Security Bulletin

Speaking at an industry event, FedRAMP Director Pete Waterman announced the launch of “FedRAMP 2025,” calling on cloud providers to develop security innovations while the government sets standards.

The report notes a 388% increase in cloud security alerts and a 235% rise in high-severity incidents.

A continuation of the North Korean nation-state threat's campaign against employment seekers uses the social engineering attack to target CeFi organizations with the GolangGhost backdoor.

Vasu Jakkal, Microsoft’s corporate vice president of security, emphasized that AI-driven cyber defense is essential as Microsoft Threat Intelligence processes 84 trillion signals daily, enabling proactive threat detection.

The updates include automated secrets rotation in Pulumi ESC, a secure GitHub Actions integration, granular role-based access control (RBAC), and expanded policy-as-code capabilities in Pulumi Insights.

The update also streamlines deployment of its Security Services Platform (SSP) for collecting cybersecurity telemetry.

U.S. cybersecurity technology firm ReliaQuest has secured more than $500 million from a new funding round that has lifted its valuation to $3.4 billion, according to SiliconAngle.

Ongoing intrusions leveraging the critical static credential backdoor flaw impacting the Cisco Smart Licensing Utility, tracked as CVE-2024-20439, have prompted the bug's inclusion in the Cybersecurity and Infrastructure Security Agency's Known...

The threat of ongoing cyber attacks will remain an issue of utmost urgency for security officials

Although Oracle has denied its cloud infrastructure services were breached, security experts recommend Oracle customers independently verify if they were affected and take measures to reduce exposure to potential fallout.

Next-level malware represents a new era of malicious code developed specifically to get around modern security software like digital forensics tools and EDR, new research warns.