Cloud - Information Management Today

Massive Oracle Cloud Breach: 6M Records Exposed, 140k+ Tenants Risked

eSecurity Planet

MARCH 24, 2025

A sophisticated supply chain hack targeting Oracle Cloud has exfiltrated a staggering 6 million records. The breach, exploiting a vulnerability in Oracles cloud infrastructure, now endangers over 140,000 tenants and has raised serious questions about cloud security practices. This incident reinforces that message.

Cloud

Cloud Risk Passwords Cybersecurity

Nextcloud challenges cloud powers with Hub 10 release

Collaboration 2.0

FEBRUARY 27, 2025

Don't trust Google Docs or Microsoft 365 with your work, but still want to use the cloud for your personal or professional work? Then give Nextcloud Hub 10 a try and run your own software-as-a-service cloud.

Cloud

Cloud Assumptions and Misconfigurations Threaten Healthcare Security

Data Breach Today

OCTOBER 4, 2024

Common Cloud Assumptions and Takeaways for Healthcare Organizations As healthcare providers migrate their infrastructure and services to the cloud, they gain benefits such as increased flexibility, scalability and optimized patient data access and sharing.

Cloud

Cloud Security Access

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks

Security Affairs

JANUARY 19, 2025

A WordPress W3 Total Cache plugin vulnerability could allow attackers to access information from internal services, including metadata on cloud-based apps. in the WordPress W3 Total Cache plugin could expose metadata from internal services and cloud apps. A severe vulnerability, tracked as CVE-2024-12365 (CVSS score of 8.5)

Metadata

Metadata Authentication Consumer Services Cloud

Top Considerations for Building an Open Cloud Data Lake

Increasingly, enterprises are leveraging cloud data lakes as the platform used to store data for analytics, combined with various compute engines for processing that data. Read this paper to learn about: The value of cloud data lakes as the new system of record.

Cloud

Cloud Defender Stream.Security Raises $30M, Eyes US Growth

Data Breach Today

OCTOBER 23, 2024

AI-Powered Cloud Remediation, Multi-Cloud Support at Core of Series B Investment With a $30 million boost from Series B funding, Stream.Security will enhance its cloud security offerings. and beyond.

Cloud

Cloud Marketing Security IT

VMware disclosed a critical and unpatched authentication bypass flaw in VMware Cloud Director Appliance

Security Affairs

NOVEMBER 14, 2023

VMware disclosed a critical bypass vulnerability in VMware Cloud Director Appliance that can be exploited to bypass login restrictions when authenticating on certain ports. “VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5

Authentication

Authentication Cloud Access IT

Exclusive: Cloud Vendor Returns Stolen Hospital Data

Data Breach Today

JANUARY 15, 2024

Alliance Had Sued LockBit Gang to Force Cloud Firm to Release Affected Patient Data A cloud services firm has turned over to a New York hospital alliance the patient data stolen in a ransomware attack by LockBit.

Cloud

Cloud Ransomware

Netskope Purchases Dasera to Strengthen Cloud Data Security

Data Breach Today

OCTOBER 15, 2024

Integration of DSPM Firm Dasera Enhances Data Protection Across Cloud Environments Netskope’s purchase of Desera enhances its data security posture management capabilities, enabling customers to secure both structured and unstructured data across cloud and on-premises environments.

Cloud

Cloud Unstructured data Security IT

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

Cloud

U.S. CISA adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog

Security Affairs

SEPTEMBER 14, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Cloud Services Appliance OS Command Injection Vulnerability CVE-2024-8190 (CVSS score of 7.2)

Cloud

Cloud IT Libraries Cybersecurity

Cloudflare Acquires Kivera to Fuel Preventive Cloud Security

Data Breach Today

OCTOBER 8, 2024

Kivera Integrates Controls Into Cloudflare One to Prevent Cloud Misconfigurations With the acquisition of New York-based startup Kivera, Cloudflare will enhance its Cloudflare One platform, adding proactive controls that secure cloud environments, prevent misconfigurations and improve regulatory compliance for businesses using multiple cloud providers. (..)

Cloud

Cloud Security Compliance IT

Ivanti Cloud Service Appliance flaw is being actively exploited in the wild

Security Affairs

SEPTEMBER 14, 2024

Ivanti warned that recently patched flaw CVE-2024-8190 in Cloud Service Appliance (CSA) is being actively exploited in the wild. Ivanti warned that a newly patched vulnerability, tracked as CVE-2024-8190 (CVSS score of 7.2), in its Cloud Service Appliance (CSA) is being actively exploited. Recently cybersecurity firm Horizon3.ai

Cloud

Cloud Libraries Authentication Cybersecurity

North Korean Hackers Pivot Away From Public Cloud

Data Breach Today

AUGUST 22, 2024

Kimsuky, or a Related Group, Deploys XenoRAT Variant A North Korean hacking team hastily pivoted from using publicly available cloud computing storage to its own infrastructure after security researchers unmasked a malware campaign.

Cloud

Cloud Security IT

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

To address this, a next-gen cloud data lake architecture has emerged that brings together the best attributes of the data warehouse and the data lake. About alternative solutions such as lake houses and how they compare to next-gen cloud data lakes How to separate compute and data by preserving data in open file and table formats.

Cloud

New Android spyware LianSpy relies on Yandex Cloud to avoid detection

Security Affairs

AUGUST 7, 2024

The malware employs various evasion techniques, including using the Russian cloud service Yandex Disk for C2 communications, avoiding dedicated infrastructure to remain undetected. The malware has been active since July 2021, it is designed to capture screencasts, exfiltrate user files, and harvest call logs and app lists.

Cloud

Cloud Encryption Communications Data collection

Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw

Security Affairs

SEPTEMBER 19, 2024

Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability that is being exploited in attacks in the wild against a limited number of customers. ” Ivanti recommends customers of checking the Cloud Services Appliance (CSA) for any modified or newly added administrative users.

Cloud

Cloud Authentication Libraries Access

News alert: Sweet Security’s LLM-powered detection engine reduces cloud noise to 0.04%

The Last Watchdog

JANUARY 15, 2025

15, 2025, CyberNewswire — Sweet Security , a leader in cloud runtime detection and response, today announced the launch of its groundbreaking patent-pending Large Language Model (LLM)-powered cloud detection engine. Kashti This new capability is a game-changer for cloud security, said Dror Kashti, CEO of Sweet Security.

Cloud

Cloud Privacy Analytics Security

Corpay, UHN Secure Hybrid Cloud Infrastructure With Gigamon

Data Breach Today

JUNE 21, 2024

How Gigamon's Technical Capabilities Boost Organizations' Cybersecurity Network security threats are ever-evolving, and all types of organizations work hard to face down emerging threats while maintaining robust performance across their hybrid cloud infrastructure. In this quest, Gigamon stands out as a critical ally.

Cloud

Cloud Security Cybersecurity

Checklist Report: Preparing for the Next-Generation Cloud Data Architecture

Instead of considering the data warehouse and the data lake as independent “data islands” that coexist in a cloud platform, it is time to reconsider the fundamental ways that information is accumulated, managed, and then provisioned to the different downstream data consumers.

Cloud

How Advances in Cloud Security Help Future-Proof Resilience

Data Breach Today

NOVEMBER 20, 2024

Embracing Zero Trust and AI in Cloud Security Zero trust, artificial-intelligence-driven security and automation tools are reshaping how organizations maintain uptime, even during a cyberattack. These advances underscore how the future of enterprise resilience is increasingly tied to advancements in cloud security.

Cloud

Cloud Artificial Intelligence Security

Breach Roundup: Russian Organizations Losing Microsoft Cloud

Data Breach Today

MARCH 28, 2024

Also: Hackers Target Apple Password Reset Flaw This week, Russian organizations are losing Microsoft Cloud, hackers targeted an Apple flaw, Germany warned of critical flaws in Microsoft Exchange, an info stealer targeted Indian government agencies and the energy sector, and Finland confirmed APT31's role in a 2020 breach of Parliament.

Cloud

Cloud Passwords Government

News alert: Sweet Security releases its evolutionary Cloud Native Detection and Response platform

The Last Watchdog

DECEMBER 3, 2024

3, 2024, CyberNewswire — With Sweet, customers can now unify detection and response for applications, workloads, and cloud infrastructure Sweet Security today announced the release of its unified Cloud Native Detection and Response platform, designed to transform the way organizations protect their cloud environments in real time.

Cloud

Cloud Security IT Risk

How Today's Top CIOs Are Completing the Cloud Journey

Data Breach Today

SEPTEMBER 27, 2024

Enterprise Browser: The Tool CIOs Never Knew They Were Lacking The enterprise browser is the tool CIOs never knew they were lacking - a seamless access method to the workloads, apps and data that moved to the cloud. It bakes in the needs of the enterprise.

Cloud

Cloud Access IT

Cloud-Scale Monitoring With AWS and Datadog

Advertiser: Datadog

In this eBook, find out about the benefits and complexities of migrating workloads to AWS, and dive into services that AWS offers for containers and serverless computing. Find out the key performance metrics for each service to track in order to ensure workloads are operating efficiently.

Cloud

Why Google Is Eyeing a $23B Buy of Cloud Security Phenom Wiz

Data Breach Today

JULY 15, 2024

That could change if Google forges ahead with buying cloud security firm Wiz for a reported $23 billion just two years after buying Mandiant.

Cloud

Cloud Security Marketing

U.S. CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog

Security Affairs

SEPTEMBER 20, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Cloud Services Appliance a path traversal vulnerability CVE-2024-8190 (CVSS score of 9.4)

Cloud

Cloud IT Authentication Cybersecurity

Microsoft Says Azure Cloud Attack Scenario Isn't a Flaw

Data Breach Today

JUNE 6, 2024

Redmond Calls Tenable Report Evidence of Customers Misconstruing Azure Service Tags Microsoft is calling security research asserting a high-severity vulnerability exists in Microsoft Azure evidence that customers should better configure their cloud environments.

Cloud

Cloud Access Security

Hospitals Sue LockBit, Ask Cloud Firm to Return Stolen Data

Data Breach Today

JANUARY 4, 2024

NY Hospital Group Claims Cybercriminals Kept Data on Boston-Based Firm's Servers An upstate New York hospital group has filed a lawsuit against cybercriminal group LockBit in a legal maneuver aimed at forcing a Boston-based cloud services firm to turn over patient data LockBit had stolen from the entities last summer and allegedly stored on the tech (..)

Cloud

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Enterprises are pouring money into data management software – to the tune of $73 billion in 2020 – but are seeing very little return on their data investments.

Cloud

How to secure data and integrate applications in a hybrid cloud environment

Data Breach Today

JULY 25, 2024

Simplifying your transition to a hybrid cloud environment while ensuring data security and app integration When you move to a hybrid cloud environment consideration must be given to how data is secured and synchronized during and after the transfer.

Cloud

Cloud Security

Why some companies are backing away from the public cloud

Collaboration 2.0

JANUARY 21, 2025

Many business leaders are taking a clear-eyed view of the cloud's benefits and drawbacks. Technical debt may be at the root of many repatriation decisions.

Cloud

VMware fixed five vulnerabilities in Aria Operations product

Security Affairs

NOVEMBER 27, 2024

Aria Operations (formerly known as VMware vRealize Operations) is a comprehensive cloud management and operations platform developed by VMware. It is designed to provide IT administrators and cloud professionals with tools to optimize, manage, and troubleshoot their hybrid and multi-cloud environments. Important 8.18.2

Cloud

Cloud Access IT Security

Citrix addressed NetScaler console privilege escalation flaw

Security Affairs

FEBRUARY 20, 2025

Cloud Software Group recommends configuring external authentication for NetScaler Console as a best practice.” ” Cloud Software Group addressed the flaw with the release of the following versions: NetScaler Console 14.1-38.53 ” reads the advisory published by Netscaler. and later releases NetScaler Console 13.1-56.18

Authentication

Authentication Cloud Access Security

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity.

Cloud

Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform

Security Affairs

JULY 4, 2024

Technology company Splunk released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. Technology company Splunk addressed 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including four high-severity flaws. “In Splunk Enterprise versions below 9.0.10, 9.1.5, and 9.2.2,

Cloud

Cloud Analytics Libraries Authentication

Upwind Raises $100M to Thwart Cloud Security Vulnerabilities

Data Breach Today

DECEMBER 2, 2024

Firm Focuses on Runtime Context, AI Enhancements to Counter Evolving Cloud Threats With $100 million in Series A funding, Upwind plans to strengthen its runtime and AI-powered cloud security platform.

Cloud

Cloud Security IT

Experts warn of a flaw in Fluent Bit utility that is used by major cloud platforms and firms

Security Affairs

MAY 21, 2024

A vulnerability in the Fluent Bit Utility, which is used by major cloud providers, can lead to DoS, information disclosure, and potentially RCE. Tenable researchers have discovered a severe vulnerability in the Fluent Bit utility, which is used on major cloud platforms.

Cloud

Cloud IoT Access Cybersecurity

From Risk Assessment to Action: Improving Your DLP Response

Security Affairs

OCTOBER 25, 2024

Evaluate these solutions – including endpoint, network, and cloud DLP tools – to ensure they are performing as required. Map data flows for all your digital information, including data stored on-premises, in the cloud, and transmitted across networks. Evaluate Existing DLP Tools You’ll likely already have some DLP solutions in place.

Risk

Risk Cybersecurity Cloud Compliance

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs).

Cloud

Authentication bypass CVE-2025-22230 impacts VMware Windows Tools

Security Affairs

MARCH 26, 2025

The flaws, respectively tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, impact multiple VMware ESX products, including VMware ESXi, vSphere, Workstation, Fusion, Cloud Foundation, and Telco Cloud Platform.

Authentication

Authentication Cloud Access Security

Thanks to AI, GIGO is More Relevant Than Ever

Weissman's World

NOVEMBER 11, 2024

regulatory compliance, privacy protection, migration to the cloud), the core principle… Read More » Thanks to AI, GIGO is More Relevant Than Ever The post Thanks to AI, GIGO is More Relevant Than Ever appeared first on Holly Group. Regardless of your mandate (e.g.,

Information governance

Information governance Compliance Cloud Government

U.S. CISA adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 1, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog. SAP Commerce Cloud CVE-2021-4043 is a null pointer dereference vulnerability in Motion Spell GPAC.

Cloud

Cloud IT IoT Cybersecurity

7 apps that helped me escape the cloud - and protect my data privacy

Collaboration 2.0

JANUARY 28, 2025

If you're tired of knowing that a third party has access to your data and content, it's time to move away from cloud services that may be selling your information or using it to train their LLMs.

Cloud

Cloud Data Privacy Privacy Access

12 Considerations When Evaluating Data Lake Engine Vendors for Analytics and BI

To do so, modern enterprises leverage cloud data lakes as the platform used to store data for analytical purposes, combined with various compute engines for processing that data. Businesses today compete on their ability to turn big data into essential business insights.

Analytics

Massive Oracle Cloud Breach: 6M Records Exposed, 140k+ Tenants Risked

Nextcloud challenges cloud powers with Hub 10 release

Webinars

Trending Sources

Cloud Assumptions and Misconfigurations Threaten Healthcare Security

Webinars

A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks

Top Considerations for Building an Open Cloud Data Lake

Cloud Defender Stream.Security Raises $30M, Eyes US Growth

VMware disclosed a critical and unpatched authentication bypass flaw in VMware Cloud Director Appliance

Exclusive: Cloud Vendor Returns Stolen Hospital Data

Netskope Purchases Dasera to Strengthen Cloud Data Security

Enhance Innovation and Governance Through the Cloud Development Maturity Model

U.S. CISA adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog

Cloudflare Acquires Kivera to Fuel Preventive Cloud Security

Ivanti Cloud Service Appliance flaw is being actively exploited in the wild

North Korean Hackers Pivot Away From Public Cloud

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

New Android spyware LianSpy relies on Yandex Cloud to avoid detection

Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw

News alert: Sweet Security’s LLM-powered detection engine reduces cloud noise to 0.04%

Corpay, UHN Secure Hybrid Cloud Infrastructure With Gigamon

Checklist Report: Preparing for the Next-Generation Cloud Data Architecture

How Advances in Cloud Security Help Future-Proof Resilience

Breach Roundup: Russian Organizations Losing Microsoft Cloud

News alert: Sweet Security releases its evolutionary Cloud Native Detection and Response platform

How Today's Top CIOs Are Completing the Cloud Journey

Cloud-Scale Monitoring With AWS and Datadog

Why Google Is Eyeing a $23B Buy of Cloud Security Phenom Wiz

U.S. CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog

Microsoft Says Azure Cloud Attack Scenario Isn't a Flaw

Hospitals Sue LockBit, Ask Cloud Firm to Return Stolen Data

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

How to secure data and integrate applications in a hybrid cloud environment

Why some companies are backing away from the public cloud

VMware fixed five vulnerabilities in Aria Operations product

Citrix addressed NetScaler console privilege escalation flaw

Optimizing The Modern Developer Experience with Coder

Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform

Upwind Raises $100M to Thwart Cloud Security Vulnerabilities

Experts warn of a flaw in Fluent Bit utility that is used by major cloud platforms and firms

From Risk Assessment to Action: Improving Your DLP Response

Introducing CDEs to Your Enterprise

Authentication bypass CVE-2025-22230 impacts VMware Windows Tools

Thanks to AI, GIGO is More Relevant Than Ever

U.S. CISA adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog

7 apps that helped me escape the cloud - and protect my data privacy

12 Considerations When Evaluating Data Lake Engine Vendors for Analytics and BI

Stay Connected