In the dynamic landscape of data security, navigating the complexities of modern architectures requires a sophisticated approach. The exponential growth of data and the proliferation of cloud services require advanced security strategies that can adapt to rapidly changing conditions. Traditional methods of data protection, while foundational, often fall short in addressing the … [Read more...] about Demystifying Data Protection in the Cloud
cloud
Fal.Con 2024 – Innovations in Cloud Security
As we gather for Fal.Con 2024, we’re thrilled to unveil groundbreaking advancements in CrowdStrike Falcon® Cloud Security that are set to redefine cloud security. These innovations are more than just technical enhancements — they’re a bold step towards a future where unified security posture management (USPM) across cloud infrastructure, applications, data and AI becomes the … [Read more...] about Fal.Con 2024 – Innovations in Cloud Security
Secure your Elastic Cloud account with multifactor authentication (MFA)
For detailed information about Elastic Cloud MFA, including setup instructions, best practices, and FAQs, please refer to our comprehensive documentation in Elastic Cloud account security and MFA guide.At Elastic, we're committed to providing you with the tools and features you need to keep your data secure. Enabling robust and secure MFA is just one more way we're working to … [Read more...] about Secure your Elastic Cloud account with multifactor authentication (MFA)
Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability
Sep 14, 2024Ravie LakshmananEnterprise Security / Threat Intelligence Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances. "An OS command injection … [Read more...] about Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability
Cloud Security Takes the Stage at Fal.Con 2024
Cloud adoption has revolutionized organizations in recent years, driven by its ability to prevent data loss, enhance security through centralized management, drive resource scalability and reduce costs. Most organizations are already reaping the benefits of cloud transformation. Along with the advantages of cloud adoption come new and evolving risks. Adversaries are growing … [Read more...] about Cloud Security Takes the Stage at Fal.Con 2024
5 Steps to Take When Securing Google Cloud Resources
Securing the cloud has become increasingly complex as organizations adopt hybrid and multi-cloud resources to meet their demanding business requirements. It’s also more crucial than ever: From 2022 to 2023, CrowdStrike identified a 75% increase in cloud intrusions. As organizations migrate their workloads and assets to the Cloud, they must take the necessary steps to protect … [Read more...] about 5 Steps to Take When Securing Google Cloud Resources
Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts
Aug 16, 2024Ravie LakshmananCloud Security / Application Security A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated with cloud and social media applications. "Multiple security missteps were present in the course of this campaign, including the … [Read more...] about Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts
Encryption at rest in Elastic Cloud: Bring your own key with AWS KMS
Elastic Cloud Hosted deployments that have been encrypted with AWS KMS keys also support AWS KMS key security policies and features, such as key rotation and key revocation. Key rotation minimizes the risk of data leaks due to key compromise. Key revocation is an additional security measure, where access to encrypted data via a compromised key is terminated, either via … [Read more...] about Encryption at rest in Elastic Cloud: Bring your own key with AWS KMS
Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
Jul 27, 2024NewsroomCybersecurity / Cloud Security Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the goal of stealing users' Google Cloud credentials from a narrow pool of victims. The package, named "lr-utils-lib," attracted a total of 59 downloads before it was taken down. It … [Read more...] about Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
3 Key Components to Look For in a Cloud Detection and Response Solution
Adversaries are increasingly attacking cloud environments, as evidenced by a 75% surge in cloud intrusions year-over-year in 2023. They are also getting faster: The fastest breakout time was clocked at just over 2 minutes, according to the CrowdStrike 2024 Global Threat Report. Today’s adversaries are outpacing legacy security approaches. Disjointed point solutions can’t scale … [Read more...] about 3 Key Components to Look For in a Cloud Detection and Response Solution