Cloud Security
Cloud infrastructure and application security

Grok Build Exposes Git Repositories to Unintended Storage
Elon Musk has made a bold promise to erase all user data uploaded to Grok Build before now, assuring users that their content will be completely deleted. This move comes after a researcher discovered that Grok Build was inadvertently storing entire Git repositories, including sensitive files and commit history, in a Google Cloud Storage bucket.

Cloud Providers' Global Namespace Flaw Enables Bucket Hijacking
A newly discovered flaw in cloud providers' global namespace has been exploited in a simple yet powerful bucket hijacking technique, allowing attackers to redirect sensitive data streams into their own accounts. This alarming vulnerability affects multiple services across major cloud providers.

Cloudflare Unveils Protocol to Distinguish Legitimate Web Traffic
Cloudflare is shaking up the way we verify online traffic with a new protocol that helps websites distinguish between legitimate users and AI-powered bots. Meet PACTs, a game-changing solution that lets sites share anonymous tokens, essentially a private, shareable CAPTCHA test result.

Attackers Target Cloud Logging Services for Defense Evasion and Continuous Visibility
Cloud logging services, like AWS CloudTrail and Google Cloud Logging, are a treasure trove of insights into your cloud environment - but they're also a prime target for attackers looking to erase their tracks or gain continuous visibility into your operations. By manipulating these services, adversaries can create persistent blind spots that leave you vulnerable.

Bolstering AI Resilience Across Cloud and Data Environments
As AI agents and copilots increasingly access, share, and store enterprise data, organisations in Australia and New Zealand face a pressing question: can they keep their data secure and recoverable in this new landscape? The integration of agentic AI and copilots is expanding data pathways, creating new operational risks that demand attention to visibility, protection, and recovery readiness.

Enterprises Lag in Securing Autonomous AI Agents
Most organizations are struggling to keep pace with the rapid evolution of autonomous AI agents, which can introduce new risks and behaviors at machine speed. As these agents increasingly handle sensitive data, enterprises face a pressing need to update their security strategies and tools to mitigate the emerging threats of shadow AI and over-permissioned agents.

Vietnam to Build Domestic Cloud to Bolster Data Sovereignty
Vietnam is taking a major step towards securing its digital future by building a domestic cloud infrastructure, aiming to safeguard national data and reduce reliance on foreign cloud services by 2030. This move will bolster data sovereignty, enhance cybersecurity, and drive the country's digital transformation.

Security Teams Overlook AI-Enabled Threats in Cloud Risk Management
Cyber threats are evolving at an alarming rate, with AI-enabled attackers now launching faster and more sophisticated attacks on cloud and hybrid environments. Security teams must stay vigilant against emerging threats like AI-driven phishing, malware, and credential compromise.

Cloudflare and Arctic Wolf Slash Staff Amid AI-Driven Overhaul
Cloudflare and Arctic Wolf are shaking things up with a major AI-driven overhaul, cutting staff to make way for a world-class, high-growth operation that's harnessing the power of artificial intelligence. This move isn't about cost-cutting, but about revolutionizing how these companies create value in the agentic AI era.

WatchGuard Bolsters Cloud Security With Perimeters Acquisition
WatchGuard's acquisition of Perimeters is a strategic move to supercharge its cloud security offerings, driven by a personal endorsement from its CISO who fell in love with Perimeters' technology. This exciting purchase brings Perimeters' innovative cloud application security solutions into WatchGuard's portfolio.

Firewalls Evolve to Bolster Zero Trust, Cloud Security
As organisations navigate the complexities of multi-cloud estates, modern cloud firewalls are emerging as a crucial linchpin for reclaiming coherent security controls and mastering cloud networking. They're not old tech, but a vital tool for cloud architects and security pros to enforce robust, zero-trust security across multiple providers.

Federal Agencies Drive Healthcare Transformation with Cloud Tech
Federal healthcare agencies face a daunting challenge: modernizing critical systems while millions of Americans rely on them - it's like changing a plane's engine mid-flight. Cloud technology is key to navigating this transformation, enabling agencies to deliver patient-centered care without interruption.

AI Agents Fuel Cybersecurity Breaches at Most Firms
As AI agents increasingly power business operations, they're also fueling cybersecurity breaches at most firms, leading to data exposure, operational disruption, and financial losses. The rapid rise of AI is sparking a pressing dilemma: how can organizations balance innovation with control?

Misconfiguration Exposes Azure AI Agent to Unauthorized Access
A single misconfiguration in Microsoft's Azure SRE Agent turned a troubleshooting tool into a live wiretap, potentially allowing outsiders to intercept sensitive conversations, commands, and credentials from other companies in real time. This alarming security flaw may have left organizations vulnerable to unauthorized access, with no digital trail to detect the breach.

EU Awards $213M Cloud Contract to Boost Digital Sovereignty
The European Union has taken a bold step towards digital independence with a $213 million cloud contract awarded to four European providers, marking a significant shift away from US tech dominance. This strategic move is set to bolster the EU's digital sovereignty.
Commvault Unveils AI Agent Monitoring to Mitigate Rogue Risks
Meet AI Protect, Commvault's game-changing solution that helps you discover, monitor, and control AI agents in your cloud - and quickly roll back their actions if something goes awry. With AI Protect, you can finally breathe easy knowing your AI agents are working for you, not against you.

Cloud Breaches Persist as Detection Gaps Remain Unaddressed
Cloud security breaches continue to fly under the radar, leaving us to wonder who's left to sound the alarm. Uncover the reasons behind persistent detection gaps in cloud intrusions by exploring the insightful GovInfoSecurity webinar.

Microsoft Cloud Security Falls Short in Government Review
A scathing government review has revealed that Microsoft's cloud security documentation is woefully inadequate, leaving evaluators with a disturbing lack of confidence in the system's overall security posture. This shocking finding raises serious concerns about the reliability of one of Microsoft's largest cloud offerings.

Microsoft Cloud Security Review Exposes Gaps in Protection
A scathing internal government review of Microsoft's cloud security offering revealed alarming gaps in protection, with evaluators unable to determine whether sensitive information was safe as it moved across servers. The review team was left frustrated by a lack of proper detailed security documentation.

APAC Firms Scramble to Bolster Cloud Security Amid Rising Identity Risks
As APAC firms rush to adopt cloud technology, they're faced with a daunting dilemma: do they risk advancing without a plan, or delay and let identity-related risks leave them vulnerable? With identity issues already causing the majority of cloud breaches in the region, the clock is ticking to get cloud security right.

Cloud Security Gaps Exposed on World Cloud Security Day
On World Cloud Security Day, it's clear that cloud security gaps are a pressing concern, but how do we measure the security of a technology that's both virtual and physical? Today's snapshot of cloud security reveals an uncertain landscape where digital protections and tangible safeguards intersect.

Google Bolsters Drive Security with Default Ransomware Detection
Google just supercharged Drive's security by activating its AI-powered ransomware detection feature by default for paying customers, giving them an extra layer of protection against malicious attacks. This move means organizations using Google Workspace tiers can breathe a sigh of relief, knowing their cloud storage is now equipped with automated threat detection and alerts.

Critical Vertex AI Vulnerability Exposes Google Cloud Data to Alarming Risks
A critical vulnerability in Google Cloud's Vertex AI platform has been uncovered, leaving sensitive data alarmingly exposed to potential breaches - can we trust the security of the platforms powering our AI-driven innovations? This security blind spot could allow malicious actors to exploit AI agents and compromise cloud environments, putting organizations at risk.

Alarming API Leak Exposes Global Bank's Cloud Credentials
A recent study has uncovered a shocking security risk, revealing that hundreds of valid API keys - essentially digital master keys - have been left exposed on the web, putting sensitive information at risk. This alarming API leak highlights the urgent need for stronger API security measures to protect our data.