#cloud-security

#cloud-security

With a valid key, an attacker can access uploaded files, cached data, and charge LLM-usage to your account. The keys now also authenticate to Gemini even though they were never intended for it. The problem occurs when users enable the Gemini API on a Google Cloud project, causing existing API keys to gain surreptitious access to Gemini endpoints without any warning or notice.

Three years ago, we would spend hours asking ourselves if we were heading in the right direction, and 80% of the time, it felt like we weren't,

Security in 2026 is defined by convergence, complexity, and scale. Enterprise organizations are navigating a world where cyber incidents are causing physical shutdowns, and physical breaches are creating digital vulnerabilities, all while cloud-dependent systems are becoming the backbone of operations, and AI is being used as a tool by both defenders and attackers. Incidents in 2025, especially the AWS outage, have painfully exposed just how interdependent modern security environments have become.

Upwind focuses on securing public cloud environments with a so-called runtime-first approach. According to the company, traditional security models are increasingly out of step with modern cloud architectures, in which real-time applications and AI workloads play an increasingly important role. The CEO and co-founder argues that security should be based on what is actually happening in a cloud environment, rather than on static assumptions or snapshots.

Microsoft provided the FBI with the recovery keys to unlock encrypted data on the hard drives of three laptops as part of a federal investigation, Forbes reported on Friday. Many modern Windows computers rely on full-disk encryption, called BitLocker, which is enabled by default. This type of technology should prevent anyone except the device owner from accessing the data if the computer is locked and powered off.

The cloud revolution has transformed application development and deployment. Still, traditional network security, the castle and moat approach that served on-premises data centers, falls short in cloud native architectures where resources are distributed, ephemeral, and accessed from anywhere. Data exfiltration through insider threats, compromised credentials and misconfigured services has become critical for enterprises migrating to public cloud. Industry reports show data breaches involving cloud misconfiguration cost organizations an average of $4.45 million per incident.

Consider a fictitious company, DeltaSite, and an all-too-common scenario for rapidly expanding SaaS providers. Within months, DeltaSite embarked on an ambitious multicloud migration, deploying critical workloads across AWS, Azure, and Google Cloud. DeltaSite's board approved a seven-figure investment in the latest cloud security tools, including AI-powered monitoring and automated compliance frameworks, believing this would virtually guarantee security. Yet just six months after going live, DeltaSite suffered a major breach: A single misconfigured storage bucket exposed sensitive customer data to the public internet.

From a management perspective, the path was clear to Teams,

AWS Identity Misconfigurations: We will show how attackers abuse simple setup errors in AWS identities to gain initial access without stealing a single password. Hiding in AI Models: You will see how adversaries mask malicious files in production by mimicking the naming structures of your legitimate AI models. Risky Kubernetes Permissions: We will examine "overprivileged entities"-containers that have too much power-and how attackers exploit them to take over infrastructure.

CrowdStrike's Q3 fiscal 2026 results showed $1.23 billion in revenue, up 22% year over year, missing the $1.24 billion estimate. Net new annual recurring revenue hit $265 million, up 73% from last year. CEO George Kurtz called it "one of our best quarters in company history." Operating cash flow hit a record $398 million. Free cash flow reached $296 million.

For the first time, we are seeing a foreign adversary use a commercial AI system to carry out nearly an entire cyber operation with minimal human involvement,

Alibaba Cloud is not inherently a security threat, but its ties to China and the legal environment create potential risks that Western companies must carefully evaluate. For low-risk applications (e.g., serving customers in Asia), it may be a viable option. For high-sensitivity operations, most security-conscious organizations opt for cloud providers based in allied countries with strong rule-of-law protections (e.g., AWS, Microsoft Azure, Google Cloud).

The Zero Trust security market is expected to be worth $88.8bn by 2030, at a compound annual growth rate of just over 16%. And this investment is urgent: according to research, 98% of CISOs expect cyber attacks to increase over the next three years. These attacks can have huge consequences: US financial services firm Equifax incurred $1.4bn in settlements after a single vulnerability in a web application was exploited by hackers.

In the company's annual Cloud Readiness Report 70% of CEOs admit they built their current cloud environment "by accident, rather than by design" - this often entailed periodic upgrades aimed at addressing short-term needs, rather than focusing on longer term strategic improvements. Kyndryl said this shows that many lacked a "deliberate strategy" when pursuing cloud transformation projects, and the effects of this are starting to show with huge workload pressure placed on cloud environments, as well as growing security threats and evolving regulatory requirements.

There are plenty of choices for businesses when it comes to security. One could say there are too many of them in the public cloud domain for little overall gain. Google wants to ensure that customers can trust those choices by guaranteeing interoperability and integration. In said attempt, it has unveiled the newly launched Unified Security Recommended program. CrowdStrike, Fortinet, and Wiz are the first to join in.

For decades, organizations have relied on static secrets, such as API keys, passwords, and tokens, as unique identifiers for workloads. While this approach provides clear traceability, it creates what security researchers describe as an "operational nightmare" of manual lifecycle management, rotation schedules, and constant credential leakage risks. This challenge has traditionally driven organizations toward centralized secret management solutions like HashiCorp Vault or CyberArk, which provide universal brokers for secrets across platforms.

The cloud has become the backbone of modern business, enabling rapid scalability, advanced analytics, and collaboration across global teams. In the age of artificial intelligence (AI), the cloud's role is even more critical, both serving as the storage and processing hub for vast quantities of data that feed machine learning models, power real-time analytics, and drive business innovation. With this innovation comes a high-risk balancing act.

Cloud migration and flexible working policies have contributed to the sprawl, but part of the reason it's so unmanageable is that companies still rely on the same old discovery tools built for a static network. Whenever we scan a new environment, we always uncover a large number of devices that were completely off the radar and out of scope of the protection of their IT and security policies.

Today, enterprises need a robust digital infrastructure for everything from customer engagement to operational continuity, and multi-cloud technology has become a fundamental enabler of enterprise success. However, with these increased complexities, organisations face increasing challenges in managing security risks, maintaining operational uptime, and above all, to maximise value from their cloud investments. Emerging technologies and innovative approaches are reshaping the way enterprises navigate these challenges, and at the same time service level agreements (SLAs) too are evolving to align with these developments.

Cloud computing forms the backbone of our increasingly digital world, enabling businesses to operate more efficiently, grow faster, and innovate with flexibility. Despite its advantages, the cloud is not immune to data breaches caused by weak security practices. Alarmingly, some of the biggest risks do not stem from technical errors or malicious hackers but from the very people responsible for protecting cloud resources: security professionals themselves.

Darktrace introduces the industry's first fully automated cloud forensics solution. Forensic Acquisition & Investigation aims to reduce investigation times from days to minutes by collecting evidence immediately when threats are detected. A survey of 300 cloud security decision-makers shows that nearly 90 percent of organizations suffer damage before they can contain cloud incidents. Additionally, investigations in cloud environments take three to five days longer than those in on-premises environments.

A new report from Senate Democrats claims members of Elon Musk's DOGE team have access to the Social Security Numbers of all Americans in a cloud server lacking verified security measures, despite an internal assessment of potential "catastrophic" risk. The report, released by Sen. Gary Peters (D-MI), cites numerous disclosures from whistleblowers, including one who said a worst-case scenario could involve having to re-issue SSNs to everyone in the country.

ZDNET's key takeaways The FBI warned about the alarming trend of compromised accounts. The success rate of threat actors could tarnish Salesforce's reputation. The most recent wave of attacks was likely preventable.

Academic researchers from Vrije Universiteit Amsterdam have demonstrated that transient execution CPU vulnerabilities are practical to exploit in real-world scenarios to leak memory from VMs running on public cloud services. The research shows that L1TF (L1 Terminal Fault), also known as Foreshadow, a bug in Intel processors reported in January 2018, and half-Spectre, gadgets believed unexploitable on new-generation CPUs, as they cannot directly leak secret data, can be used together to leak data from the public cloud.

Microsoft built security controls around identity like conditional access and logs, but this internal impression token mechanism bypasses them all,

ChatGPT's research assistant sprung a leak - since patched - that let attackers steal Gmail secrets with just a single carefully crafted email. Deep Research, a tool unveiled by OpenAI in February, enables users to ask ChatGPT to browse the internet or their personal email inbox and generate a detailed report on its findings. The tool can be integrated with apps like Gmail and GitHub, allowing people to do deep dives into their own documents and messages without ever leaving the chat window.

Mollema has studied Entra ID security in depth and published multiple studies about weaknesses in the system, which was formerly known as Azure Active Directory. But while preparing to present at the Black Hat security conference in Las Vegas in July, Mollema discovered two vulnerabilities that he realized could be used to gain global administrator privileges-essentially god mode-and compromise every Entra ID directory, or what is known as a "tenant."

SecurityWeek's Attack Surface Management Virtual Summit is now LIVE and runs today from 11AM - 4PM ET. Join the online event where cybersecurity leaders and practitioners will dive into the strategies, tools, and innovations shaping the future of ASM. As digital assets and cloud services continue to expand, defenders are shifting tactics to continuously discover, inventory, classify, prioritize, and monitor their attack surfaces.

Two researchers reported finding serious vulnerabilities, including ones that expose employee information and drive-through orders, in systems run by Restaurant Brands International (RBI), which owns the Tim Hortons, Burger King and Popeyes brands. The vulnerabilities were reported to the vendor and quickly fixed. In addition, RBI said the system targeted by the researchers is still in early development. However, the company still sent a DMCA complaint to the researchers to force them to remove the blog post detailing their findings.

Cloud storage is used by most businesses, with 78% of respondents to a 2024 PwC survey indicating they've adopted cloud across most of their organizations. But many firms are unknowingly opening themselves up to security and data protection risks: sensitive data is being held in 9% of publicly-accessible cloud storage, and 97% of this information is classified as restricted or confidential, according to Tenable's 2025 Cloud Security Risk Report.