Security
Headlines
HeadlinesLatestCVEs

Tag

#aws

Tenable Adds Third-Party Connectors to Exposure Management Platform

Tenable One now pulls in data from AWS, Microsoft, and competitors to provide a holistic security view of an organization's attack surface.

DARKReading
#microsoft#aws
Hazy Hawk Attack Spotted Targeting Abandoned Cloud Assets Since 2023

Infoblox reveals Hazy Hawk, a new threat exploiting abandoned cloud resources (S3, Azure) and DNS gaps since Dec…

AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation

Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts. "These roles, often created automatically or recommended during setup, grant overly broad permissions, such as full S3

Duping Cloud Functions: An emerging serverless attack vector

Cisco Talos built on Tenable’s discovery of a Google Cloud Platform vulnerability to uncover how attackers could exploit similar techniques across AWS and Azure.

Using RHEL confidential virtual machines to protect AI workloads on Microsoft Azure

Artificial intelligence (AI) workloads are revolutionizing the industry, impacting healthcare, finance services, national security and autonomous systems. As part of this revolution, organizations are increasingly moving their AI workloads to the cloud, taking advantage of its scalability, flexibility and cost-effectiveness. Of course this transition to the cloud brings new challenges around data privacy, intellectual property and regulation compliance. Existing virtual machines (VMs) provide isolation between workloads, but they cannot protect workloads from privileged users and software com

Anonymous Hackers Steal Flight Data from US Deportation Airline GlobalX

A hacker group claiming affiliation with Anonymous says it breached GlobalX Airlines, leaking sensitive flight and passenger data…

Spam campaign targeting Brazil abuses Remote Monitoring and Management tools

A new spam campaign is targeting Brazilian users with a clever twist — abusing the free trial period of trusted remote monitoring tools and the country’s electronic invoice system to spread malicious agents.

New Cloud Vulnerability Data Shows Google Cloud Leads in Risk

New research shows Google Cloud and smaller providers have the highest cloud vulnerability rates as compared to AWS…

Chat App Used by Trump Admin Suspends Operation Amid Hack

TM SGNL, a chat app by US-Israeli firm TeleMessage used by Trump officials, halts operations after a breach…