CISA is warning businesses that SaaS providers are under attack as a way to steal their customers’ credentials. If you think about this, it makes sense. This came after Commvault, a cloud-based backup solution, was compromised using a zero-day. What is interesting is how they planned to exploit the vulnerability. Commvault claims that no customer data in […]
Continue reading → [DISPLAY_ACURAX_ICONS]According to a report that cloud security vendor Tenable released this week: In the first half of this year, 38% of organizations had at least one cloud workload that was critically vulnerable, highly privileged, and publicly exposed, according to a study of telemetry from customers of cloud security vendor Tenable released this week. Overall, the […]
Continue reading → [DISPLAY_ACURAX_ICONS]Way back in the dark ages of 2013 the PCI Security Standards Council (PCI SSC) released a document regarding processing credit cards in the cloud. It was 52 pages. This month the PCI SSC released a new version of that same document. It is now 83 pages. This version seems to better understand the risk […]
Continue reading → [DISPLAY_ACURAX_ICONS]