ZDI-23-1527 and ZDI-23-1528: The Potential Impact of Overly Permissive SAS Tokens on PC Manager Supply Chains

In this blog entry, Trend Micro researchers look at overly permissive cloud service credentials in Microsoft’s public-facing assets and assess their potential implications on software supply chain and software integrity. We do this by exploring two scenarios involving PC Manager, Read More …

Why Cloud Misconfigurations Remain A Top Cause Of Data Breaches

It’s 2025, and the industry has built some of the most advanced cloud environments ever seen—automated deployments, real-time threat detection and infrastructure that scales with just a few lines of code. Yet, data breaches aren’t slowing down—why? Because a single Read More …

Oracle Cloud says it’s not true someone broke into its login servers and stole data

Oracle has straight up denied claims by a miscreant that its public cloud offering has been compromised and information stolen. A crook late last week advertised on an online cyber-crime forum what was alleged to be Oracle Cloud customer security Read More …

Amazon is still hosting spyware victims’ data weeks after breach alert

Amazon will not say if it plans to take action against three phone surveillance apps that are storing troves of individuals’ private phone data on Amazon’s cloud servers, despite TechCrunch notifying the tech giant weeks earlier that it was hosting Read More …

Uncovering and Protecting Sensitive Data Across Cloud Environments with Exposure Command

Modern organizations grapple with the complex task of securing sensitive data in sprawling hybrid and multi-cloud environments. Due to insufficient visibility and governance, data is often misplaced, duplicated, or left exposed. This fragmented environment makes it difficult for teams to Read More …

JavaGhost’s Persistent Phishing Attacks From the Cloud

Unit 42 researchers have observed phishing activity that we track as TGR-UNK-0011. They assess with high confidence that this cluster overlaps with the threat actor group JavaGhost. The threat actor group JavaGhost has been active for over five years and Read More …

Code Injection in Spring Cloud: CVE-2024-37084

The SonicWall Capture Labs threat research team became aware of the threat CVE-2024-37084, assessed its impact, and developed mitigation measures for this vulnerability. CVE-2024-37084 is a critical vulnerability affecting Spring Cloud Data Flow versions 2.11.0 through 2.11.3. A malicious user Read More …

Identifying a BOLA Vulnerability in Harbor, a Cloud-Native Container Registry

In a recent audit of open-source web applications, threat researchers from Unit 42 have identified a broken object-level authorization (BOLA) vulnerability that impacts Harbor versions prior to 2.9.5. Harbor is a widely used cloud-native container registry that plays a role Read More …

Microsoft Announces Suspension of Cloud Services in Russia Amid EU Sanctions

Microsoft has announced that it will suspend access to its cloud services for companies based in Russia, effective March 20. This move comes as a direct response to the European Union’s 12th package of sanctions against Russia, specifically EU regulation Read More …