Legion hacker, a commercial malware tool, has widened its scope in targeting cloud services and can now compromise SSH servers and steal additional AWS-specific credentials, according to security firm Cado Security. The tool's main goal is to harvest credentials and store configuration files. Atta.. read more  

Beginning August 2023, Azure storage will begin phased roll out of changes that disables anonymous access and cross tenant replication for all new storage accounts by default, to align with best practices for security and reduce the risk of data exfiltration. Existing storage accounts will not be im.. read more  

GitLab 16 includes more than 55 improvements and new features. Learn about the most notable new technologies in this GitLab platform... read more  

AWS IAM is a magnificent creation. But developers and security professionals continue to face some recurring challenges while dealing with the service. To that end, the author compiled a wishlist of 5 AWS IAM feature requests: - IAM Authorization Debugging - Mapping of API Calls, IAM Permissions, an.. read more  

The article compares Privileged Access Management (PAM) vs Privileged User Management (PUM) approaches to managing privileged access. PAM manages onetime permission while PUM manages permanent access to critical assets and built-in admin accounts. Combining both approaches can enhance protection of .. read more  

This post explores ways to optimize a Kubernetes cluster, including different cluster node tenancy configurations and sandbox solutions. It underlines the importance of considering critical factors such as resource utilization, network topology, and storage requirements, and provides good practices .. read more  

False positives can distract security teams from actual risks and make it harder to prioritize and address issues. Some common causes of false positives include outdated vulnerability data and inaccurate interpretation of configuration data. To mitigate false positives, it's important to keep vuln.. read more  

Vulnerability management is key to mitigate high-risk cybersecurity threats. Determining every vulnerability type, addressing them holistically, and building a culture of continuous improvement are the core steps to building a well-rounded vulnerability management program. Asset management is a majo.. read more  

OpenAI's ChatGPT is making waves in generative AI chatbots. While there is concern over security risks the technology could introduce, there are also great potential benefits. Generative AI chatbots and LLMs can significantly enhance cybersecurity for businesses in multiple ways, such as improving v.. read more  

The author discusses the impact of cloud computing on business operations and the security issues it brings, particularly with regards to protecting cloud data. To strengthen cloud security, microsegmentation and network virtualization are explored as techniques to create granular security policies,.. read more