A new attack named VMScape allows malicious virtual machines to leak cryptographic keys from unmodified QEMU hypervisors on modern AMD and Intel CPUs, breaking the isolation between VMs and the cloud hypervisor. The researchers from ETH Zurich demonstrated that this attack could target cloud providers without needing to compromise the host, posing a significant risk to multi-tenant cloud security, although it requires advanced technical skills to execute. AMD and Intel have been notified, and mitigations have been released to address the vulnerability.

Mondoo's Agentic Vulnerability ManagementTM autonomously identifies, prioritizes, and remediates vulnerabilities across various IT infrastructures, significantly reducing vulnerabilities and speeding up remediation processes. By leveraging AI for continuous monitoring, Mondoo enhances security posture and compliance while allowing security teams to focus on strategic initiatives. The platform offers flexible deployment options and features a proactive approach to vulnerability management through its unique Mondoo flow.

The eBook offers strategies for hardening Windows Servers, emphasizing the importance of tailored configurations and the implementation of the Zero Trust model to combat internal and external security threats. It provides actionable steps for businesses to enhance their server security in an evolving technological landscape.

Google has addressed a privilege escalation vulnerability in Cloud Composer 2, which could have allowed attackers with edit permissions to exploit the default Cloud Build service account. The fix, implemented in December 2024, ensures that environments use their service accounts for package installations, thereby enhancing security. No evidence of exploitation has been reported.

AI agents are being developed to emulate the reasoning patterns of cloud security experts, enabling them to identify and exploit privilege escalation vulnerabilities in AWS environments. These agents can not only detect complex attack vectors, which traditional tools often miss, but also automate the execution of these attacks, raising ethical concerns about sharing methodologies that could also benefit malicious actors. The future of cloud security may see a shift towards continuous autonomous threat emulation, challenging the current landscape of cyber defense.

A data leak from the Fitify fitness app exposed 138,000 user progress photos and other sensitive files due to misconfigured Google cloud storage. The incident underscores significant security flaws in the app's data protection measures, revealing that users' private images could be accessed without authentication. Fitify has since closed the exposed storage but faces scrutiny over its handling of user data.

The article provides insights into effective AWS policies and where to locate them, focusing on best practices for managing permissions and access in cloud environments. It emphasizes the importance of tailored and secure policies to enhance operational efficiency and security compliance.

The article discusses the capabilities of a next-generation AI-powered Cloud-Native Application Protection Platform (CNAPP) designed to enhance security for cloud-native environments. It highlights the platform's advanced features, which include automated threat detection, compliance monitoring, and vulnerability management, aimed at protecting applications and data in dynamic cloud settings.

Sysdig has introduced an AI-powered vulnerability management solution that enhances remediation efforts by providing actionable insights and guidance. By integrating runtime context and automating recommendations, Sysdig enables security teams to quickly address high-risk vulnerabilities, significantly reducing the time to remediate and improving collaboration between security and development teams.

Microsoft warns that default configurations in Kubernetes Helm charts can expose sensitive data by lacking proper security measures, such as authentication and using weak passwords. Research highlights specific cases where these vulnerabilities could allow attackers to exploit misconfigured applications, stressing the need for organizations to review and secure their Helm chart deployments carefully.

Join the quarterly webinar series featuring FortiCNAPP product experts as they unveil the latest innovations in cloud security. Attendees will gain insights into new features, learn practical strategies for enhancing security posture, and have the opportunity to engage in live Q&A sessions to address specific concerns.

Keeper Secrets Manager is a cloud-based solution designed for secure secrets management, specifically targeting Non-Human Identities (NHIs) like API keys and database credentials. It offers features such as role-based access controls, automated credential rotation, and seamless integration with popular DevOps tools to enhance security and compliance in IT environments. The platform promotes a zero-trust, zero-knowledge approach to protect sensitive information across various infrastructures.

Building a cloud security roadmap is essential for organizations to effectively manage and mitigate risks associated with cloud environments. The article outlines key components of such a roadmap, including risk assessment, compliance considerations, and the importance of continuous monitoring and improvement. It emphasizes the need for a strategic approach to ensure robust cloud security practices are in place.

Intrusion Shield for AWS offers an automated cloud firewall that utilizes decades of threat intelligence to block risky network traffic without the need for manual rule management. It analyzes all network traffic in real-time, generates firewall rules, and provides prioritized recommendations for addressing security risks. Available on AWS Marketplace, it simplifies security for lean teams by minimizing alerts and streamlining threat management.

Protecting a hybrid workforce requires robust security measures as remote employees become vulnerable endpoints in the cybersecurity framework. IT security teams must ensure visibility and control over data across various environments, including data centers and cloud applications. Fortra offers solutions to minimize risks and enhance data security for dispersed teams.

Palo Alto Networks has introduced a new application security posture management (ASPM) capability within its Cortex Cloud platform, designed to enhance security in modern development workflows. This capability allows teams to prevent risks earlier in the software lifecycle by integrating findings from various AppSec tools and providing comprehensive context for better prioritization and automated remediation. By shifting from reactive to proactive security measures, organizations can effectively manage vulnerabilities and reduce the burden on development teams.

Maze has launched a new AI-driven solution for vulnerability management, raising $31 million to help organizations better control cloud security breaches. The AI agents are designed to identify and resolve critical vulnerabilities, reducing false positives and significantly shrinking vulnerability backlogs, allowing security teams to respond more effectively to threats.

Unit 42 researchers have identified a surge in ELF-based malware targeting cloud infrastructure, predicting that threat actors will increasingly use complex tools to exploit Linux environments. The study highlights five specific malware families, their evolving techniques, and the urgent need for enhanced detection and prevention mechanisms in cloud security.

Companies outside US jurisdiction should reassess their threat models when utilizing US-based cloud providers, as the US government’s aggressive actions may compel these providers to act against their customers. The article discusses various attack vectors unique to the US government that could impact cloud service users, emphasizing the need for enhanced security measures to maintain confidentiality and data integrity.

Implementing guardrails in cloud infrastructure is essential to prevent security vulnerabilities, unexpected costs, and compliance issues. The article explains how Open Policy Agent (OPA) can be integrated with Terraform to enforce policies as code, ensuring consistent governance and security for cloud resources. It provides practical policy examples and steps for integrating OPA into Terraform workflows.

The article discusses the future of runtime cloud security in 2025, highlighting emerging threats and innovations in security practices. It emphasizes the importance of proactive measures and advanced technologies to protect cloud environments from increasingly sophisticated attacks. The insights aim to prepare organizations for the evolving landscape of cloud security challenges.

The article discusses a method for escalating privileges in a cloud-native environment by manipulating an administrator's PowerShell profile after gaining OneDrive permissions. The process involves uploading a backdoor script to the admin's OneDrive, which executes when they launch PowerShell, allowing attackers to harvest sensitive tokens and potentially gain further access to the system.

A Cyber Security Analyst is responsible for monitoring and securing an organization's IT infrastructure by analyzing threats and implementing security measures to protect sensitive data. Essential skills include cybersecurity, vulnerability management, and incident management. The article also highlights recommended courses and other related IT roles in the cybersecurity field.

FortiCNAPP is a unified platform designed to enhance cloud security by automating risk management, threat detection, and compliance monitoring across multi-cloud environments. It simplifies and strengthens security operations, enabling teams to quickly identify and respond to threats while maximizing productivity with minimal effort. The solution integrates advanced machine learning to continuously monitor for unusual behaviors and vulnerabilities, improving overall security efficacy.

CloudRec is an open-source multi-cloud security posture management platform that enhances the security of cloud environments through comprehensive asset collection, real-time inspection, and risk event operations. It features a flexible rule configuration engine based on OPA, supports multiple cloud providers like AWS and GCP, and offers user-friendly management tools for asset and risk operations. The platform allows for easy expansion and customization to meet enterprise needs.

The article discusses the strategic partnership between Palo Alto Networks and CyberArk, highlighting how their collaboration is set to transform cybersecurity practices. By integrating their technologies, they aim to enhance threat detection and response capabilities, thereby reshaping the landscape of identity protection and cloud security.

A guide to selecting cloud security tools for AWS focuses on protecting cloud applications from modern security threats. It discusses key areas such as endpoint and user security, traffic and application protection, and incident management, emphasizing the need for effective platforms to manage security across complex environments.

Effective secrets management is crucial for organizations navigating their cloud journey, helping to mitigate risks associated with account compromise. This article outlines an 18-point checklist tailored to different stages of cloud adoption, focusing on best practices for managing secrets securely as environments grow more complex.

Effective vulnerability remediation involves identifying, prioritizing, and addressing security weaknesses in systems and applications, particularly within cloud environments. A strategic approach, including continuous monitoring and a combination of automated and manual methods, is essential in managing the overwhelming volume of vulnerabilities while mitigating risks and ensuring compliance.

Fortra's Data Security Posture Management (DSPM) solution provides organizations with tools to discover, classify, and protect sensitive data across various environments, including cloud and on-premises. The platform enhances visibility into data ecosystems, prioritizes risks based on data sensitivity, and integrates data loss prevention measures to ensure comprehensive protection.

A Cyber Security Analyst is responsible for monitoring and securing an organization's IT infrastructure by analyzing threats and implementing protective measures against cyber attacks. Key skills required for this role include cybersecurity, vulnerability management, and incident management. The article also highlights recommended courses and related job roles in the field of cybersecurity.

AWS detection engineering practices were critically assessed after a breach simulation revealed undetected attacker persistence. The team rebuilt their detection capabilities by focusing on key log sources like CloudTrail, VPC Flow Logs, and GuardDuty, emphasizing the importance of correlation across these sources for effective threat detection.

Shield Cloud is a software-based firewall gateway for AWS environments that utilizes Intrusion Applied Threat Intelligence to dynamically generate firewall rules and block malicious traffic. It offers centralized policy management through the Intrusion Command Hub and supports stateful firewall functionality and Zero Trust architecture for enhanced VPC security. With automated updates and detailed reporting, Shield Cloud simplifies compliance and operational management for cloud resources.

The article presents an in-depth report on cloud security risks, highlighting the increasing threats faced by businesses operating in cloud environments. It discusses the types of vulnerabilities and potential impacts on organizations, emphasizing the necessity for improved security measures and awareness to mitigate these risks.

Business and technical leaders must engage their cloud teams with critical questions to enhance cloud security and compliance. By focusing on visibility, policy enforcement, and proactive risk management, organizations can integrate security into their development processes, ensuring safety and innovation in multi-cloud environments.

The article discusses various products and solutions offered by Datadog, focusing on enhancing enterprise developer enablement through comprehensive security measures, monitoring tools, and industry-specific applications. It highlights capabilities in code security, cloud monitoring, and compliance across multiple sectors including finance, healthcare, and technology.

The article explores the persistent nature of attackers in cloud environments, highlighting various tactics they employ to infiltrate and exploit systems. It emphasizes the importance of vigilance and proactive security measures to protect against ongoing threats in the cloud landscape. Strategies for detection and response are discussed to help organizations mitigate risks effectively.

SentinelOne has introduced a new standard in unified cloud security by leveraging truly AI-driven technology. This advancement aims to enhance security measures across various platforms, providing a more integrated and efficient approach to threat detection and response.

The Trump administration has denied allegations from a whistleblower that officials at the Social Security Administration (SSA) copied sensitive data to an insecure cloud system. SSA Commissioner Frank Bisignano stated that the NUMIDENT database has not been compromised and that the agency's cloud infrastructure is secure and continuously monitored. He emphasized that the data has been stored in Amazon Web Services (AWS) without any transfers to a private cloud server.

Cloud Snitch is a powerful tool designed to enhance your understanding of AWS account activity, providing an intuitive interface for exploring and documenting AWS principals, IP addresses, and network activity. It helps users quickly identify errors and suspicious behavior, while also allowing for the generation and management of service control policies to enforce security compliance. Open-sourced under the MIT license, it can be deployed easily or used through cloudsnitch.io.

Preparing for cloud incidents requires a strategic approach to logging across major cloud providers. This article ranks essential logs for Microsoft, AWS, and Google Cloud, providing insights on their criticality for detecting and responding to security incidents, as well as real-life case studies illustrating their importance. Ensuring the right logs are enabled and retained is vital for effective incident response.

Fortra offers a tailored demo of its cloud security solutions to help organizations address data protection challenges. The demo will cover specific needs, Fortra's unique architecture, and analytics tools designed to enhance data security. Interested parties can fill out a form to schedule a consultation.

SonicWall has revealed that a breach of its cloud backup service impacted 100% of firewall configuration files for all affected customers, a significant increase from the previously estimated 5%. The company is working with Mandiant to enhance security measures and has advised customers on necessary remediation steps.

The offering includes a free 15-day trial of Palo Alto Networks' VM-Series Virtual Firewall, providing advanced security features to protect AWS workloads from various threats such as malware and phishing. It supports seamless integration with AWS environments and offers automated policy management, enhanced threat prevention, and easy deployment through the AWS platform.

The article on Datadog's website presents insights into the current state of cloud security, highlighting key trends, challenges, and best practices that organizations face in securing their cloud environments. It emphasizes the importance of adopting proactive security measures and the role of advanced monitoring tools in mitigating risks associated with cloud computing.