Cloud and Government - Information Management Today

Good Governance is About the “Why”

Weissman's World

JANUARY 30, 2025

I get inquiries all the time from people seeking support as they ready to tackle what sound like fairly specific records and information governance issues.

Government

Government Information governance Paper Cloud

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Security Affairs

OCTOBER 22, 2024

vCenter Server is a critical component in VMware virtualization and cloud computing software suite. ” Chinese law requires researchers to disclose zero-day vulnerabilities to the government. Experts speculate that the Chinese government was aware of the flaw and may have exploited it as a zero-day.

Government

Government Cloud Access IT

Thanks to AI, GIGO is More Relevant Than Ever

Weissman's World

NOVEMBER 11, 2024

The adage “garbage in, garbage out” (GIGO) has been around for nearly 70 years, and it’s never been more relevant thanks to the intensifying need for information governance and the emergence of generative and agentic AI as potential disruptors. Regardless of your mandate (e.g.,

Information governance

Information governance Compliance Cloud Government

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

NSA warns of cloud attacks on authentication mechanisms

Security Affairs

DECEMBER 19, 2020

The US National Security Agency (NSA) warns of two techniques abused by threat actors for escalating attacks from local networks to cloud infrastructure. The US National Security Agency has published a security advisory that describes two techniques abused in recent attacks against cloud infrastructure. ” continues the alert.

Authentication

Authentication Cloud Access Security

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

To address this, a next-gen cloud data lake architecture has emerged that brings together the best attributes of the data warehouse and the data lake. Read this whitepaper to learn: How this “no data copy” approach dramatically streamlines data workflows while reducing security and governance overhead.

Cloud

CISA warns of recent successful cyberattacks against cloud service accounts

Security Affairs

JANUARY 14, 2021

The US CISA revealed that several recent successful cyberattacks against various organizations’ cloud services. . The Cybersecurity and Infrastructure Security Agency (CISA) announced that several recent successful cyberattacks hit various organizations’ cloud services. ” reads the report published by CISA. Pierluigi Paganini.

Cloud

Cloud Phishing Passwords Authentication

Exclusive – Quantum Locker lands in the Cloud

Security Affairs

NOVEMBER 23, 2022

The gang behind Quantum Locker used a particular modus operandi to target large enterprises relying on cloud services in the NACE region. Quantum Locker gang demonstrated capabilities to operate ransomware extortion even on cloud environments such as Microsoft Azure. Executive Summary. Source Cybereason. Incident Insights.

Cloud

Cloud Ransomware Encryption Access

Breach Roundup: Russian Organizations Losing Microsoft Cloud

Data Breach Today

MARCH 28, 2024

Also: Hackers Target Apple Password Reset Flaw This week, Russian organizations are losing Microsoft Cloud, hackers targeted an Apple flaw, Germany warned of critical flaws in Microsoft Exchange, an info stealer targeted Indian government agencies and the energy sector, and Finland confirmed APT31's role in a 2020 breach of Parliament.

Cloud

Cloud Passwords Government

Cloud misconfiguration, a major risk for cloud security

Security Affairs

APRIL 28, 2021

Misconfigured cloud-based databases continue to cause data breaches, millions of database servers are currently exposed across cloud providers. Fugue’s new State of Cloud Security 2020 report reveals that misconfigured cloud-based databases continue to pose a severe security risk to organizations.

Cloud

Cloud Risk Security Data breaches

Partner Webinar: A Framework for Building Data Mesh Architecture

Speaker: Jeremiah Morrow, Nicolò Bidotti, and Achille Barbieri

Yet they are continually challenged with providing access to all of their data across business units, regions, and cloud environments. In this session, you will learn: How the silos development led to challenges with data growth, data quality, data sharing, and data governance (an example of datamesh paradigm adoption).

Government

Norway blames China-linked APT31 for 2018 government hack

Security Affairs

JUNE 20, 2021

APT31 is also believed to be behind an attack on the Parliament of Finland that took place in 2020, according to the government experts , the hackers breached some parliament email accounts in December 2020. The post Norway blames China-linked APT31 for 2018 government hack appeared first on Security Affairs. Pierluigi Paganini.

Government

Government Access Passwords Cloud

NSA Warns of Hacking Tactics That Target Cloud Resources

Data Breach Today

DECEMBER 19, 2020

Alert Follows Week's Worth of Revelations About SolarWinds Breach The NSA has issued a warning about two hacking techniques that could allow threat actors to access cloud resources by bypassing authentication mechanisms.

Cloud

Cloud Authentication Government Access

NSA Warns Over Hacking Tactics That Target Cloud Resources

Data Breach Today

DECEMBER 19, 2020

Alert Follows Week's Worth of Revelations Over SolarWinds Breach The NSA has issued a warning about two hacking techniques that could allow threat actors to access cloud resources by bypassing authentication mechanisms.

Cloud

Cloud Authentication Government Access

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Security Affairs

FEBRUARY 24, 2025

TopSec was founded in 1995, it offers cybersecurity services such as Endpoint Detection and Response (EDR) and vulnerability scanning, along with “boutique” solutions to align with government initiatives and intelligence requirements. ” reads the report published by SentinelLabs. ” concludes the report.”The

Cybersecurity

Cybersecurity Government Cloud Security

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

Cloud

US Government Lagging on Border Gateway Protocol Security

Data Breach Today

AUGUST 5, 2023

federal government acknowledged that it is lagging behind on border gateway protocol security practices. Officials from several government agencies, ISPs and cloud content providers organized a workshop to understand the latest security improvements underway.

Government

Government Security Cloud IT

Visibility Into Distributed Cloud Environments

Data Breach Today

JUNE 9, 2022

He discusses cloud governance, digital transformation and identities, and the importance of transparency in automation.

Cloud

Cloud Digital transformation Government

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. “The actor can also use these phished authentication tokens to gain access to other services where the user has permissions, such as email or cloud storage, without needing a password.

Phishing

Phishing Authentication Access Government

Hacker Stole Signing Key, Hit US Government's Microsoft 365

Data Breach Today

JULY 17, 2023

officials' emails by exploiting a zero-day vulnerability in Microsoft's cloud environment. government says logging was key to spotting it. Monitor Logs to Spot Zero-Day Attack, US Cybersecurity Officials Advise Suspected Chinese hackers gained access to senior U.S.

Government

Government Cloud Cybersecurity Access

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Cloud applications are driving the future of work with the ability to operate anytime, anywhere. Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Information governance

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. government neutralized the Volt Typhoon botnet taking over its C2 and deleting the bot from infected devices.

e-Discovery

e-Discovery Communications Ransomware Government

Chinese hackers compromised emails of U.S. Government agencies

Security Affairs

JULY 13, 2023

“Chinese cyberspies, exploiting a fundamental gap in Microsoft’s cloud, hacked email accounts at the Commerce and State departments, including that of Commerce Secretary Gina Raimondo — whose agency has imposed stiff export controls on Chinese technologies that Beijing has denounced as a malicious attempt to suppress its companies.”

Government

Government Authentication Cloud Access

Build a Cloud-First Content Management Strategy in Three Simple Steps

AIIM

APRIL 27, 2021

Global research and advisory firm, Gartner, predicts that by 2024 more than 45% of IT spending will shift from legacy on-premises solutions to the cloud. Cloud infrastructure spending is expected to jump from $63 billion in 2020 to $81 billion by 2022. Benefits of a Cloud-First Data Management Strategy. Who needs to access it?

Cloud

Cloud ROT Metadata Content services

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Security Affairs

OCTOBER 28, 2024

As companies jump online, into the cloud, into SaaS, deeper into cyberspace, and further into third-party dependency, locking down their access points is of critical concern. Strengthening that Weak Link with IAM What is digitization without security?

B2B

B2B Cybersecurity Risk Access

Top Considerations for Building an Open Cloud Data Lake

Increasingly, enterprises are leveraging cloud data lakes as the platform used to store data for analytics, combined with various compute engines for processing that data. Read this paper to learn about: The value of cloud data lakes as the new system of record.

Cloud

Chinese threat actors use Quad7 botnet in password-spray attacks

Security Affairs

NOVEMBER 3, 2024

Active since 2021, Storm-0940 gains access through password spraying, brute-force attacks, and exploiting network edge services, targeting sectors like government, law, defense, and NGOs in North America and Europe. “Organizations can defend against password spraying by building credential hygiene and hardening cloud identities.”

Passwords

Passwords Access Cloud Government

Is Your Computer Part of ‘The Largest Botnet Ever?’

Krebs on Security

MAY 29, 2024

.” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. Cloud Router was previously called 911 S5.

Cloud

Cloud Government Insurance IT

US Tracking Brute-Force Attacks Linked to Russia

Data Breach Today

JULY 1, 2021

NSA: Attackers Targeting Cloud Services for Espionage The NSA, the FBI and other U.S. government agencies are tracking an ongoing Russian cyberespionage campaign in which attackers are using brute-force methods to access Office 365 and other cloud-based services.

Cloud

Cloud Government Access

Cloud Computing - Gain Network-Level Control From Anywhere

Data Breach Today

APRIL 10, 2024

Why Moving to the Cloud Is a Strategic Gain for Federal Agencies Cloud adoption is on the rise across the U.S. government, and there are many reasons why moving to the cloud is a strategic gain for federal agencies. Here are tips on how to leverage secure cloud computing to gain network-level control from anywhere.

Cloud

Cloud Government Security

How DSPM Helps Businesses Meet Compliance Requirements

Security Affairs

NOVEMBER 27, 2024

Organizations in sectors like healthcare, finance, legal, and government often process vast amounts of highly sensitive data, and regulations exist to ensure and verify that organizations are taking appropriate measures to protect employee, customer, and enterprise data. What is DSPM?

Compliance

Compliance Cloud Data Privacy Risk

US adds Tencent to the list of companies supporting Chinese military

Security Affairs

JANUARY 7, 2025

The US government does not explain the decision. The organizations in the Section 1260 list support the Military-Civil Fusion strategy of the Chinese government. Cloud Services : Tencent Cloud may enable data storage, processing, and secure collaboration via enterprise tools like VooV, aiding military operations.

Military

Military Cloud Analytics Government

VMware fixed critical SQL-Injection in Aria Automation product

Security Affairs

JULY 10, 2024

VMware Aria Automation (formerly vRealize Automation ) is a modern cloud automation platform that simplifies and streamlines the deployment, management, and governance of cloud infrastructure and applications. x, and Cloud Foundation versions 5.x ” read the advisory. . ” read the advisory.

Authentication

Authentication Cloud Access Government

China-linked APT Silk Typhoon targets IT Supply Chain

Security Affairs

MARCH 5, 2025

Microsoft reported that China-linked APT group Silk Typhoon has shifted tactics to target IT solutions like remote management tools and cloud apps for initial access. Though not directly attacking Microsoft cloud services, they exploit unpatched apps to escalate privileges and gain access to customer networks.

Energy and Utilities

Energy and Utilities IT Cloud Passwords

Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw

Security Affairs

SEPTEMBER 23, 2024

Suspected China-linked APT Earth Baxia targeted a government organization in Taiwan by exploiting a recently patched OSGeo GeoServer GeoTools flaw. Trend Micro researchers reported that China-linked APT group Earth Baxia has targeted a government organization in Taiwan and potentially other countries in the Asia-Pacific (APAC) region.

Phishing

Phishing File names Cloud Government

VMware fixed a critical flaw in Aria Automation. Patch it now!

Security Affairs

JANUARY 16, 2024

VMware warns customers of a critical vulnerability impacting its Aria Automation multi-cloud infrastructure automation platform. VMware Aria Automation (formerly vRealize Automation ) is a modern cloud automation platform that simplifies and streamlines the deployment, management, and governance of cloud infrastructure and applications.

IT

IT Cloud Authentication Access

Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit

Security Affairs

AUGUST 4, 2022

Taiwan government websites were temporarily forced offline by cyber attacks during the visit to Taipei of US House Speaker Nancy Pelosi. Major Taiwan government websites were temporarily forced offline by distributed denial of service (DDoS) attacks attacks during the visit to Taipei of US House Speaker Nancy Pelosi.

Government

Government Cloud Cybersecurity Security

Stay ahead with Titanium X and OpenText Cybersecurity Cloud

OpenText Information Management

MARCH 31, 2025

Since Cloud Editions (CE) 23.1, introduced cloud innovations that simplify security management. OpenText Webroot solutions are accessible through the Zix Secure Cloud platform, allowing MSPs to offer a comprehensive suite of security, compliance, and data management solutions while ensuring regulatory compliance.

Cloud

Cloud Cybersecurity Compliance Risk

Jeanette Manfra on 'Compliance Without Compromise'

Data Breach Today

AUGUST 12, 2020

Google Cloud Director, Formerly of CISA, Discusses Securing Government's Cloud Transformation Jeanette Manfra served under three presidents as one of the top U.S. government cybersecurity leaders. Now in her new role with Google Cloud, she draws upon her public sector experience to help agencies in their cloud adoption.

Compliance

Compliance Cloud Government Cybersecurity

US, South Korea Pledge Strengthened Tech Collaboration

Data Breach Today

SEPTEMBER 26, 2023

Officials Discuss Governance for AI, 5G, Cloud Computing The United States and South Korea reaffirmed a commitment to mitigate the risks in technologies including AI, 5G networks and cloud computing, while developing an "inclusive approach" to govern their use.

Cloud

Cloud Government Risk

How the NHL CISO Secures Its Teams, Arenas and Cloud Systems

Data Breach Today

APRIL 1, 2025

He details the leagues use of cloud and AI tools, and highlights the importance of cloud governance, AI-powered defenses and user education in mitigating risk. NHL CISO David Munroe outlines how the league protects critical infrastructure across public arenas and streaming platforms.

Cloud

Cloud Education IT Security

Foreign hackers breached Russian federal agencies, said FSB

Security Affairs

MAY 22, 2021

Cloud associated with account sewn into the sample. All communication takes place using the Cloud API Mail.ru” states the report. Like Mail-O, it interacts with the management server through the Yandex.Disk cloud. . “Mail-O is a downloader program that accesses the Mail.ru Group to download the collected data. .”

Computer and Electronics

Computer and Electronics Cloud Phishing Passwords

The ransomware attack on Westpole is disrupting digital services for Italian public administration

Security Affairs

DECEMBER 18, 2023

ransomware attack on the Italian cloud service provider Westpole disrupted multiple services of local and government organizations and municipalities. A cyber attack hit on December 8, 2023 the Italian cloud service provider Westpole, which is specialized in digital services for public administration. An alleged Lockbit 3.0

Ransomware

Ransomware Cloud Government Privacy

OpenText Content Cloud Virtual Summit 2025

OpenText Information Management

DECEMBER 20, 2024

Join the OpenText Content Cloud Summit 2025 on February 13-14, Noon to 3:30 pm EST , a 2-day virtual event packed with opportunities to learn how your teams can leverage intelligent content management to enhance productivity, streamline processes, and unlock business potential.

Cloud

Cloud ECM Content services Archiving

ISMG Editors: DSPM, DLP Converge to Reshape Data Security

Data Breach Today

OCTOBER 18, 2024

Also: Impact of NIS2 Directive in Europe, Cloud Governance Challenges In the latest weekly update, ISMG editors discussed the strategic convergence of data security posture management and data loss prevention technologies, evolving priorities of security leaders and the urgent readiness challenges posed by the NIS2 Directive.

Security

Security Cloud Government

Good Governance is About the “Why”

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Webinars

Trending Sources

Thanks to AI, GIGO is More Relevant Than Ever

Webinars

NSA warns of cloud attacks on authentication mechanisms

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

CISA warns of recent successful cyberattacks against cloud service accounts

Exclusive – Quantum Locker lands in the Cloud

Breach Roundup: Russian Organizations Losing Microsoft Cloud

Cloud misconfiguration, a major risk for cloud security

Partner Webinar: A Framework for Building Data Mesh Architecture

Norway blames China-linked APT31 for 2018 government hack

NSA Warns of Hacking Tactics That Target Cloud Resources

NSA Warns Over Hacking Tactics That Target Cloud Resources

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

Enhance Innovation and Governance Through the Cloud Development Maturity Model

US Government Lagging on Border Gateway Protocol Security

Visibility Into Distributed Cloud Environments

Storm-2372 used the device code phishing technique since August 2024

Hacker Stole Signing Key, Hit US Government's Microsoft 365

Future-Proofing Your Information Governance Strategy

China’s Volt Typhoon botnet has re-emerged

Chinese hackers compromised emails of U.S. Government agencies

Build a Cloud-First Content Management Strategy in Three Simple Steps

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Top Considerations for Building an Open Cloud Data Lake

Chinese threat actors use Quad7 botnet in password-spray attacks

Is Your Computer Part of ‘The Largest Botnet Ever?’

US Tracking Brute-Force Attacks Linked to Russia

Cloud Computing - Gain Network-Level Control From Anywhere

How DSPM Helps Businesses Meet Compliance Requirements

US adds Tencent to the list of companies supporting Chinese military

VMware fixed critical SQL-Injection in Aria Automation product

China-linked APT Silk Typhoon targets IT Supply Chain

Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw

VMware fixed a critical flaw in Aria Automation. Patch it now!

Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit

Stay ahead with Titanium X and OpenText Cybersecurity Cloud

Jeanette Manfra on 'Compliance Without Compromise'

US, South Korea Pledge Strengthened Tech Collaboration

How the NHL CISO Secures Its Teams, Arenas and Cloud Systems

Foreign hackers breached Russian federal agencies, said FSB

The ransomware attack on Westpole is disrupting digital services for Italian public administration

OpenText Content Cloud Virtual Summit 2025

ISMG Editors: DSPM, DLP Converge to Reshape Data Security

Stay Connected