Researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows hackers to use the platform's System Manager (SSM) agent as an undetectable Remote Access Trojan (RAT).
The Cisco SD-WAN vManage management software is impacted by a flaw that allows an unauthenticated, remote attacker to gain read or limited write permissions to the configuration of the affected instance.
A new fileless malware named PyLoose has been targeting cloud workloads to hijack their computational resources for Monero cryptocurrency mining.
Western Digital is warning owners of My Cloud series devices that can no longer connect to cloud services starting on June 15, 2023, if the devices are not upgraded to the latest firmware, version 5.26.202.
A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by EC-Council identified 4 primary areas of grave concern: cloud security, data security, security governance, and lack of cybersecurity talent.
Hackers use a novel method involving RBAC (Role-Based Access Control) to create persistent backdoor accounts on Kubernetes clusters and hijack their resources for Monero crypto-mining.
A new modular toolkit called 'AlienFox' allows threat actors to scan for misconfigured servers to steal authentication secrets and credentials for cloud-based email services.
An advanced hacking operation dubbed 'SCARLETEEL' targets public-facing web apps running in containers to infiltrate cloud services and steal sensitive data.
GoTo (formerly LogMeIn) is warning that threat actors stole encrypted backups containing customer information and an encryption key for a portion of that data.
Health insurance provider Medibank has confirmed that a ransomware attack is responsible for last week's cyberattack and disruption of online services.
Security researchers have noticed an increase in the number of databases publicly exposed to the Internet, with 308,000 identified in 2021. The growth continued quarter over quarter, peaking in the first months of this year.
Docker APIs on Linux servers are being targeted by a large-scale Monero crypto-mining campaign from the operators of the Lemon_Duck botnet.
Hetzner Online GmbH, a German cloud services provider, told some customers this week that their data had been irreversibly lost and were provided a 20€ compensation in online credit.
Microsoft has shared guidance on securing Windows 365 Cloud PCs and more info on their built-in security capabilities.
A security researcher was able to add a counterfeit test package to the official list of Microsoft Azure SDK latest releases. The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite.
OVH founder and chairman Octave Klaba has provided a plausible explanation for the fire that burned down OVH data centers in Strasbourg, France.
A publicly exposed cloud storage bucket was found to contain images of hundreds of passports and identity documents belonging to journalists and volleyball players from around the world.
Muhstik botnet has been targeting cloud infrastructure for years. New details have emerged related to this malware that shed light on its nefarious activities and origins.
The TeamTNT cybercrime group has recently updated its crypto-mining worm with password-stealing capabilities and with an additional network scanner to make it easier to spread to other vulnerable devices.
A ransomware operation has started to utilize a new tactic to extort their victims: DDoS a victim's website until they return to the negotiation table.