Skip to main content

Tag: cloudsecurity

31 articles

Cozy Bear Exposed: Risky OAuth Attack — Must-Have Alert

Cozy Bear Exposed: Risky OAuth Attack — Must-Have Alert

AWS says it disrupted a Cozy Bear (APT29) campaign that used fake websites and OAuth consent tricks to coax Microsoft users into granting access to mail, calendars and other data. The episode is a reminder that convenient features like single sign‑on can be repurposed for stealthy espionage — and why cloud providers are increasingly acting as front‑line defenders.

Analyst 207
unprepared for a cyberattack: Must-Have Risky Wake-Up Call

unprepared for a cyberattack: Must-Have Risky Wake-Up Call

58% of organizations say they’re not ready for a cyberattack—putting customer data, operations, and reputations at risk. Boards and security teams must act now with better detection, practiced response plans, and investments in people.

Analyst 207
custom silicon Must-Have for Best Cloud Security

custom silicon Must-Have for Best Cloud Security

Microsoft’s Azure team is betting big on custom silicon and open-source Roots of Trust to give customers stronger, auditable hardware-backed assurances that their code and data run in tamper-resistant environments. It’s a bold move toward transparency and tougher defenses — but success will hinge on rigorous review, trustworthy manufacturing, and clear safeguards against new concentration risks.

Analyst 207
VPS-based attacks: Critical Guide to Risky Threats

VPS-based attacks: Critical Guide to Risky Threats

Attackers are increasingly using rented VPS hosts to make their logins look like legitimate data-center traffic, blurring the line between customer and criminal. SaaS teams and users need stronger passwords, phishing-resistant MFA, and behavior-based authentication to stop stealthy account takeovers.

Analyst 207
post-quantum cryptography: Must-Have Roadmap, Risky

post-quantum cryptography: Must-Have Roadmap, Risky

Imagine the locks protecting the world’s data facing a burglar armed with quantum physics — Microsoft is aiming to stay ahead by rolling out quantum‑safe protections across its products from 2029 and completing the switch by 2033. The plan pairs careful testing, hybrid cryptography and developer guidance to help shield users while the industry moves to post‑quantum standards.

Analyst 207
post-compromise remediation: Exclusive Risky Tactic

post-compromise remediation: Exclusive Risky Tactic

Imagine an attacker who breaks in, then fixes the very hole they used — not to help you, but to keep other intruders out. By patching exploited Linux vulnerabilities on compromised cloud hosts, adversaries turn easy targets into exclusive, harder-to-detect assets, forcing defenders to rethink patching, logging, and image hygiene.

Analyst 207
Artificial intelligence: Stunning Defense, Risky Threat

Artificial intelligence: Stunning Defense, Risky Threat

AI is turning cybersecurity into a high-speed arms race—defenders use machine learning to triage alerts and automate responses while attackers leverage generative models to scale convincing attacks. Check out Prompt||GTFO’s demos to see how practitioners are testing AI’s promise and peril in real-world defenses and offensives.

Analyst 207