InfoQ Homepage Cloud Security Content on InfoQ
-
Microsoft Launches Azure Confidential VMs with NVIDIA Tensor Core GPUs for Enhanced Secure Workloads
Microsoft's Azure has launched the NCC H100 v5 virtual machines, now equipped with NVIDIA Tensor Core GPUs, enhancing secure computing for high-performance workloads. These VMs leverage AMD EPYC processors for robust data protection, making them ideal for tasks like AI model training and inferencing, while ensuring a trusted execution environment for sensitive applications.
-
Ephemeral IDs: Cloudflare's Latest Tool for Fraud Detection
During its recent Birthday Week, Cloudflare introduced Ephemeral IDs, a new feature for fraud detection. The tool identifies fraudulent activity—whether from bots or humans—by linking behavior to a specific client rather than an IP address.
-
Cloud Misconfigurations Can Cause Major Data Breaches: Deliveroo at InfoQ Dev Summit Munich
During her presentation at the inaugural edition of Dev Summit Munich, Danielle Sudai, security operations lead at Deliveroo, explored the fundamentals of cloud security posture management, stressing how a single misconfiguration can damage your company's security. She emphasised the importance of bridging the gap between the different layers of the organisation, from governance to technology.
-
AWS Key Management Service Now Supports ECDH for Secure Communications
This summer, AWS announced that the AWS Key Management Service (KMS) supports the Elliptic Curve Diffie-Hellman (ECDH) key agreement. The security team at AWS recently showed how the new DeriveSharedSecret API enables the establishment of secure communication channels by using a derived shared secret.
-
Workspaces in Azure API Management GA: Runtime Isolation and Federated Model of Managing APIs
Microsoft has launched Workspaces in Azure API Management, enabling developers to manage multiple API services from a single platform. This feature enhances API oversight, supports centralized and federated management models, and ensures runtime isolation. Ideal for enhanced organization, this premium-tier tool simplifies API development while maintaining robust security and control.
-
Azure Advisor Well-Architected Assessment in Public Preview to Optimize Cloud Infrastructure
Microsoft Azure recently announced the public preview of the Advisor Well-Architected assessment. This self-guided questionnaire aims to provide tailored, actionable recommendations to optimize Azure resources while aligning with the Azure Well-Architected Framework (WAF) principles.
-
AWS Introduces Logically Air-Gapped Vault for Enhanced Data Security
AWS recently announced the public preview of AWS Backup logically air-gapped vault, a new type of vault that can be shared for recovery with other accounts using AWS Resource Access Manager (RAM).
-
Cloudflare Application Security Report Highlights Surge in DDoS Attacks and CVE Exploits
Cloudflare recently released its 2024 Application Security Report, offering recommendations and insights on addressing many raised concerns. A key finding of the report is the increase in malicious traffic, driven by geopolitical events and voting seasons.
-
AWS Launches Open-Source Agent for AWS Secrets Manager
Amazon Web Services (AWS) has launched a new open-source agent for AWS Secrets Manager. According to the company, this agent simplifies the process of retrieving secrets from AWS Secrets Manager, enabling secure and streamlined application access.
-
CrowdStrike Update Bricks Estimated 8.5M Windows Machines Worldwide
CrowdStrike, an American cybersecurity technology company, recently released a product update that bricked an estimated 8.5 million computers running Windows globally, affecting businesses, individual users, and software companies. The company provides cloud workload protection, endpoint security, threat intelligence, and cyberattack response services.
-
Microsoft Entra Suite Now Generally Available: Identity and Security Based Upon Zero-Trust Models
Microsoft has announced the general availability of its Entra Suite. According to the company, the suite provides a solution that integrates identity and security, facilitating a more unified approach to security operations.
-
AWS Introduces Malware Detection for Object Uploads to Amazon S3
At the latest re:Inforce cloud security conference, AWS announced GuardDuty Malware Protection for Amazon S3. This new malware scanning feature for Amazon S3 enables teams to detect malware in new object uploads using Amazon GuardDuty.
-
Terraform Fork OpenTofu 1.7.0 Brings State Encryption and More
OpenTofu 1.7.0 has been released. OpenTofu is an open-source infrastructure-as-code tool for declarative cloud infrastructure creation using various APIs. It was forked last year from HashiCorp's Terraform after changes to the latter's license. The new version introduces several significant features and improvements.
-
Over 100K+ Sites Hit by Polyfill.io Supply Chain Attack
E-Commerce security firm Sansec unveiled a new supply chain attack affecting the Polyfill JS service when accessed through a number of CDNs hosting it. According to Sansec, over 100K sites were hit. The original author of the service, Andrew Betts, suggested removing Polyfill from any sites using it.
-
Non-Production Endpoints as an Attack Surface in AWS
The security team at Datadog recently disclosed a security issue on AWS where non-production endpoints were used as an attack surface to silently perform permission enumeration. AWS has since remediated these specific bypasses.