cloud

A critical security configuration in Azure Key Vault has been discovered, potentially allowing users with the Key Vault Contributor role to access sensitive data contrary to Microsoft's documented intentions. This finding, reported by Datadog to...

A sophisticated phishing campaign targeting European companies. The attack, which peaked in June 2024, aims to harvest Microsoft Azure cloud credentials and compromise victims' cloud infrastructure. The campaign primarily targets automotive, chemical, and industrial compound...

Researchers uncovered new security vulnerabilities in the Azure Data Factory Apache Airflow integration dubbed “Dirty DAG”, which allow attackers to get unauthorized write permissions to a directed acyclic graph (DAG) file or use a...

The state-sponsored cyber threat group BlueAlpha has been active since at least 2014 and has recently upgraded its malware delivery system to leverage Cloudflare Tunnels to stage GammaDrop malware.  BlueAlpha has been observed employing spear...

Hackers often target cloud services due to their vast attack surface and the widespread presence of vulnerabilities. Not only that, but even the increasing dependence on cloud infrastructure across various industries boosts the possible impact...

Trend Micro has issued an urgent security bulletin warning users of a critical vulnerability in its Cloud Edge appliance that could allow remote attackers to execute arbitrary code without authentication. The vulnerability tracked as...

Ransomware groups are organized cybercriminal entities that deploy malicious software to encrypt victims' data, demanding ransom payments for decryption keys. The rise of ransomware groups has led to an increase in ransomware incidents globally, affecting...

Azure Automation is a service that automates processes across various cloud platforms, making it easier to manage complicated hybrid setups.  It comes with a runtime environment that lets users set up the environment for running...

 Cloudflare has launched free threat intelligence and over ten new security tools available to all its customers. This initiative addresses some of the most pressing cybersecurity challenges, including account takeover attacks, supply chain attacks,...

A notorious hacking group known as TeamTNT has resurfaced with a new campaign targeting Virtual Private Server (VPS) infrastructures running on the CentOS operating system. The group, known for its cryptojacking activities, has been active...