Misconfigured AWS buckets have led to huge data breaches. Following a handful of practices will help keep you from becoming the next news story.(image by conceptualmotion, via Adobe Stock)When it comes to public cloud services, there's Amazon's AWS and then there's everyone else. With an estimated 39% market share, it's a rare cybersecurity professional who

Take a comprehensive approach to better protect your organization. Security hygiene is a must, but also look at your risk posture through a data protection lens.People have been talking about making the transition to the cloud for more than a decade. The day that happens is no longer in the future: It's here now. More businesses than ever use multicloud envi

Nearly 60% of IT and security pros say deployment of business services in the cloud has rushed past their ability to secure them.RSA CONFERENCE 2020 - San Francisco - The majority (59.4%) of IT and security professionals are concerned about their ability to effectively secure cloud-based enterprise services as businesses continue to adopt them.For Firemon's

Trusting the cloud involves a change in mindset. You must be ready to use runtime encryption in the cloud.As we have seen in several major cybersecurity breaches, attackers will prey on a system's weakest points to harvest its data. An important source of vulnerability occurs at runtime, when data is in use. In response, enterprise developers must lever

With the release of the 2020 Gartner Magic Quadrant for Security Information and Event Management (SIEM), we feel that it is an appropriate time to reflect on the evolution of SIEM over the years. Starting out as a tool originally designed to assist organizations with compliance, SIEM evolved into an advanced threat detection system, then into an investigati

While most large enterprises are moving to the cloud in some form, the path is never as direct as chief information officers (CIOs) and chief information security officers (CISOs) might like it to be. Most come to terms with the fact that the cloud won’t be a single offering, but rather a hybrid multicloud that aligns critical applications with cloud s

With these fundamentals in mind, organizations can reduce their security and compliance risks as they reap the cloud's many benefits:The cloud, once touted as an IT panacea, has a flip side that we see all too often in headlines when malicious actors take advantage of gaps in security. This cannot be repeated enough: Securing data and networks in a cloud env

Let’s face it: Vulnerability management is not what it used to be a decade ago. Actually, it is not what it used to be a couple of years ago. Vulnerability management is one of those ever-evolving processes. Whether it is because of compliance mandates, board demands, an overall desire to reduce risk, all of these objectives or none, almost every organ

Amazon Web Services is a top source of cyberattacks, responsible for 94% of all Web attacks originating in the public cloud.Cloud-enabled cyberattacks are ramping up, as indicated in a new Netskope study that found 44% of security threats use cloud services in various stages of the kill chain. Attackers are targeting popular cloud apps and services to e

Sometimes, consumers have it easy. Take, for example, when they accidentally lock themselves out of their personal email. Their solution? Reset the password. With one click, they’re able to change their old, complicated password with a new, more memorable one. Self-service password reset is awesome like this. For users on a business network, it&#

As businesses' daily operations become more dependent on cloud services, ransomware authors will follow to maximize profits. The good news: Many of the best practices for physical servers also apply to the cloud.Ransomware is now a billion-dollar enterprise for cybercriminals, and — as in any industry — it has evolved over time to become more eff

The volume of threats that security teams see on a daily basis can make it especially difficult to look at the big picture when it comes to developing an effective cybersecurity strategy. To see through the flood of data and alerts, organizations depend on actionable threat intelligence to help them understand and mitigate risks. Looking at long-term trends

Security experts are warning that widespread Docker registry misconfigurations could be exposing countless organizations to critical data theft and malicious attacks.Palo Alto Networks’ Unit 42 research group focused on one of the most popular platforms around for managing containers. Docker registries are servers designed to store and organize the all

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2020-1-29-1 iCloud for Windows 7.17iCloud for Windows 7.17 addresses the following:ImageIOAvailable for: Windows 7 and laterImpact: Processing a maliciously crafted image may lead to arbitrarycode executionDescription: An out-of-bounds read was addressed with improved inputvalidation.CVE-2020-3826: Samue

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2iCloud for Windows 10.9.2 is now available and addresses thefollowing:ImageIOAvailable for: Windows 10 and later via the Microsoft StoreImpact: Processing a maliciously crafted image may lead to arbitrarycode executionDescription: An out-of-bounds read was addressed w