplete speculative execution attack mitigations extended to the branch predictor state, VMScape leaks arbitrary memory. The post VMScape: Academics Break Cloud Isolation With New Spectre Attack appeared first on SecurityWeek.

• Amazon Disrupts Russian Hacking Campaign Targeting Microsoft Users

  Identity & Access · Cloud Security

  The Midnight Blizzard cyberspies used compromised websites to trick users into authorizing devices they controlled. The post Amazon Disrupts Russian Hacking Campaign Targeting Microsoft Users appeared first on SecurityWeek.

• Ransomware Group Exploits Hybrid Cloud Gaps, Gains Full Azure Control in Enterprise Attacks

  Ransomware · Cloud Security

  Storm-0501 has been leveraging cloud-native capabilities for data exfiltration and deletion, without deploying file-encrypting malware. The post Ransomware Group Exploits Hybrid Cloud Gaps, Gains Full Azure Control in Enterprise Attacks appeared first on SecurityWeek.

• Docker Desktop Vulnerability Leads to Host Compromise

  Cloud Security

  A critical vulnerability in Docker Desktop allows attackers to modify the filesystem of Windows hosts to become administrators. The post Docker Desktop Vulnerability Leads to Host Compromise appeared first on SecurityWeek.

• Chinese Silk Typhoon Hackers Targeting Multiple Industries in North America

  Cloud Security

  Silk Typhoon was seen exploiting n-day and zero-day vulnerabilities for initial access to victim systems. The post Chinese Silk Typhoon Hackers Targeting Multiple Industries in North America appeared first on SecurityWeek.

• AWS Trusted Advisor Tricked Into Showing Unprotected S3 Buckets as Secure

  Cloud Security

  AWS has addressed a vulnerability that could have been leveraged to bypass Trusted Advisor’s S3 bucket permissions check. The post AWS Trusted Advisor Tricked Into Showing Unprotected S3 Buckets as Secure appeared first on SecurityWeek.

• Critical Nvidia Toolkit Flaw Exposes AI Cloud Services to Hacking

  Cloud Security

  Wiz researchers discovered NVIDIAScape, an Nvidia Container Toolkit flaw that can be exploited for full control of the host machine. The post Critical Nvidia Toolkit Flaw Exposes AI Cloud Services to Hacking appeared first on SecurityWeek.

• Watch on Demand: Cloud & Data Security Summit – Tackling Exposed Attack Surfaces in the Cloud

  Cloud Security

  Virtual event brings together leading experts, practitioners, and innovators for a full day of insightful discussions and tactical guidance on evolving threats and real-world defense strategies in cloud security. The post Watch on Demand: Cloud & Data Security Summit – Tackling Exposed Attack Surfaces in the Cloud appeared first on SecurityWeek.

• Cato Networks Raises $359 Million to Expand SASE Business

  Security Architecture · Cloud Security

  Founded in 2015, the Tel Aviv based company has now raised more than $1 billion and claims more than 3,500 customers. The post Cato Networks Raises $359 Million to Expand SASE Business appeared first on SecurityWeek.

• Circumvent Raises $6 Million for Cloud Security Platform

  Cloud Security · Cybersecurity Funding

  Cloud security startup Circumvent has raised $6 million to develop a network of agents for autonomous prioritization and remediation. The post Circumvent Raises $6 Million for Cloud Security Platform appeared first on SecurityWeek.

• Google’s $32 Billion Wiz Deal Draws DOJ Antitrust Scrutiny: Report

  Cloud Security

  According to reports, the US Department of Justice will assess whether the deal would harm competition in the cybersecurity market. The post Google’s $32 Billion Wiz Deal Draws DOJ Antitrust Scrutiny: Report appeared first on SecurityWeek.

• Maze Banks $25M to Tackle Cloud Security With AI Agents

  Artificial Intelligence · Cloud Security

  Maze and its investors are betting on finding profits in software that uses AI-powered agents to automate critical parts of the process. The post Maze Banks $25M to Tackle Cloud Security With AI Agents appeared first on SecurityWeek.

• Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud

  Application Security · Cloud Security

  Security researchers uncover critical flaws and widespread misconfigurations in Salesforce’s industry-specific CRM solutions. The post Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud appeared first on SecurityWeek.

• OneDrive Gives Web Apps Full Read Access to All Files

  Application Security · Cloud Security

  Security researchers warn that OneDrive’s file sharing tool may grant third-party web apps access to all your files—not just the one you choose to upload. The post OneDrive Gives Web Apps Full Read Access to All Files appeared first on SecurityWeek.

• Inside the $111 Billion Cloud Security Market: Acquisition, Expansion, and Where to Aim Next

  Cloud Security

  As cloud security spending surges to $111 billion, new data highlights Microsoft's dominance, the U.S. market's outsized role, and Google's strategic acquisition of Wiz. The post Inside the $111 Billion Cloud Security Market: Acquisition, Expansion, and Where to Aim Next appeared first on SecurityWeek.

• NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch

  Cloud Security · Vulnerabilities

  VMware patches flaws that expose users to data leakage, command execution and denial-of-service attacks. No temporary workarounds available. The post NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch appeared first on SecurityWeek.

• Orca Snaps Up Opus in Cloud Security Automation Push

  Cloud Security

  Orca positioned the deal as an expansion of its capabilities into the realm of AI-based autonomous remediation and prevention. The post Orca Snaps Up Opus in Cloud Security Automation Push appeared first on SecurityWeek.

• Microsoft Warns of Attackers Exploiting Misconfigured Apache Pinot Installations

  Cloud Security

  Misconfigured Apache Pinot instances can and have enabled threat actors to gain access to sensitive information. The post Microsoft Warns of Attackers Exploiting Misconfigured Apache Pinot Installations appeared first on SecurityWeek.

• Veza Banks $108 Million Series D at $808 Million Valuation

  Identity & Access · Cloud Security

  San Francisco identity security play Veza closes a Series D fund round led by New Enterprise Associates (NEA). The post Veza Banks $108 Million Series D at $808 Million Valuation appeared first on SecurityWeek.

• Former Google Cloud CISO Phil Venables Joins Ballistic Ventures

  CISO Strategy · Cloud Security

  Venables has served as CISO and security executive across several large organizations, including Google Cloud, Goldman Sachs, Deutsche Bank. The post Former Google Cloud CISO Phil Venables Joins Ballistic Ventures appeared first on SecurityWeek.

• Groucho’s Wit, Cloud Complexity, and the Case for Consistent Security Policy

  Cloud Security

  The greatest security policies in the world are useless if enterprises don’t have a reasonable, consistent, and reliable way to implement them. The post Groucho’s Wit, Cloud Complexity, and the Case for Consistent Security Policy appeared first on SecurityWeek.

• Oracle Confirms Cloud Hack

  Cloud Security

  Oracle has confirmed suffering a data breach but the tech giant is apparently trying to downplay the impact of the incident. The post Oracle Confirms Cloud Hack appeared first on SecurityWeek.

• ImageRunner Flaw Exposed Sensitive Information in Google Cloud

  Cloud Security

  Google has patched a Cloud Run vulnerability dubbed ImageRunner that could have been exploited to gain access to sensitive data. The post ImageRunner Flaw Exposed Sensitive Information in Google Cloud appeared first on SecurityWeek.

• Security Firms Say Evidence Seems to Confirm Oracle Cloud Hack

  Cloud Security · Data Breaches

  Despite Oracle categorically denying that its Cloud systems have been breached, sample data released by the hacker seems to prove otherwise. The post Security Firms Say Evidence Seems to Confirm Oracle Cloud Hack appeared first on SecurityWeek.

• IngressNightmare Flaws Expose Kubernetes Clusters to Remote Hacking

  Cloud Security

  Critical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes. The post IngressNightmare Flaws Expose Kubernetes Clusters to Remote Hacking appeared first on SecurityWeek.

• Oracle Denies Cloud Breach After Hacker Offers to Sell Data

  Cloud Security

  Oracle has denied that Cloud systems have been breached after a hacker claimed to have stolen millions of records. The post Oracle Denies Cloud Breach After Hacker Offers to Sell Data appeared first on SecurityWeek.

• Industry Reactions to Google Buying Wiz: Feedback Friday

  Cloud Security

  Industry professionals comment on Google acquiring cloud security giant Wiz for $32 billion in cash. The post Industry Reactions to Google Buying Wiz: Feedback Friday appeared first on SecurityWeek.

• Through the Lens of Music: What Cybersecurity Can Learn From Joni Mitchell

  Cloud Security

  A Joni Mitchell song from the 1960s can teach us a lot about securing hybrid and multi-cloud environments. The post Through the Lens of Music: What Cybersecurity Can Learn From Joni Mitchell appeared first on SecurityWeek.

• What’s Behind Google’s $32 Billion Wiz Acquisition?

  M&A Tracker · Cloud Security

  News analysis: Google positions itself to compete with Microsoft for enterprise security dollars. How does this deal affect startup ecosystem? The post What’s Behind Google’s $32 Billion Wiz Acquisition? appeared first on SecurityWeek.

• New AI Protection From Google Cloud Tackles AI Risks, Threats, and Compliance

  Artificial Intelligence · Cloud Security

  Google Cloud’s AI Protection helps discover AI inventory, secure AI assets, and manage threats with detect, investigate, and respond capabilities. The post New AI Protection From Google Cloud Tackles AI Risks, Threats, and Compliance appeared first on SecurityWeek.

• Aryon Security Debuts With Platform to Prevent Cloud Misconfigurations

  Cloud Security

  Misconfigurations are the cause of most cloud breaches. Aryon is on a mission to prevent them. The post Aryon Security Debuts With Platform to Prevent Cloud Misconfigurations appeared first on SecurityWeek.

• Edera Banks $15M for Kubernetes Workload Isolation Tech

  Malware & Threats · Cloud Security

  Seattle startup building technology to mitigate lateral movement and block “living off the land” techniques wins interest from investors. The post Edera Banks $15M for Kubernetes Workload Isolation Tech appeared first on SecurityWeek.

• Rad Security Raises $14 Million for AI, Cloud Security Platform

  Cloud Security · Cybersecurity Funding

  Rad Security has raised $14 million in Series A funding for a defense platform for AI workloads and cloud infrastructure. The post Rad Security Raises $14 Million for AI, Cloud Security Platform appeared first on SecurityWeek.

• Cyber Insights 2025: APIs – The Threat Continues

  Application Security · Cloud Security

  APIs are easy to develop, simple to implement, and frequently attacked. They are prime and lucrative targets for cybercriminals. The post Cyber Insights 2025: APIs – The Threat Continues appeared first on SecurityWeek.

• Mitiga Banks $30M Series B to Expand Cloud and SaaS Security Platform

  Cloud Security

  New York/Israel startup selling threat detection, investigation, and response tools raised $30 million in a Series B led by SYN Ventures. The post Mitiga Banks $30M Series B to Expand Cloud and SaaS Security Platform appeared first on SecurityWeek.

• Critical Aviatrix Controller Vulnerability Exploited Against Cloud Environments

  Cloud Security

  Attackers are exploiting a critical vulnerability in Aviatrix Controller to execute arbitrary code in AWS cloud environments. The post Critical Aviatrix Controller Vulnerability Exploited Against Cloud Environments appeared first on SecurityWeek.

• CISA Issues Binding Operational Directive for Improved Cloud Security

  Cloud Security

  CISA’s Binding Operational Directive 25-01 requires federal agencies to align cloud environments with SCuBA secure configuration baselines. The post CISA Issues Binding Operational Directive for Improved Cloud Security appeared first on SecurityWeek.

• Critical Vulnerabilities Found in Ruijie Reyee Cloud Management Platform

  Cloud Security · Vulnerabilities

  Researchers warn about critical vulnerabilities in Ruijie Networks’ Reyee cloud management platform and Reyee OS network devices. The post Critical Vulnerabilities Found in Ruijie Reyee Cloud Management Platform appeared first on SecurityWeek.

• Veeam Warns of Critical Vulnerability in Service Provider Console

  Cloud Security · Vulnerabilities

  Veeam releases patches for two vulnerabilities in Service Provider Console, including a critical-severity remote code execution bug. The post Veeam Warns of Critical Vulnerability in Service Provider Console appeared first on SecurityWeek.

• Vendors Unveil New Cloud Security Products, Features at AWS re:Invent 2024

  Cloud Security

  AWS and other vendors have announced new cloud security products and features at the cloud giant’s re:Invent 2024 conference. The post Vendors Unveil New Cloud Security Products, Features at AWS re:Invent 2024 appeared first on SecurityWeek.

• AWS Launches Incident Response Service

  Incident Response · Cloud Security

  AWS has launched Security Incident Response, a new service for quick and efficient security event management. The post AWS Launches Incident Response Service appeared first on SecurityWeek.

• Wiz Buys Dazz for $450 Million

  Cloud Security

  Dazz, based in Israel, raised about $110 million from prominent investors like Greylock, Cyberstarts, Insight Partners and Index Ventures. The post Wiz Buys Dazz for $450 Million appeared first on SecurityWeek.

• Vulnerable Jupyter Servers Targeted for Sports Piracy

  Cloud Security

  Misconfigured instances of JupyterLab and Jupyter Notebook have been targeted by threat actors for sports stream ripping. The post Vulnerable Jupyter Servers Targeted for Sports Piracy appeared first on SecurityWeek.

• Google Cloud to Assign CVEs to Critical Vulnerabilities

  Cloud Security

  Google Cloud will be assigning CVE identifiers to serious cloud vulnerabilities, even ones that don’t require patching. The post Google Cloud to Assign CVEs to Critical Vulnerabilities appeared first on SecurityWeek.

• Google Cloud Rolling Out Mandatory MFA for All Users

  Identity & Access · Cloud Security

  Starting this month, Google Cloud will be rolling out mandatory MFA for all users who sign in with a password. The post Google Cloud Rolling Out Mandatory MFA for All Users appeared first on SecurityWeek.

• Honeypot Surprise: Researchers Catch Attackers Exposing 15,000 Stolen Credentials in S3 Bucket

  Cloud Security · Cybercrime

  Sysdig researchers trace a bizarre S3 bucket misconfiguration to EmeraldWhale, exposing 1.5 terabytes of stolen credentials and script. The post Honeypot Surprise: Researchers Catch Attackers Exposing 15,000 Stolen Credentials in S3 Bucket appeared first on SecurityWeek.

• Big Rewards Offered in Dedicated Google Cloud Bug Bounty Program

  Cloud Security

  More than 460 products and services are covered under Google Cloud’s new VRP, with 140 eligible for top tier bug bounty rewards. The post Big Rewards Offered in Dedicated Google Cloud Bug Bounty Program appeared first on SecurityWeek.

• Microsoft Patches Vulnerabilities in Power Platform, Imagine Cup Site

  Cloud Security · Vulnerabilities

  Microsoft has patched ‘critical’ privilege escalation and information disclosure vulnerabilities in Power Platform, Dataverse and the Imagine Cup website. The post Microsoft Patches Vulnerabilities in Power Platform, Imagine Cup Site appeared first on SecurityWeek.

• New CounterSEVeillance and TDXDown Attacks Target AMD and Intel TEEs

  Cloud Security

  Intel and AMD respond to new attack methods named TDXDown and CounterSEVeillance that can be used against TDX and SEV technology. The post New CounterSEVeillance and TDXDown Attacks Target AMD and Intel TEEs appeared first on SecurityWeek.

• Google Cloud Announces General Availability of New Confidential Computing Options

  Cloud Security

  Google Cloud makes new confidential computing options generally available and expands attestation support. The post Google Cloud Announces General Availability of New Confidential Computing Options appeared first on SecurityWeek.

• Cracking the Cloud: The Persistent Threat of Credential-Based Attacks

  Identity & Access · Cloud Security

  Credentials are still the most common entry point for bad actors, even as businesses deploy multi-factor authentication (MFA) to strengthen defenses. The post Cracking the Cloud: The Persistent Threat of Credential-Based Attacks appeared first on SecurityWeek.

• Microsoft: Cloud Environments of US Organizations Targeted in Ransomware Attacks

  Cloud Security · Ransomware

  A threat actor has been compromising the hybrid cloud environments of US organizations in multiple sectors. The post Microsoft: Cloud Environments of US Organizations Targeted in Ransomware Attacks appeared first on SecurityWeek.

• Critical Nvidia Security Flaw Exposes Cloud AI Systems to Host Takeover

  Artificial Intelligence · Cloud Security

  Nvidia confirms risk of code execution, denial of service, escalation of privileges, information disclosure, and data tampering. CVSS 9/10. The post Critical Nvidia Security Flaw Exposes Cloud AI Systems to Host Takeover appeared first on SecurityWeek.

• Tamnoon Raises $12 Million for Cloud Security Remediation Service

  Cloud Security · Cybersecurity Funding

  Tamnoon has raised $12 million in Series A funding for its Managed Cloud Security Remediation service. The post Tamnoon Raises $12 Million for Cloud Security Remediation Service appeared first on SecurityWeek.

• Dependency Confusion Could Have Led to RCE in Google Cloud Platform

  Cloud Security

  Tenable shares details on a dependency confusion attack that led to the execution of code on Google’s internal servers. The post Dependency Confusion Could Have Led to RCE in Google Cloud Platform appeared first on SecurityWeek.

• P0 Security Banks $15M for Security Cloud Access

  Cloud Security

  San Francisco secure cloud access startup gets backing from SYN Ventures, Zscaler, and Lightspeed Venture Partners. The post P0 Security Banks $15M for Security Cloud Access appeared first on SecurityWeek.

• Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue

  Cloud Security

  As many as 15,000 applications using AWS Application Load Balancer (ALB) could be exposed to ALBeast attacks. The post Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue appeared first on SecurityWeek.