Cloud Security Archives - Page 4 Of 4

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake

October 1, 2025

Microsoft has officially announced a major expansion of its Sentinel Security Information and Event Management (SIEM) solution, transforming it into a unified agentic security platform. At the core of this update is the general availability of the Sentinel data lake, designed to provide enterprises with advanced capabilities for managing and analyzing security data. In addition […]

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake Read More »

Researchers Reveal Google Gemini AI Flaws Enabling Prompt Injection and Cloud Exploits

October 1, 2025

Cybersecurity researchers have disclosed a trio of now-patched vulnerabilities, collectively called the Gemini Trifecta, that impacted Google’s Gemini AI suite. If exploited, these flaws could have exposed users to privacy breaches and data theft, by turning AI features into attack vectors, rather than just targets. The findings underscore a worrying trend, where sophisticated threat actors,

Researchers Reveal Google Gemini AI Flaws Enabling Prompt Injection and Cloud Exploits Read More »

$50 Battering RAM Attack Breaks Intel, AMD Cloud Security Protections

October 1, 2025

The researchers describe a simple interposer, which can be assembled for about $50, that sits between the processor and the DDR4 memory modules. During system start, the interposer remains transparent and passes all integrity and trust checks. At runtime, however, the device can be flipped into an active mode, where it stealthily remaps physical addresses

$50 Battering RAM Attack Breaks Intel, AMD Cloud Security Protections Read More »

Phishing Campaign Hid for 3 Years on Google Cloud and Cloudflare Services

September 4, 2025

A highly advanced phishing campaign managed to stay undetected for more than three years while operating through Google Cloud and Cloudflare services. The attackers impersonated leading corporations, including major defense contractor Lockheed Martin, raising concerns about the detection gaps in two of the world’s most trusted internet infrastructure providers. How the Campaign Worked The operation

Phishing Campaign Hid for 3 Years on Google Cloud and Cloudflare Services Read More »

Windows Docker Desktop Flaw Enables Full Host Compromise

August 22, 2025

A newly revealed security flaw in Docker Desktop for Windows shows how a simple Server-Side Request Forgery (SSRF) attack can completely compromise the host machine. The issue, tracked as CVE-2025-9074, was discovered by Felix Boulet and reported on August 21, 2025. It affects all Docker Desktop releases prior to version 4.44.3. The flaw demonstrates a

Windows Docker Desktop Flaw Enables Full Host Compromise Read More »

Cryptojacking Attack Exploits Redis Servers to Deploy Miners, Disable Security

August 22, 2025

A highly advanced cryptojacking campaign has been uncovered, where misconfigured Redis servers are being exploited across multiple regions. The attackers deploy cryptocurrency miners while simultaneously disabling key security defenses, turning exposed systems into long-term profit engines. TA-NATALSTATUS Threat Actor The group behind this operation, tracked as TA-NATALSTATUS, has been active since 2020. However, in 2025

Cryptojacking Attack Exploits Redis Servers to Deploy Miners, Disable Security Read More »