IT Governance

NOVEMBER 24, 2021

Cloud services are an integral part of modern business. In this blog, we look at the top five Cloud security challenges that organisations face, and provide tips on how to overcome them. In this blog, we look at the top five Cloud security challenges that organisations face, and provide tips on how to overcome them.

Cloud 133

Cloud Risk Security Data breaches 133

Troy Hunt

JANUARY 23, 2022

I have been, and still remain, a massive proponent of "the cloud" I built Have I Been Pwned (HIBP) as a cloud-first service that took advantage of modern cloud paradigms such as Azure Table Storage to massively drive down costs at crazy levels of performance I never could have achieved before. Something else?

Cloud 145

Cloud Passwords IT Risk 145

eSecurity Planet

SEPTEMBER 10, 2021

From the very beginning of the cloud computing era, security has been the biggest concern among enterprises considering the public cloud. In addition, 95 percent of survey respondents confirmed that they are extremely to moderately concerned about public cloud security. What is cloud security?

Cloud 132

Cloud Security Encryption Risk 132

IT Governance

DECEMBER 9, 2021

Cloud security is an essential part of today’s cyber security landscape. With hybrid working now the norm, many organisations are relying on Cloud services to access data from home or the office. Indeed, Cloud computing can increase the risk of data breaches and regulatory non-compliance, as well as introducing other vulnerabilities.

Cloud 126

Cloud Security Authentication Risk 126

IBM Big Data Hub

JULY 18, 2023

In this blog post, we explore the practical implementation of utilizing Terraform on IBM Cloud to create and manage secrets by seamlessly integrating your IBM Cloud Kubernetes Service with IBM Cloud Secrets Manager. IBM Cloud Kubernetes Service fetches the Secrets Manager secret via the CRN.

Cloud 50

Cloud Passwords Communications Access 50

Security Affairs

JANUARY 30, 2024

As an example of compromised accounts, Resecurity outlined exposed access credentials belonging to a major data center and one of the largest vendors providing international-scale network telephony connectivity to governmental and national telecom providers in Africa.

Passwords 129

Passwords Cybersecurity Cloud Access 129

Thales Cloud Protection & Licensing

NOVEMBER 6, 2019

In a previous blog post ( [link] ) we explored the relationship between GPDR and applications in the cloud. On top of that, Gartner sites SaaS as the largest segment of the cloud market with revenue expected to reach over $85 billion in 2019. The login page to resources such as Salesforce for example, is completely exposed.

Cloud 109

Cloud IT Security Passwords 109

Data Breach Today

AUGUST 7, 2019

According to the 2019 Verizon Breach Report, stolen credentials are the leading attack vector - yet in a recent study by Symantec, only 7% of respondents rated account takeover as a top threat to their cloud infrastructure. Real-world examples of how employee password reuse can threaten your enterprise.

Passwords 155

Passwords Cloud Risk Access 155

Security Affairs

JUNE 7, 2024

The attacks originated from various IP addresses associated with servers hosted on the “Zenlayer” cloud provider (ASN 21859) which is primarily located in Hong Kong. A prime example of this is the ThinkPHP remote code execution (RCE) vulnerabilities CVE-2018-20062 and CVE-2019-9082.” ” continues the analysis.

File names 112

File names Passwords Access Cloud 112

eSecurity Planet

AUGUST 19, 2022

Even cloud infrastructures rely on cookies to authenticate their users. Browsers allow users to maintain authentication, remember passwords and autofill forms. For example, the latest version of the Emotet botnet targets cookies and credentials stored by browsers, which include saved credit cards. How Hackers Steal Cookies.

Authentication 142

Authentication Passwords Encryption Cybersecurity 142

IBM Big Data Hub

MARCH 4, 2024

AI+ Enterprise Transformation With IBM’s depth in AI and hybrid cloud, we have discovered that companies becoming an AI+ enterprise leads to faster realization of business results. We have all seen examples of companies delivering AI built on weak data foundations, leading to undesirable outcomes.

Artificial Intelligence 96

Artificial Intelligence Cloud Government Risk 96

The Last Watchdog

SEPTEMBER 25, 2023

For example, your accounting technology should have features that work to protect your data, like internal controls, multi-factor authentication, or an audit trail that documents change to your data. Cloud vendors often handle the security and backup processes automatically, so examine your technology and see if that is the case.

Cybersecurity 222

Cybersecurity Data breaches Compliance Phishing 222

Security Affairs

OCTOBER 26, 2019

Million Adobe Creative Cloud users have been exposed online through an unsecured server. Million Adobe Creative Cloud users have been exposed online through an unsecured server. The security breach took place this month and only impacted Creative Cloud users. The data leak did not expose financial data or passwords.

Cloud 58

Cloud Passwords Phishing Authentication 58

Daymark

APRIL 6, 2021

Cloud security is a constant concern for organizations of every size. For example, if a password I use frequently (maybe even a strong one) is exposed in a breach of an e-commerce company. They now have a legitimate username and password combination and while we do employ multi-factor, there are constant threats to that.

Mining 102

Mining Passwords Cloud Access 102

The Last Watchdog

JUNE 23, 2021

To boost productivity, they must leverage cloud infrastructure and participate in agile software development. The ongoing waves of Microsoft Exchange ProxyLogon hacks are a good example of these lower-tier attacks. This applies to established companies migrating to cloud infrastructure as well as to digital native startups.

Security 201

Security Passwords Cloud Access 201

eSecurity Planet

APRIL 15, 2022

Many stick with simple username and password combinations despite the weaknesses of this authentication method. The Problem with Passwords. Passwords are the most common method of authentication. As if their crackability wasn’t bad enough, many attackers already have the passwords and don’t need to apply brute-force attacks.

Authentication 130

Authentication Passwords Phishing Access 130

The Last Watchdog

JUNE 3, 2022

Votiro’s new cloud services fit as a pillar of zero trust that is now getting more attention: directly protecting digital content in of itself. Digital content has become the liquid fuel of digital commerce—and much of it now flows into and out of massive data lakes supplied by Amazon Web Services, Microsoft Azure and Google Cloud.

Unstructured data 272

Unstructured data Cloud Authentication Digital transformation 272

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. The flaws reside in a feature named the “XMEye P2P Cloud” that is enabled by default which is used to connect surveillance devices to the cloud infrastructure.

Cloud 89

Cloud Manufacturing Passwords IoT 89

Thales Cloud Protection & Licensing

MARCH 19, 2020

Cloud services like Office 365 and Salesforce (SFDC) for example, are delivered in a SaaS model, and can be deployed rapidly, making it easy for people to work remotely. In reality, most organizations will have a mixture of on-premises and cloud services that employees will need to access.

Security 131

Security Cloud Passwords Access 131

IT Governance

JANUARY 20, 2021

Perhaps there’s a new face in the office that they don’t recognise, or a new password they need to remember, or a database of sensitive information that they need to upload onto the Cloud. For example, he found that employees usually don’t have a solid understanding of information security or their obligations to protect information.

Information Security 124

Information Security Security Passwords Encryption 124

Thales Cloud Protection & Licensing

OCTOBER 17, 2023

How do passkeys differ from passwords? Passkeys offer a more secure alternative to passwords as they require an additional verification step to access, typically involving biometric authentication unique to you. They are also phishing-resistant alternative to passwords. Can you share some examples of multifactor authentication?

Security awareness 129

Security awareness Security Passwords Authentication 129

The Last Watchdog

JULY 27, 2021

The ethical hackers at WizCase recently disclosed another stunning example of sensitive consumer data left out in the open in the public cloud — for one and all to access. This latest high-profile example of security sloppiness was uncovered by a team of white hat hackers led by Ata Hakçil.

Access 203

Access Cloud Encryption Passwords 203

eSecurity Planet

DECEMBER 7, 2023

Cryptographic keys can be random numbers, products of large prime numbers, points on an ellipse, or a password generated by a user. For example, The Health Insurance Portability and Accountability Act (HIPAA) requires security features such as encryption to protect patients’ health information.

Encryption 113

Encryption IT Passwords IoT 113

Krebs on Security

APRIL 11, 2019

and higher can now be used as Security Keys , an additional authentication layer that helps thwart phishing sites and password theft. Once a user has enrolled their Android phone as a Security Key, the user will need to approve logins via a prompt sent to their phone after submitting their username and password at a Google login page.

Security 242

Security Authentication Passwords Phishing 242

The Last Watchdog

APRIL 5, 2019

The Cloud Access Security Broker (CASB) space is maturing to keep pace with digital transformation. We discussed how the basic notion of flowing all data coming into a company’s network — from whatever device or web app — through a cloud gateway for security scanning has become elemental. The cloud presents a dual risk.

Digital transformation 203

Digital transformation Security Cloud Access 203

ForAllSecure

APRIL 4, 2023

Incident response in the cloud. James Campbell, CEO of Cado Security , shares his experience with traditional incident response, and how the cloud, with its elastic structure, able to spin up and spin down instances, is changing incident response. That's the unique thing about clouds that's a different challenge.

Cloud 40

Cloud Government Access IT 40

IT Governance

FEBRUARY 8, 2022

However, the code is actually part of Facebook’s password reset mechanism. If the victim shares the code, the fraudster can use it change the victim’s password and take control of their account. This will send the one-time password to the victim’s account.

Phishing 137

Phishing Passwords Authentication Education 137

Thales Cloud Protection & Licensing

OCTOBER 23, 2023

For example, #CybersecurityAwarenessMonth, celebrating its 20th anniversary this October, aims to empower people and organizations across every sector to protect critical assets against cybercrime. The rising reliance on cloud platforms creates an expanded attack surface for threat actors and adversarial nation-states to exploit.

Energy and Utilities 77

Energy and Utilities Cybersecurity Ransomware Authentication 77

Thales Cloud Protection & Licensing

AUGUST 16, 2023

Enterprise Secrets Management Explained: Best Practices, Challenges, and Tool Selection madhav Thu, 08/17/2023 - 06:28 Whether hosted in the cloud or on-premises, modern applications and integrations have accelerated the need for digital secrets. This includes sensitive data such as passwords, encryption keys, APIs, tokens, and certificates.

Encryption 62

Encryption Cloud Data breaches Passwords 62

eSecurity Planet

AUGUST 4, 2022

By encrypting data, it can only be accessed with the right password and by those with the appropriate access rights. You may have seen passwords getting longer and more complex in recent times. This stems from how easily cybercriminals can figure out passwords and decrypt data or gain access to systems using a brute-force approach.

Encryption 132

Encryption Computer and Electronics Cloud Passwords 132

OneHub

AUGUST 17, 2021

regular staff meetings to keep employees updated on their progress toward these goals and highlight positive examples of teams working together to make this happen. Online storage platforms provide secure cloud servers that keep your data safe while making it more accessible to employees. Provide collaborative tools and resources.

Cloud 52

Cloud File names Access Education 52

Thales Cloud Protection & Licensing

DECEMBER 21, 2017

The nonprofit GDI Foundation has tracked close to 175,000 examples of misconfigured software and services on the cloud this year. As more and more organizations are moving to the cloud, the number of leaky servers is increasing. Q: Should organizations stop moving sensitive data to the cloud? A: Absolutely not.

Cloud 59

Cloud Encryption Data breaches Passwords 59

Security Affairs

JANUARY 1, 2021

of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware.” The vendor removed all vulnerable firmware versions from its cloud and website, except for USG FLEX 100W/700 due to base FW upgrade. . Patch1 in Dec.

Passwords 139

Passwords Access Cloud Security 139

OneHub

JUNE 28, 2021

So, you’ve decided it’s time to level up your business storage and join the cloud. We’ve put together the tips below to help you easily transition from local storage to cloud storage. How to find the best cloud storage solution for your business. These are four of the biggest concerns companies have when moving to the cloud.

Cloud 52

Cloud Communications Encryption Authentication 52

Troy Hunt

APRIL 6, 2023

But more seriously, I cannot think of a better example of ambiguous language that's open to interpretation and so easily avoided (hello MM-DD people!) Next time I post a poll about something as simple as "when is next Friday", I don't expect I'll get as much interest. Also, Genesis Market and Operation Cookie Monster.

Honeypots 84

Honeypots Marketing Passwords Cloud 84

Thales Cloud Protection & Licensing

OCTOBER 28, 2021

Whether you want the ‘trick’ of a malevolent threat actor infiltrating your network by exploiting a compromised password or the ‘treat’ from the peace of mind associated with multifactor authentication, the choice is yours. Here are three terrifying examples. The hacker simply reused the password and gained access to the VPN.

Authentication 71

Authentication Passwords Cloud Data breaches 71

Security Affairs

MAY 23, 2024

“This is a clever example of a fileless attack that exploits a legitimate tool: MSBuild.exe. Attackers also manipulate local Administrator accounts to maintain persistence, they were spotted enabling the disabled local Administrator account, followed by resetting its password.

Archiving 119

Archiving Military Communications Phishing 119