Cloud-based repository hosting service GitHub said it took the step of replacing its RSA SSH host key used to secure Git operations “out of an abundance of caution” after it was briefly exposed in a public repository.
The activity, which was carried out at 05:00 UTC on March 24, 2023, is said to have been undertaken as a measure to prevent any bad actor from impersonating the service or

from The Hacker News https://ift.tt/8CNA3ed
via IFTTT

In the modern corporate IT environment, which relies on cloud connectivity, global connections and large volumes of data, the browser is now the most important work interface. The browser connects employees to managed resources, devices to the web, and the on-prem environment to the cloud one.
Yet, and probably unsurprisingly, this browser prominence has significantly increased the number of

from The Hacker News https://ift.tt/bjlMicP
via IFTTT

A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to code execution on targeted systems.
The flaws, tracked as CVE-2023-27898 and CVE-2023-27905, impact the Jenkins server and Update Center, and have been collectively christened CorePlague by cloud security firm Aqua. All versions of Jenkins versions prior to 2.319.2 are

from The Hacker News https://ift.tt/0zhdc78
via IFTTT

Malicious actors can take advantage of “insufficient” forensic visibility into Google Cloud Platform (GCP) to exfiltrate sensitive data, a new research has found.
“Unfortunately, GCP does not provide the level of visibility in its storage logs that is needed to allow any effective forensic investigation, making organizations blind to potential data exfiltration attacks,” cloud incident response

from The Hacker News https://ift.tt/GMHZr2B
via IFTTT

This past January, a SaaS Security Posture Management (SSPM) company named Wing Security (Wing) made waves with the launch of its free SaaS-Shadow IT discovery solution. Cloud-based companies were invited to gain insight into their employees’ SaaS usage through a completely free, self-service product that operates on a “freemium” model. If a user is impressed with the solution and wants to gain

from The Hacker News https://ift.tt/HUoVvnk
via IFTTT

A sophisticated attack campaign dubbed SCARLETEEL is targeting containerized environments to perpetrate theft of proprietary data and software.
“The attacker exploited a containerized workload and then leveraged it to perform privilege escalation into an AWS account in order to steal proprietary software and credentials,” Sysdig said in a new report.
The advanced cloud attack also entailed the

from The Hacker News https://ift.tt/jubrF4o
via IFTTT

At the beginning of January, Gcore faced an incident involving several L3/L4 DDoS attacks with a peak volume of 650 Gbps. Attackers exploited over 2000 servers belonging to one of the top three cloud providers worldwide and targeted a client who was using a free CDN plan. However, due to Gcore’s distribution of infrastructure and a large number of peering partners, the attacks were mitigated,

from The Hacker News https://ift.tt/zn9NlBx
via IFTTT

Security teams typically have great visibility over most areas, for example, the corporate network, endpoints, servers, and cloud infrastructure. They use this visibility to enforce the necessary security and compliance requirements. However, this is not the case when it comes to sensitive data sitting in production or analytic databases, data warehouses or data lakes.
Security teams have to

from The Hacker News https://ift.tt/fCh8L47
via IFTTT

Telecommunication service providers in the Middle East are being targeted by a previously undocumented threat actor as part of a suspected espionage-related campaign.
Cybersecurity firms SentinelOne and QGroup are tracking the activity cluster under the former’s work-in-progress moniker WIP26.
“WIP26 relies heavily on public cloud infrastructure in an attempt to evade detection by making

from The Hacker News https://ift.tt/OL9w8qS
via IFTTT

Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations’ cloud environments and steal email.
“The applications created by these fraudulent actors were then used in a consent phishing campaign, which tricked users into granting

from The Hacker News https://ift.tt/SDqzCe4
via IFTTT