cloud computing
On Microsoft’s Lousy Cloud Security
ProPublica has a scoop: In late 2024, the federal government’s cybersecurity evaluators rendered a troubling verdict on one of Microsoft’s biggest cloud computing offerings. The tech giant’s “lack of proper detailed security ...
New Attacks Against Secure Enclaves
Encryption can protect data at rest and data in transit, but does nothing for data in use. What we have are secure enclaves. I’ve written about this before: Almost all cloud services ...
Cybersecurity Requirements of Cloud Computing with Brooke Motta
RAD Security CEO Brooke Motta dives into the unique cybersecurity requirements of cloud computing environments in the wake of the company picking up an additional $14 million in funding. Brooke covers the ...
UK Is Ordering Apple to Break Its Own Encryption
The Washington Post is reporting that the UK government has served Apple with a “technical capability notice” as defined by the 2016 Investigatory Powers Act, requiring it to break the Advanced Data ...
Orca Security Adds Additional CNAPP Deployment Options
Orca Security has extended the reach of its agentless cloud native application protection platform (CNAPP) to include multiple options that eliminate the need to aggregate data in a software-as-service (SaaS) platform. Cybersecurity ...
Intune Attack Paths — Part 1
Intune Attack Paths — Part 1Prior WorkSeveral people have recently produced high-quality work around Intune tradecraft. I want to specifically mention:Chris Thompson and his work on MaestroDirk-jan Mollema and his work with Primary Refresh TokensAdam Chester and ...
Azure Key Vault Tradecraft with BARK
BriefThis post details the existing and new functions in BARK that support adversarial tradecraft research relevant to the Azure Key Vault service. The latter part of the post shows an example of ...
Introducing Secretless Identity and Access for Serverless with AWS Lambda
5 min read See how we're helping you enhance serverless security with dynamic tokens, policy enforcement, and no-code support for non-human identities The post Introducing Secretless Identity and Access for Serverless with ...
How to Implement Data-Centric Security in Google Cloud and BigQuery
AI, analytics and cloud-based data stores are driving a revolution in data-driven decision making. Yet as more organizations adopt these technologies to carve out competitive advantage, they realize that the underlying data ...
An Introduction to Cloud Computing for Linux Users
Linux, the open-source operating system renowned for its stability, security, and customizability, is a major force in cloud computing. Many cloud services are built on Linux, making them naturally compatible with existing ...
