Oracle Cloud, the tech giant that has recently found itself in the spotlight due to a series of allegations concerning a potential data leak of over 6 million files, has firmly rejected claims made by a hacker known as ‘rose87168’. In a statement released to the public, Oracle emphasized that it had conducted a thorough investigation into the matter and was issuing its response based on careful analysis and insights provided by its threat intelligence team.

The Alleged Data Breach

The controversy erupted last Thursday when the hacker using the pseudonym ‘rose87168’ claimed to have breached Oracle Cloud’s Federated Single Sign-On (SSO) Login Servers. The hacker even released a portion of the alleged stolen data, seemingly to demonstrate the authenticity of the breach. According to the hacker, the data contained sensitive information that could compromise the security of Oracle Cloud’s systems.

However, Oracle was quick to respond, and after scrutinizing the leaked data and running diagnostic checks through its automated intrusion detection systems, the company found no evidence to support the claims. In fact, after an in-depth investigation, it was confirmed that no breach had occurred and the so-called ‘leaked’ data was entirely fabricated.

Cybersecurity Challenges in the Digital Age

While the incident highlights a growing trend of cybercrime and misinformation, Oracle isn’t the only tech giant to face such claims. Over the years, many social media influencers, often masquerading as hackers, have used these kinds of allegations to generate buzz, attract followers, or push marketing agendas. These claims are frequently designed to create panic or controversy, without any real substance behind them. In the case of ‘rose87168’, the leaked files were found to be entirely unrelated to Oracle’s SSO credentials or any login information, further proving that the claims were baseless.

Oracle’s History with Cybersecurity and Attacks

Oracle’s reputation has, unfortunately, been marred by past cyberattack speculations. In recent years, the company has faced rumors of security vulnerabilities and even attacks targeting its WebLogic servers. Additionally, there have been accusations that its cloud services were being exploited for crypto-mining malware. Despite these allegations, Oracle has consistently worked to bolster its cybersecurity measures, particularly in its cloud and hybrid environments, which are updated regularly to keep pace with evolving threats.

The company has consistently demonstrated its commitment to protecting its infrastructure by applying the latest cybersecurity practices and leveraging its considerable resources. Similarly, other major companies like Amazon, Facebook, and Twitter face similar challenges in defending their consumer data from hackers. As these organizations operate across multiple sectors and regions, they are frequently targeted by cybercriminals.

The Importance of Ongoing Cybersecurity Vigilance

Although occasional cybersecurity incidents are nearly inevitable for large, multinational companies, it is critical for businesses like Oracle to address any potential weaknesses swiftly and decisively. A recurrence of such events, even if false or exaggerated, must be addressed promptly to maintain public trust and ensure that protective measures are always evolving to counteract the growing sophistication of cyber threats.

In conclusion, while this particular claim of a data breach involving Oracle Cloud has been proven false, the tech industry at large must remain vigilant against both genuine threats and deceptive attempts to exploit these fears for personal gain. As cybersecurity challenges continue to evolve, companies must be proactive and transparent in their efforts to safeguard their data and reassure customers that their systems remain secure.

The post Oracle Cloud denies data breach claims of 6 million data files leak first appeared on Cybersecurity Insiders.

The post Oracle Cloud denies data breach claims of 6 million data files leak appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/4aX6ko5
via IFTTT

The recent arrival of DeepSeek AI not only sent shockwaves throughout Silicon Valley but once again brought some very important data privacy issues back to the surface. Authorities in the Netherlands, Australia, Ireland and France have already begun examining the vendor’s data practices, with privacy worries front and center. In Italy, the regulator has already asked the government to ban the app to protect the data of Italian users.

AI tools aside, these issues are perennial headline-grabbers across the business ecosystem, with organizations everywhere struggling to build strategies that give stakeholders and regulators the certainty they need. The underlying paradox illustrates the depth of the challenge: data is an organization’s most valuable asset, but it can also be its greatest potential risk.

So, what more can organizations do to improve privacy? What approaches represent best practice and, aside from the obvious, what are the upsides of getting privacy processes right?

The foundation for addressing privacy is to first get insights into the data accumulating in the environment. With those insights available, there are three areas to address:

First, identify file types that are not to be stored on corporate systems. While inefficient, the accumulation of non-business-related content can lead to the introduction of ransomware or even silent data exfiltration in the event of a breach.

Second, examine the aging profile of existing datasets. The less data present on a system, the easier it is to ensure the adequate protection of private or sensitive data. A data lifecycle policy should be enacted to ensure that as data ages, it is relocated to the appropriate location for long-term storage until its final disposition.

Third, it makes sense to classify sensitive datasets and then ensure that any data tagged as sensitive or private is stored in areas with highly restricted access permissions.

 Many organizations face difficulties coping with the sheer volume of unstructured data being collected, retained, and used. To cope, they need a solution that is agnostic to the variety of vendor platforms deployed. They also need the flexibility to gain insight into and act on all their unstructured data, whether stored in file or object form—in the cloud or on premises. Acting on what has been observed in the environment will lead to positive downstream outcomes, as outlined above. 

Therefore, what’s required instead is a shift to proactively manage the data, leveraging key insights on the data estate. This will enhance the protection of private or sensitive data in the environment. The legacy (and reactive) approach has been to store all data in perpetuity, but this is no longer a viable approach. 

Meeting governance goals

In this context and driven by widespread and costly data privacy failures, the governance environment has become significantly more complex and demanding. Authorities are now armed with stringent regulatory frameworks and the teeth to impose massive fines.

For organizations focused on compliance – which should, of course, be all of them – effective data governance is dependent on enterprise-wide visibility. Understanding what data exists, where it resides, who owns it and how it is used needs to be backed by a policy-driven approach that enforces strict controls over data classification, access and retention. This is essential to align with both internal requirements and external regulations, such as DORA, GDPR, APRA, CCPA, and HIPAA, among others.

Once governance policies are in place, businesses must continuously monitor and audit their data environments to detect and mitigate risks. The most effective automated tools can enforce compliance by identifying high-risk or sensitive data to ensure it is properly documented, secured and handled to meet governance standards.

Advanced vendor-agnostic data management technologies can also seamlessly integrate unstructured data across diverse storage systems, applications and cloud systems. For those organizations with complex, multi-environment architectures, this is becoming an essential requirement for the delivery of effective governance.

Given the widespread of data-driven technologies (of which GenAI is one), privacy will continue to occupy the minds of business leaders as they look to balance opportunity with risk. Those who do so successfully can enjoy the prospect of a win-win situation where data stays safe but also transforms organizational effectiveness.

The post Data privacy is back in the headlines – how can organizations do a better job? first appeared on Cybersecurity Insiders.

The post Data privacy is back in the headlines – how can organizations do a better job? appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/MJ1DCfP
via IFTTT

AI has reached an inflection point. It’s no longer just a business enabler—it’s redefining the attack surface. As organizations deploy AI to automate decision-making, accelerate operations, and enhance customer experiences, cybercriminals are doing the same, leveraging AI-driven automation to scale attacks faster than security teams can respond. The result? A growing security gap where APIs—the backbone of AI adoption—have become the easiest and most lucrative target.

The DeepSeek API key exposure is just the latest example of how fragile these connections can be. While businesses focus on AI’s potential, security teams must confront the reality: AI is only as secure as the APIs that power it. Without dedicated API protection, organizations risk data breaches, adversarial AI manipulation, and compliance failures—threats that traditional security tools weren’t built to handle.

APIs: The Overlooked Weak Link in AI Security

Every AI system, from large language models to fraud detection engines, relies on APIs to function. But these APIs are often built for speed and functionality—not security. Attackers understand this, shifting their focus from breaking AI models to exploiting the APIs that connect them.

Through exposed endpoints, attackers can steal sensitive data, execute model inversion attacks to infer training data and expose confidential information, or overwhelm APIs with excessive requests, leading to denial-of-service (DoS) disruptions. Business logic attacks—where attackers manipulate API requests to exploit system processes—are becoming the weapon of choice for AI-powered fraud, misinformation campaigns, and large-scale automation abuse. With ransomware increasingly focused on data exposure, compromised APIs can leak customer data, proprietary AI models, and other sensitive assets, creating significant financial and reputational risks for organizations.

Many organizations still fail to incorporate API security into their broader cybersecurity strategy. Traditional security models—centered around firewalls, endpoint detection, and network monitoring—are not designed to address the complexities of API-based attacks. With AI accelerating the reliance on APIs, security teams must evolve their defenses. This means shifting from reactive security measures to continuous API risk assessments, runtime protection, and anomaly detection tailored for AI-driven environments. Without this shift, businesses will struggle to keep up with increasingly sophisticated API-based threats.

AI Agents: From Productivity Boosters to Security Nightmares

The rise of Agentic AI—autonomous AI-driven agents that interact with APIs—introduces a new frontier of risk. These AI-powered entities are designed to make decisions, complete tasks, and execute API calls without human oversight. But what happens when they are compromised?

A single exploited AI agent can trigger unauthorized transactions, exfiltrate sensitive data, or launch automated cyberattacks across multiple systems. Attackers can hijack trusted AI agents to impersonate legitimate users, automate large-scale credential stuffing, or even manipulate enterprise workflows. Security teams must shift their focus from simply defending against automation to securing the very AI-powered agents that enterprises rely on.

Cloud Security Won’t Save You—API Protection Will

When cloud computing first emerged, security concerns around data residency and control slowed adoption. It wasn’t until 2009 that NIST defined cloud models, and by 2011, a formalized shared responsibility model took shape—where cloud providers secured the infrastructure, but organizations remained responsible for their own data and applications. Over time, companies recognized the benefits of cloud adoption and developed security standards, compliance frameworks, and controls to mitigate risk.

AI security is following the same trajectory. While cloud-hosted AI applications provide scalability and efficiency, the security of the APIs that connect these models to business-critical systems falls entirely on the organization. Vendors deliver baseline protections, but security teams must implement the right security controls, update compliance programs, and regularly audit API security to ensure AI-driven processes remain secure. Adopting AI without securing APIs is just as risky as embracing the cloud without governance—security leaders must take an active role in mitigating these risks.

To enable AI adoption safely, security leaders must equip their organizations with the right tools and processes. This means revisiting security strategies, enforcing API security assessments, and embedding AI-specific threat detection into compliance programs. Cloud security alone is not enough—organizations need dedicated API protection to prevent data exposure, adversarial AI manipulation, and large-scale automation abuse.

Security Leaders Must Take Action—Before AI Outpaces Security

The regulatory landscape is evolving as fast as AI adoption itself. The Colorado AI Act, EU AI Act, and FTC regulations are pushing toward stricter AI governance, making weak API security a compliance liability. Organizations that fail to secure AI-powered APIs will not only face cyber threats—they will also face increased scrutiny from regulators, investors, and customers.

Security leaders must act now by conducting full-scale API security audits to uncover vulnerabilities before they are exploited. Continuous monitoring of AI-driven API traffic is critical to detecting adversarial AI manipulation in real time. Business logic abuse must be actively mitigated, preventing attackers from exploiting AI decision-making systems to commit fraud or disrupt operations.

AI is no longer an emerging technology—it’s here. But without a proactive security-first approach, businesses will find themselves constantly reacting to threats rather than staying ahead of them.  Security isn’t optional—it’s the deciding factor between AI-driven success or AI-powered disaster. Organizations that embed API security into AI development will lead. Those that don’t will be left cleaning up preventable breaches.

The post AI-Driven Attacks Are Exploiting APIs—Here’s What Security Leaders Must Do first appeared on Cybersecurity Insiders.

The post AI-Driven Attacks Are Exploiting APIs—Here’s What Security Leaders Must Do appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/NX5s0d6
via IFTTT

While cyber threats evolve at an unprecedented pace, equipping the next generation of cybersecurity professionals with practical, hands-on skills is more critical than ever. ANY.RUN’s Security Training Lab offers a learning environment where users can analyze real-world malware, understand attack techniques, and enhance their threat detection skills. 

Designed for security teams, students, and independent researchers, this interactive platform provides a safe, cloud-based sandbox for analyzing malicious files and URLs in real-time.

Security Training Lab Program’s Contents

The program is based on 30 hours of academic content: texts, video lectures, interactive tasks, and tests. Its main modules focus on: 

• Static Analysis and Advanced Static Analysis: study malware’s structure without executing the files.
• Dynamic Analysis and Advanced Dynamic Analysis: study malware’s behavior. 
• Encryption Algorithms — RC4, XOR, AES, RSA, and others.
• Malware Capabilities: tactics, techniques, evasion mechanics. 
• Analysis of Scripts and Office Files.

STL’s contents and structure

Audiences, Features, and Benefits

With over eight years of expertise in tackling cybersecurity challenges, ANY.RUN has crafted this course to empower students and educators alike. For universities, the program bridges the gap between theoretical knowledge and real-world application. 

As a resource for personal education, it is valuable for the use of practical tools and interactive tasks for progress self-check: from quick tests to more complex assignments. 

Educational institutions can also benefit from Security Training Lab by: 

• enriching their cybersecurity curriculum with modern materials that meet industry standards;
• helping students apply theory in practice;
• monitoring student performance and progress.

Students are presented with opportunities: 

• to get the critical skills employers are looking for;
• to master the latest techniques and tools in malware analysis;
• to work with actual examples of cyber threats and real-world simulations;
• to receive a certificate and an exclusive graduate discount.

One of the tasks on understanding dynamic analysis 

Key Skills Students Can Develop

After successfully completing the course, neophyte malware analysts and threat hunters acquire the following skills critical for a career in the field. 

1. Understanding a malware’s potential capabilities before it runs by analyzing source code and file structure

2. Watching malware behavior in a controlled environment, track its processes, network connections — to predict and counter malicious actions effectively

3. Utilizing frameworks like MITRE ATT&CK to map malware behaviors to known tactics and techniques; to build proactive defense strategies based on threat intelligence.

4. Identifying patterns of malicious activity, such as persistence mechanisms, privilege escalation, and detection evasion techniques, critical for both analysis and hunting.

5. Using a variety of professional tools, industry-standard workflows and techniques.

6. Critical thinking and a strategic approach to cybersecurity. Students learn to formulate hypotheses about threats and devise effective mitigation strategies under realistic conditions.

Conclusion

The Security Training Lab provides a dynamic learning environment where students can engage with real-world threat simulations, ensuring they graduate not only with knowledge but with the confidence and competence to combat modern cyber threats effectively.

Interested in bringing Security Training Lab to your educational institution?  

Contact ANY.RUN and discuss your specific requests and requirements with our team. Ask any questions and get a customized quote. 

The post Learn Malware Analysis with This Hands-on Course first appeared on Cybersecurity Insiders.

The post Learn Malware Analysis with This Hands-on Course appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/reN6BSo
via IFTTT

Today’s organizations face a rapidly multiplying number of digital identities as hybrid work and cloud, SaaS, IIoT, and other technologies proliferate. Companies understand the critical nature of identity security, but they still find Identity Governance and Administration (IGA) challenging and complex. They want cloud-native tools to help them secure identity management, maintain reliable access control for sensitive data, and comply with applicable regulations. At the same time, companies need to keep costs down and maintain performance for users and business operations. These goals all point to the imperative of implanting a modern, SaaS-based IGA solution.

We recently surveyed more than 500 IT and business leaders responsible for access management, identity governance, cybersecurity, compliance, and overall IT administration. The key insights, discussed below, will give organizations an overview of the state of IGA in 2025 and how they can best protect their digital identities. 

Challenges with current IGA

Organizations find their current IGA solutions challenging for several reasons. These solutions have a hard time ensuring appropriate user access control, complicated customization requirements, and a high total cost of ownership (TCO). Almost 60% of survey participants said expensive TCO was a main drawback in their current IGA solution. The situation calls for more flexible and efficient IGA solutions.  

The implication is that enterprises are discovering it’s too time-consuming to upgrade their current IGA solution, or it would require resources they don’t have. Over 50% of those surveyed noted that they lacked the skills and development effort needed to run their solution with customization. About 46% reported functionality gaps in their IGA solution; one is the struggle to ensure users have the right access to data and systems at the right time. The other is the solution’s inability to automate access control and compare access rights.

Increased IT security investment

It’s clear from reported budget allocations that companies understand the increasing importance of cybersecurity – of which IGA is a part – in the current business environment. Almost 90% of participants reported an increase in funding over the last year for security teams and resources.

Enterprises might have increased cybersecurity spending to preempt the financial losses that could result from data breaches, especially in highly regulated industries that hold vast databases of sensitive data. If so, they wouldn’t be wrong; the financial sector saw monetary losses due to cybersecurity incidents more than quadruple since 2017, to the tune of $2.5 billion, according to the International Monetary Fund. IMF data also suggests that most enterprises know the capabilities they need to manage better, as well as how such improvements will impact return on investment and process efficiency. 

Greater interest in Cyber Liability Insurance

In light of rising data breach costs, many companies are choosing to buy Cyber Liability Insurance. Sixty-four percent of survey participants reported that their companies have purchased this insurance to offset breach expenses. And yet, Network Assured found that just 19% of companies have purchased coverage for security incidents costing more than $600,000. That’s a problem that could lead to being underinsured because the average ransom paid by companies that have been breached exceeds $800,000.

Insurers are demanding more stringent security measures to address breach risks. These include strong authentication protocols, better access controls, and an identity governance program that is well-defined. All these measures signal a company’s willingness to meet an insurer’s security requirements.

IGA investment is driven by a desire for efficiency

The main business issues driving IGA investment are complex access governance and time-consuming manual processes. Sixty-one percent of participants named time-intensive manual processes as the first or second factor driving their companies’ investment in IGA. 

For most enterprises, it looks like there are ongoing challenges related to user access management, identity lifecycle management, and manual, error-prone onboarding and offboarding. In addition, 64% of participants noted that the burdensome requirement to manage user permissions across different systems – the process of complex access governance – is the first or second-most important challenge they hope to overcome by investing in a new IGA tool.

Advanced IGA features increase ROI 

Three key features of IGA solutions can substantially increase ROI: enhanced access visibility, user behavior insights, and Role-based Access Control (RBAC). For today’s companies, cloud-based platforms that offer these capabilities are especially valuable.

When survey participants were asked which features would boost their companies’ ROI the most, about 57% pointed to cloud-based user access control such as RBAC. This could signify that many enterprises would see substantial bottom-line advantages by implementing a cloud-based IGA solution that provides improved access control across cloud, multi-cloud, hybrid, and on-premises environments.

Seizing the IGA opportunity

What do these findings suggest about the state of IGA? Well, even though organizations are spending more on IT security, many continue to struggle with TCO. Most companies have confidence in their primary identity security capabilities, but unnecessary access and over-permissioned access are ongoing issues. User access control remains difficult, and Cyber Liability Insurance has become an attractive method for offsetting breach expenses. The good news is that IGA’s advanced features increase a company’s ROI.

Companies can improve the state of their IGA by addressing security gaps and conducting a comprehensive audit of existing IGA capabilities to enhance their IGA strategy. The next step is to invest in an IGA platform that offers modern SaaS features and automates manual processes. This includes built-in analytics that use Generative AI-powered insights to enhance decision-making. These steps will help organizations move forward in their ability to manage today’s deluge of digital identities.

The post Examining the State of IGA first appeared on Cybersecurity Insiders.

The post Examining the State of IGA appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/9hG3OsT
via IFTTT