CyberSecurity news
FlagThis - #tenable
|
CISA@Alerts
//
Tenable's 2025 Cloud Security Risk Report has revealed a concerning trend: a significant percentage of public cloud storage resources are exposing sensitive data. The study found that nearly one in ten publicly accessible cloud storage buckets contain sensitive information, including Personally Identifiable Information (PII), Intellectual Property (IP), Payment Card Industry (PCI) data, and Protected Health Information (PHI). Worryingly, 97% of this exposed data is classified as restricted or confidential. This highlights the ongoing challenge organizations face in properly securing their cloud environments despite increased awareness of cloud security risks.
Researchers found that misconfigured access settings and overly permissive policies are major contributing factors to these exposures. For instance, more than half of organizations (54%) store at least one secret directly in Amazon Web Services (AWS) Elastic Container Service (ECS) task definitions. Similarly, a significant portion of Google Cloud Platform (GCP) Cloud Run and Microsoft Azure Logic Apps workflows are also exposed. Tenable emphasizes the need for automated data discovery and classification, elimination of public access by default, enterprise-grade secrets management, and identity-intelligent Cloud Security Posture Management (CSPM) to mitigate these risks. While the report highlights the risks from insecure cloud configurations, it also points to some positive developments. The number of organizations with "toxic cloud trilogies" – workloads that are publicly exposed, critically vulnerable, and highly privileged – has declined from 38% to 29% over the past year. However, this still represents a substantial risk. Tenable stresses that exposed secrets and sensitive data are systemic risks that must be eliminated to prevent data exfiltration and environment takeover, emphasizing that attackers often exploit public access, steal embedded secrets, or abuse overprivileged identities to compromise cloud environments.
Share:
References :
Classification:
@www.wsj.com
//
Experts are warning that rising trade tensions and tariffs imposed by the U.S. could trigger retaliatory cyberattacks from China. These attacks could target critical U.S. infrastructure, including ports, water utilities, and airports. Cybersecurity advisor Tom Kellermann has noted that previous incursions by Chinese state-backed groups like Salt Typhoon and Volt Typhoon have already infiltrated these systems. The situation is compounded by the fact that illicit cyber activities exploiting the confusion surrounding the new tariffs have been on the rise.
China has, in a secret meeting, unusually acknowledged their role in cyberattacks against U.S. infrastructure. This admission, a departure from their usual denials, came during a summit in Geneva and specifically linked the cyber intrusions to increasing U.S. support for Taiwan. This marks a notable escalation in tensions, shifting cyber warfare from a denied activity to a recognized instrument of geopolitical strategy, as suggested by cybersecurity experts. The potential for increased Chinese cyber activity highlights the need for proactive cybersecurity measures and geopolitical risk management. BforeAI CEO Luigi Lenguito observed a surge in cyber activity exploiting Trump's tariffs, including invoice fraud and shipping company impersonation. With geopolitical fault lines becoming increasingly apparent, cybersecurity professionals are encouraged to reassess their threat models and prioritize proactive defense strategies to mitigate potential risks.
Share:
References :
Classification:
|