Topic: cloud security
-
Upwind Launches AI-Powered Exposure Validation Engine for Dynamic CSPM
Upwind's Exposure Validation Engine introduces real-time, dynamic validation for CSPM, moving beyond static checks to confirm live cloud exposures under actual operating conditions. The AI-based framework combines configuration analysis with live reachability testing, simulating attacker methods ...
Read More » -
Corelight's AWS Flow Monitoring Ends Cloud Blind Spots
Corelight's new Flow Monitoring solution for AWS provides unified network visibility across cloud and hybrid infrastructures, reducing SIEM and storage costs by up to 90% compared to traditional methods. The solution converts high-volume AWS flow data into enriched, security-focused intelligence,...
Read More » -
Genetec Adds Audio to Security Centre SaaS
Genetec Inc. has integrated cloud-native audio communications into its Security Centre SaaS platform, enhancing real-time voice capabilities alongside existing video surveillance, access control, and intrusion monitoring in a unified system. This integration allows security teams to verify identi...
Read More » -
Navigating Cloud Complexity for Cyber Resilience
Cloud-first strategies now dominate enterprise infrastructure, with 85% of business applications projected to be SaaS-based, driven by IoT data growth and rapid AI adoption requiring immense processing and storage. The shift to cloud introduces significant security and management challenges, incl...
Read More » -
Microsoft's Entra ID Flaws: A Near-Catastrophic Security Risk
Security researcher Dirk-jan Mollema discovered two severe vulnerabilities in Microsoft’s Entra ID that could have allowed attackers to gain global administrator privileges across nearly all Azure customer environments. The flaws enabled an attacker to impersonate any user in any tenant, potentia...
Read More » -
Microsoft Entra ID Flaw: The Critical Security Risk You Can't Ignore
Security researcher Dirk-jan Mollema discovered two critical vulnerabilities in Microsoft Entra ID that could allow attackers to gain global administrator privileges across nearly all customer tenants. The flaws, involving legacy components like the Access Control Service and Azure Active Directo...
Read More » -
Google Transforms Cloud Security with $32B Wiz Acquisition
Google's $32B acquisition of Wiz marks a significant milestone in enhancing its cloud security capabilities. Discover the strategic implications and future prospects of this groundbreaking move.
Read More » -
Tenable Achieves PROTECTED IRAP & Hits Record Patch Tuesday
Tenable Cloud Security has achieved PROTECTED level certification under Australia's IRAP, validating its robust security controls for government cloud deployments and enabling informed risk-based decisions. The platform addresses multi-cloud security challenges by integrating security throughout ...
Read More » -
Check Point and Wiz Partner to Unify CNAPP and Cloud Security
Check Point and Wiz have launched an integrated cloud security platform that combines prevention-first network security with CNAPP capabilities, enhancing visibility and AI-driven threat prevention. The partnership enables organizations to shift from remediation to prevention, offering real-time ...
Read More » -
Check Point Launches Australian Data Centers for SASE & WAF
Check Point has launched local Australian data centers for its Harmony SASE and CloudGuard WAF services to provide low-latency performance and ensure compliance with national data residency and privacy laws. The new infrastructure helps businesses meet Australian regulations like the SOCI Act and...
Read More » -
Google Drive now blocks ransomware with AI
Google has introduced a new AI-powered feature in Google Drive for desktop that detects ransomware attacks and helps users recover compromised files with minimal effort. The tool automatically halts file synchronization upon detecting suspicious activity, preventing data encryption and allowing q...
Read More » -
Secure Your Google Workspace: Protect Data, Not Just Access
Modern digital workplaces face security challenges from interconnected tools, where attackers exploit legitimate access tokens rather than breaching traditional perimeters. Recent incidents, like the Drift Email compromise, show that third-party integrations can bypass robust security frameworks,...
Read More » -
Hijacked OAuth Apps: Your Cloud's Secret Backdoor
Cybercriminals exploit internal OAuth applications to create persistent backdoors in corporate cloud systems, bypassing security measures like password resets and multi-factor authentication. Attackers deceive users into approving malicious OAuth apps or compromise admin accounts to create truste...
Read More » -
Datadog Secures IRAP Protected Status in Australia
Datadog has achieved IRAP Protected status in Australia, certifying its compliance with stringent security standards for handling sensitive workloads in the public sector and regulated industries. The certification covers Datadog's full suite of observability and security tools, including Infrast...
Read More » -
Securing AI for Space Exploration
Satellite cybersecurity is a growing challenge due to expanding commercial constellations and reliance on delay-prone communication links, creating multiple vulnerabilities. Artificial intelligence is being explored to automate threat detection and response, with debates focusing on centralized, ...
Read More » -
SaaS Security: A New Framework for Essential Controls
Modern enterprises face significant challenges securing their diverse SaaS portfolios due to fragmented security settings and inadequate traditional vendor assessments. The Cloud Security Alliance introduced the SaaS Security Capability Framework (SSCF) to standardize security controls, enabling ...
Read More » -
Indian Bank Data Breach Exposes Thousands of Transfer Records
A significant data breach exposed 273,000 sensitive bank transfer documents from an unsecured Amazon S3 server, compromising account numbers, transaction details, and personal information linked to India's NACH payment system. The Indian fintech firm Nupay acknowledged responsibility for the leak...
Read More » -
Top Cybersecurity Jobs Hiring in September 2025
The cybersecurity field is experiencing high demand for professionals in September 2025, with global opportunities available in various roles and work arrangements, including remote positions. Key roles being recruited for include Application Security Engineers, CISOs, Cloud Security Architects, ...
Read More » -
Secure Your Windows Environments with Runtime CNAPP
Sweet Security has expanded its Runtime CNAPP sensor to include comprehensive protection for Windows cloud environments, offering visibility, threat detection, and automated investigation capabilities previously limited to Linux. The Windows sensor is engineered for cloud deployment using Rust, m...
Read More » -
Prowler Integrates AI into Security Workflows
Prowler has launched Lighthouse AI and an MCP Server, integrating AI into DevSecOps to speed up risk analysis, compliance, and remediation in multi-cloud environments. These tools enable proactive security by automating decision-making, reducing response times, and embedding security directly int...
Read More » -
NTT DATA and Fortanix Partner to Boost AI and Quantum Security
NTT DATA and Fortanix have launched a Cryptography-as-a-Service solution that combines advanced data security with AI expertise to protect sensitive information across hybrid and multicloud infrastructures against current and future quantum threats. The service emphasizes crypto-agility, enabling...
Read More » -
Securing Australia: How AI and Identity Redefine Cybersecurity
Australian businesses face rapidly evolving cybersecurity threats where traditional defenses are inadequate, with attackers now prioritizing immediate execution over stealth using AI to target identity systems. Cloud environments have become particularly vulnerable, with compromised credentials b...
Read More » -
C-Suite's AI Obsession Fuels Critical Security Gaps
Modern organizations face significant security vulnerabilities due to a disconnect between rapid technological adoption and inadequate security practices, with 34% experiencing AI-related breaches. Many companies rely on outdated, reactive metrics like incident frequency, which only assess damage...
Read More » -
FireCloud Total Access: Hybrid SASE That Scales for All Businesses
FireCloud Total Access unifies four security protections into a single cloud-managed platform, offering enterprise-level Zero Trust security accessible to managed service providers and smaller IT teams through WatchGuard Cloud. It replaces traditional VPNs with identity-based access controls, pro...
Read More » -
Illumio's AI Agent Slashes Alert Fatigue, Speeds Threat Response
Illumio's Insights Agent tackles alert fatigue by providing real-time, tailored alerts and one-click remediation recommendations, helping security teams prioritize and neutralize threats efficiently. The system delivers persona-based AI guidance, offering role-specific risk assessments and action...
Read More » -
Microsoft's 2025 Cyberdefense Report: The New Rules of Engagement
AI is fundamentally reshaping cybersecurity by empowering attackers to refine methods, automate operations, and overwhelm traditional defenses, with nation-state actors increasingly leveraging AI for phishing, vulnerability identification, and malware modification. Identity has become the primary...
Read More » -
Illumio's AI Agent Automates Threat Detection and Containment
Illumio's Insights Agent is an AI-driven tool that provides real-time threat detection and one-click containment to help security teams respond faster and reduce alert fatigue. The Agent uses role-aware intelligence to deliver personalized threat insights and automated remediation steps, tailored...
Read More » -
NETSCOUT Enhances Cloud Compliance for Enterprises
NETSCOUT has enhanced its Omnis KlearSight Sensor for Kubernetes to provide deeper visibility for compliance, accelerating threat detection and validating zero-trust policies in response to widespread Kubernetes adoption. The platform addresses compliance risks by capturing packet- and process-le...
Read More » -
Uncover Malicious OAuth Apps in Microsoft 365 with Cazadora
Auditing OAuth applications in Microsoft 365 is critical due to the high risk of malicious apps, which can severely compromise security. Use an open-source script to identify suspicious apps by checking for indicators like mimicry of user names, generic names, or anomalous reply URLs. Huntress re...
Read More » -
Delinea and Microsoft Partner for Identity Security in Microsoft Store
Delinea has joined the Microsoft Security Store Partner Ecosystem, strengthening their long-term collaboration to simplify cybersecurity adoption for organizations globally. As part of the ecosystem, Delinea contributes to development by providing certified solutions and AI agents that integrate ...
Read More » -
Top Cybersecurity Jobs Hiring Now | October 2025
Cybersecurity careers are thriving with high demand across sectors like energy, finance, and healthcare, requiring technical skills and strategic thinking to protect infrastructure from evolving threats. Key roles include Threat Intelligence Analysts, Application Security Engineers, and Cloud Sec...
Read More » -
Top 10 Data Security Companies to Watch in 2026
Atakama provides a browser security platform for managed service providers, enabling data policy enforcement and threat monitoring through browser extensions and dashboards. AvePoint offers a Data Security Posture Management solution that identifies, classifies, and protects sensitive cloud data ...
Read More » -
$4.5M Bounty: Zeroday Cloud Hacking Contest
The Zeroday Cloud hacking competition, backed by Google Cloud, AWS, and Microsoft, offers a $4.5 million prize pool for discovering critical vulnerabilities in open-source cloud and AI tools during the Black Hat Europe conference. Participants can compete in six categories, such as AI and Kuberne...
Read More » -
Avnet Data Breach: Stolen Data Deemed Unreadable
Avnet confirmed a data breach involving externally hosted cloud storage, where unauthorized individuals accessed a database for an internal sales application in the EMEA region, but the proprietary platform itself was not compromised. The company detected the intrusion on September 26, immediatel...
Read More » -
$4.5M Prize: New Cloud Hacking Challenge Opens
Wiz, AWS, Google Cloud, and Microsoft have launched the Zeroday.Cloud hacking competition with a $4.5 million prize pool to uncover critical vulnerabilities in cloud infrastructure, culminating in live exploits at Black Hat Europe. The contest features six technology categories with tiered reward...
Read More » -
Go Beyond Checklists: Build a Mature Automotive Cybersecurity Program
A mature automotive cybersecurity program requires a foundation in established frameworks like ISO, but must go beyond compliance by developing a tailored risk management strategy that addresses unique threats and deploys proactive controls across the enterprise. Comprehensive threat visibility, ...
Read More » -
PwC: AI Leads Cybersecurity Spending as Top Priority
Artificial intelligence is now the top cybersecurity spending priority for businesses, reflecting a strategic shift toward AI-driven defense mechanisms against evolving digital threats. AI-based security solutions lead budget priorities at 36%, surpassing other areas like cloud security and netwo...
Read More » -
Macquarie & Netskope: Simplified Network, Cloud & AI Security for Australia
Macquarie Telecom and Netskope have formed a strategic alliance to offer a unified Secure Access Service Edge (SASE) solution, combining SD-WAN with advanced security for cloud and AI environments. The integrated platform provides comprehensive threat protection, cost savings, and compliance with...
Read More » -
Mycroft Secures $3.5M for AI Security & Compliance Platform
Mycroft, a Toronto startup, has secured a $3.5 million seed funding round led by Luge Capital to accelerate development of its autonomous AI platform for managing security and IT infrastructure. The company's platform acts as an AI Security and Compliance Officer, offering cloud and application s...
Read More » -
35 Must-Have Open-Source Security Tools for Red Teams & SOCs
The article highlights 35 essential open-source security tools for various domains like cloud security, threat hunting, and vulnerability management, aiding red teams and SOC analysts. Key tools include Autorize for authorization testing, BadDNS for DNS security, and Beelzebub for...
Read More » -
Hiring Now: Cybersecurity Jobs in October 2025
A variety of cybersecurity roles are available globally in October 2025, including positions for analysts, engineers, consultants, and leadership, with options for remote, on-site, or hybrid work arrangements. Key leadership positions like Chief Information Security Officer (CISO) involve develop...
Read More » -
300k+ Plex Servers Still Vulnerable to Attack, Git RCE Exploited
Over 300,000 Plex Media Server systems remain vulnerable to attack due to an unpatched critical flaw, risking media libraries and personal data. Multiple sectors face active threats, including Git systems exploited for remote code execution and NetScaler devices targeted via a zero-day vulnerabil...
Read More » -
Tycoon 2FA Phishing Platform Exposes Legacy MFA Flaws
The Tycoon 2FA phishing kit enables attackers to easily bypass multi-factor authentication by using automated tools and fake login portals, primarily targeting Microsoft 365 and Gmail credentials. It intercepts user credentials and session cookies in real-time while mimicking legitimate login exp...
Read More » -
Metrics Don't Lie, But They Can Mislead Without Business Context
Aligning IT with business outcomes requires shared metrics and joint forums where technology and business priorities are reviewed together to ensure accountability for both IT performance and commercial results. As companies shift to managing cloud and multi-vendor environments, essential skills ...
Read More » -
ImmuniWeb Continuous: AI-Powered, Always-On Security Testing
ImmuniWeb Continuous offers 24/7 penetration testing and vulnerability scanning for web applications, APIs, and microservices, ideal for businesses with multiple applications across varied infrastructures. The platform combines AI-driven automated scanning with optional manual testing by experts,...
Read More » -
AI Cloud Protect: Next-Gen Enterprise Security by Check Point & NVIDIA
AI Cloud Protect is a joint security solution from Check Point and NVIDIA designed to safeguard on-premises enterprise AI environments, protecting the entire AI lifecycle from development to inference without compromising performance. The solution addresses urgent security needs, as over half of ...
Read More » -
Cybersecurity's Triple Threat: AI, Quantum, Geopolitics
Geopolitical tensions and emerging threats are elevating cybersecurity to a top strategic priority, prompting organizations to reassess infrastructure and partnerships. Despite increased budgets and AI investments, low confidence in resilience persists due to legacy systems, reactive spending, an...
Read More » -
60,000 Redis Servers Exposed by Critical Security Flaw
A critical vulnerability (CVE-2025-49844) in Redis, rated 10.0 in severity, allows attackers to gain full control over servers by exploiting a flaw in the Lua scripting engine that has existed for 13 years. Approximately 60,000 publicly accessible Redis servers with no authentication are at direc...
Read More » -
Czech Agency Warns of Chinese Tech Risks in Critical Infrastructure
The Czech Republic's cybersecurity agency warns critical infrastructure operators to avoid Chinese technology and data transfers due to high risks of disruption and national security threats. Chinese laws allow government access to data from private cloud providers, and malicious cyber activities...
Read More » -
Hiring Now: Top Cybersecurity Jobs in November 2025
The global demand for skilled cybersecurity professionals is rising, with November 2025 offering diverse roles across specializations like application security, cloud infrastructure, and governance to address evolving digital threats. Positions span various countries and work arrangements, includ...
Read More »