Securonix Securonix is transforming how security operations are delivered, measured, and scaled. Our Unified Defense SIEM combines SIEM, UEBA, SOAR, TIP, and TDIR in a single cloud-native platform that helps security teams detect threats faster, investigate with context, and respond with precision.

The latest update for #Securonix includes "Awards Don't Defend Networks. Execution Does." and "10 Questions CIOs Should Ask to Modernize #SecurityOperations".

#cybersecurity #cloudsecurity #SIEM https://opsmtrs.com/4qmpzeX

#datasecurity #cybersecurity #dataprotection #security #informationsecurity#technology #cybersecurityawareness #cyberattack #cybercrime #privacy #hacker #malware #data #dataprivacy #databreach #ransomware #phishing #itsecurity #cloudsecurity #networksecurity #pentesting #tech #linux #cloud

Cloud does not mean Google Workspace data is safe from loss.

Join us, sponsor Cohesity, and a panel of experts on April 15th for this FREE webcast on cyber resilience for Google Workspace.

Register now: https://ow.ly/qC4G50YAVLL

#GoogleWorkspace #CyberResilience #DataProtection #CloudSecurity

Prowler | Cossmology Open source cloud security platform

Prowler - Open source cloud security platform

Cossmology Profile: https://dub.sh/qb4Orog

Key People: Toni de la Fuente (@toniblyx.bsky.social), Rajiv Taori, Amit Sharma, Laura Franzese, Casey Rosenthal (@clr.bsky.social)

#CloudSecurity #OpenSource #OSS #COSS

Protecting cloud-based apps starts with better visibility and stronger control.

Join us and sponsor Veeam Software on April 14th for this FREE virtual summit on SaaS security best practices for cloud-first environments.

Register now: https://ow.ly/gWHq50YAVGw

#SaaSSecurity #CloudSecurity

Secure Access Push Security Events: API, Webhooks & an example integration Today, we continue the video series highlighting the latest Cloud Security API update. In today's episode, we'll be diving into the Push Security Events feature together with ​​Yaron Caspy, API Product Manager, at Cisco. 00:53 Push Security Events Docs https://cs.co/63322B6mnsp 01:39 Creating Push Security Events using UI 2:30 Creating a webhook using the API 03:30 Configuring HTTP Event Collector at Splunk 04:40 Adding new Security events integrations via API 05:23 Check validation in Splunk Search and Reporting 06:30 Reviving security events received from Secure Access 07:00 What is the difference between REST API and Push security events 08:08 Which format does Secure Access use for this event? Push Security Events Third-Party Integration: https://cs.co/63325B6mnsX Subscribe to the Cisco DevNet YouTube channel and keep up with our latest videos and streams → https://cs.co/63329B6mnsb

Check out the demo about Secure Access Push Security Events: API, Webhooks & an example integration
Watch here: cs.co/63322B6mnse

#CloudSecurity #APIs #Cisco #SecurityEvents

Troubleshooting a Missing IAM Policy Summary -- AWSInsider When an IAM policy summary is missing in the AWS console, Brien Posey explains the most likely culprits -- from unsupported JSON elements like Principal and NotResource, to contradictory permissions, unrecognized services, and spelling errors in the JSON document.

A missing IAM policy summary in Amazon Web Services (AWS) may point to JSON errors, unsupported elements or services that do not support summaries, as Brien Posey explains.

See what could be breaking your policy summary: https://ow.ly/1C2U50YAVc2

#AWS #IAM #CloudSecurity

Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts Cybersecurity researchers have disclosed a security "blind spot" in Google Cloud's Vertex AI platform that could allow artificial intelligence (AI) agents to be weaponized by an attacker to gain unauthorized access to sensitive data and compromise an organization's cloud environment. According to Palo Alto Networks Unit 42, the issue relates to how the Vertex AI permission model can be misused

iT4iNT SERVER Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts VDS VPS Cloud #GoogleCloud #VertexAI #Cybersecurity #DataProtection #CloudSecurity

Chinese Tech Leaders See 66 Billion Erased as AI Pressures Intensify   Throughout the past year, artificial intelligence has served more as a compelling narrative than a defined revenue stream – one that has steadily inflated expectations across global technology markets. As Alibaba Group Holdings Ltd and Tencent Holdings Ltd encountered an unexpected turn, the narrative was brought to an end. During a single trading day, the combined market value of the companies declined by approximately $66 billion. There was no single operational error responsible for the abrupt reversal, but a growing sense of unease among investors who had aggressively positioned themselves to benefit from AI-driven profitability. However, they were instead faced with strategic ambiguity. In spite of significant advancements and high-profile commitments to artificial intelligence, both companies have not been able to articulate a credible and concrete path for monetization despite significant advances and high-profile commitments. A market reaction like this point to a broader shift in sentiment that suggests the era of rewarding ambition alone has given way to a more rigorous focus on execution, clarity, and measurable results in the rapidly evolving field of artificial intelligence. In spite of the pressure on fundamentals, the market’s skepticism has only grown.  Alibaba Group Holdings Ltd. reported a significant 67% contraction in net income in its latest quarterly results, reflecting a convergence of structural and strategic strains rather than a single disruption. In a time when underlying consumer demand remains uneven, the increased capital allocation towards artificial intelligence, including compute infrastructure, model development, and ecosystem expansion, is beginning to affect margins materially.  As a result of this dual burden, the company’s near-term profitability profile has been complicated, which reinforces analyst concerns that sentiment will not stabilize unless AI can be demonstrated to generate incremental, recurring revenue streams. Added to this, Alibaba has announced plans to invest over $53 billion in infrastructure, along with an aspirational target of generating $100 billion in combined cloud and AI revenues within five years.  Although this indicates scale, it lacks specificity. As a result of the absence of defined timelines, product roadmaps, and monetization mechanisms, markets are becoming increasingly reluctant to discount the degree of uncertainty created. It appears that investors are recalibrating their tolerance of long-term payoffs in a capital-intensive industry that is inherently back-loaded, putting more emphasis on visibility of execution and measurable milestones rather than long-term payoffs.  Without such alignment, the company's narrative on AI could be perceived as more of a budgetary expenditure cycle rather than a growth engine, further anchoring cautious sentiment. Tencent Holdings Ltd.'s market movements across China's technology sector demonstrate the rapid shift from optimism to recalibration.  Several days after the company's market value was eroded by approximately $43 billion in one trading session, Alibaba Group Holdings Ltd. recovered. In addition to an additional $23 billion decline in its US-listed stock, its Hong Kong-listed stock also suffered a 7.3% decline. It would appear that these movements echo a broader re-evaluation of valuation assumptions that had been boosted by heightened expectations regarding artificial intelligence-driven growth, until recently.  Among the factors contributing to this reversal are the rapid unwinding of the speculative surge that occurred earlier in the month, sparked by the viral adoption of OpenClaw, an agentic artificial intelligence platform that captured public imagination with its promises of automating mundane, time-consuming tasks such as managing emails and coordinating travel arrangements.  Following the Lunar New Year, consumers' enthusiasm increased following the holiday season, resulting in an acceleration in product releases across the sector. Emerging players, such as MiniMax Group Inc., and established incumbents, such as Baidu Inc., introduced competing products and services rapidly, reinforcing the narrative of imminent transformation based on artificial intelligence.  Tencent's shares soared by over 10% during this period as investor enthusiasm surrounded its own OpenClaw-related initiatives propelled its share price. However, as initial excitement faded, it became increasingly apparent that the rapid proliferation of products was not consistent with clearly defined monetization pathways. Markets seem to be beginning to differentiate between technological momentum and sustainable economic value as a consequence of the pullback, an inflection point which continues to influence the trajectory of China's leading technology companies within an ever-evolving artificial intelligence environment. As a result of the intense competition underpinning China’s AI expansion, the investment narrative has been further complicated. In addition to emerging companies such as MiniMax Group Inc., there are established incumbents such as Baidu Inc. As a result of the surge in demand, Tencent Holdings Ltd. was the fastest company to roll out AI-based services and applications. With its extensive user database and its control over a vast digital ecosystem, WeChat emerges as a perceived structural beneficiary. Such positioning is widely considered advantageous in the development of agentic AI systems, which rely heavily on access to granular user-level data, such as communication patterns and behavioral signals, to achieve optimal performance.  Although these inherent advantages exist, investor confidence has been tempered by a lack of operational clarity, despite these inherent advantages. Tencent's management did not articulate specific monetization frameworks, capital allocation thresholds, or product roadmaps in the post-earnings discussions that could translate its ecosystem strengths into scalable revenue streams after earnings.  Consequently, institutional sentiment has been influenced by the lack of detail, which has prompted valuation models to be recalibrated. A significant downward revision was made by Morgan Stanley, which cited expectations that front-loaded AI investments will continue to put pressure on margins, with profit growth likely to trail revenue growth in the medium term.  Similarly, Alibaba Group Holding Ltd. is experiencing a parallel dynamic, where strategic imperatives to lead artificial general intelligence development are increasingly intertwining with operational challenges. It has been aggressively deploying capital in order to position itself at the forefront of China's artificial intelligence race, committed to committing more than $53 billion to infrastructure and aiming to generate $100 billion in cloud and AI revenues within the next five years.  However, it is also experiencing a deceleration in its traditional e-commerce segment as domestic competition intensifies. The company has responded to this by operationalizing aspects of its artificial intelligence portfolio, which have included the introduction of enterprise-focused agentic solutions, such as Wukong, as well as pricing adjustments across its cloud and storage services, resulting in a 34% increase in cloud and storage prices. However, escalating costs remain a barrier to sustainable returns.  The recent Lunar New Year period has seen major technology firms, including Alibaba, Tencent, ByteDance Ltd., and Baidu, engage in aggressive user acquisition campaigns, distributing billions of dollars in subsidies and incentives in order to stimulate adoption of consumer-facing AI software.  Although such measures have contributed to short-term engagement gains, they also indicate a trend in which customer acquisition and retention are being subsidized at scale, raising questions about the longevity of unit economics. In light of the increasing capital intensity across both infrastructure and user growth fronts, it is becoming increasingly necessary for the sector to exercise discipline and demonstrate tangible financial results in order to transition from experimentation to monetization. A key objective of this episode is not to collapse the AI thesis, but rather to reevaluate the way in which its value is assessed and realized.  A transition from capability building to disciplined commercialization will likely be required for China's leading technology firms in the future, where technical innovation is closely coupled with viable business models and measurable financial outcomes. The investor community is increasingly focused on metrics such as revenue attribution from artificial intelligence services, margin resilience as computing costs rise, and the scalability of enterprise-focused and consumer-facing deployments.  The importance of strategic clarity will be as strong as technological leadership in this environment. As a result of transparent investment timelines, product differentiation, and sustainable unit economics, companies that are able to articulate coherent monetization frameworks are more apt to restore confidence and justify continued capital inflows.  As global markets adopt a more selective approach to AI-driven growth narratives, prolonged ambiguity is also likely to extend valuation pressure. Thus, the future will not be determined solely by innovation pace, but also by the ability of the industry to convert its innovations into durable, repeatable sources of value for the industry as a whole.

Chinese Tech Leaders See 66 Billion Erased as AI Pressures Intensify #AIgovernance #ArtificialIntelligence #CloudSecurity

#Kubescape 4.0 is here!

What’s new in this release?
• Runtime threat detection
• A new set of AI-era security features
• Security of AI agents alongside existing scanning capabilities

🔗 Explore more: bit.ly/4vhhevM

#InfoQ #DevOps #Kubernetes #CloudSecurity #Containers #Aiagents

GCP Vertex AI Security Blind Spots

~Paloalto~
Default excessive permissions in GCP Vertex AI agents can be exploited to exfiltrate data and access restricted internal Google resources.
-
IOCs: (None identified)
-
#CloudSecurity #ThreatIntel #VertexAI

🚨 New MEDIUM CVE detected in AWS Lambda 🚨
CVE-2026-33672 impacts picomatch in 3 Lambda base images.

Details: github.com/aws/aws-lambda-base-imag...
More: https://lambdawatchdog.com/

#AWS #Lambda #CVE #CloudSecurity #Serverless

🚨 New HIGH CVE detected in AWS Lambda 🚨
CVE-2026-33671 impacts picomatch in 3 Lambda base images.

Details: github.com/aws/aws-lambda-base-imag...
More: https://lambdawatchdog.com/

#AWS #Lambda #CVE #CloudSecurity #Serverless

🚨 New MEDIUM CVE detected in AWS Lambda 🚨
CVE-2026-33750 impacts brace-expansion in 4 Lambda base images.

Details: github.com/aws/aws-lambda-base-imag...
More: https://lambdawatchdog.com/

#AWS #Lambda #CVE #CloudSecurity #Serverless

🚨 Lambda Watchdog CVE Report 🚨
Latest AWS Lambda image scan detected 21 CVEs across 27 images:
• 🔴 Critical: 0
• 🟠 High: 14
• 🟡 Medium: 4
• 🔵 Low: 3

Check the full report 👉 https://lambdawatchdog.com/
#AWS #Lambda #CVE #CloudSecurity #Serverless

oof, sounds like an investigation's gonna be a long one. 350 GB is a lot of ground to cover.

if you used any online services that rely on AWS, might be a good time to freshen up those passwords. 2FA is your friend here too. #DataBreach #CloudSecurity

✉️ The DKIM Problem: Why the European Commission Breach Threatens Inboxes Worldwide 🔎 Read the complete article from ComplexDiscovery OÜ's cybersecurity beat at complexdiscovery.com/the-dkim-pro.... #Cybersecurity #DataBreach #ShinyHunters #EuropeanCommission #CloudSecurity

EU Commission Probes AWS Breach After 350 GB Data Theft The European Commission has launched an investigation into a breach of its AWS cloud environment after a threat actor claimed to have stolen 350 GB of data.

winbuzzer.com/2026/03/31/e...

EU Commission Probes AWS Breach After 350 GB Data Theft

#EU #Amazon #Cybersecurity #EuropeanCommission #AWS #DataBreaches #SecurityBreach #Cyberattacks #Hackers #Hacking #Cloud #CloudSecurity #Europe #BigTech

Every enterprise I've assessed has service accounts running domain admin rights because "that was quickest at the time." No owner, no rotation, no review. In hybrid cloud one #PAM-ungoverned account chains across three #CloudSecurity environments.

#CloudSecurity #IdentityManagement #MVPBuzz #Security #MicrosoftTechCommunity
👉👉 tip.tbone.se/KLBpQj
[AI generated, Human reviewed]

Complete Overview of Google Cloud Platform Security Discover essential GCP security practices, tools, and certifications to protect data, manage access, and build a secure cloud infrastructure.

Advancing your career in cloud computing starts with mastering Google Cloud Platform Security.

✔ Understand core security concepts
✔ Prepare effectively for Google Cloud Certification
✔ Build confidence in real-world scenarios

📘 www.linkedin.com/pulse/comple...

#Google #GoogleCloud #CloudSecurity

CareCloud Data Breach Confirmed, Patient Records Potentially Exposed A recent CareCloud data breach led to patient data exposure and the broader impacts on healthcare cybersecurity.

Full Article: www.technadu.com/carecloud-da...

Do you think healthcare organizations are doing enough to secure third-party vendors? Share your thoughts below 👇
#CyberSecurity #HealthcareSecurity #DataBreach #EHR #Infosec #Privacy #CloudSecurity

"Unlock the power of Explainable AI 🚀 in cloud-based cybersecurity. Building trust and transparency

"Unlock the power of Explainable AI 🚀 in cloud-based cybersecurity. Building trust and transparency in AI-driven systems #ExplainableAI #CloudSecurity #Cybersecurity #AI"

🔗 bytejournal.online/blog/explainable-ai-in-c...

260330 rootshell.online Created on Mon Mar 30 23:00:00 CST 2026 - A news, tutorials and conferences about security published on YouTube - Find the RSS Feed with latest playlists at ...

Two playlists every day on hacking & defense. Discover the latest tools and techniques now. 🎥 www.youtube.com/playlist

#CyberSecurity #IncidentResponse #CloudSecurity #Hacking #Phishing

Azure Maps Adds Private Endpoint Support to Strengthen Network Security -- Redmondmag.com New preview feature enables organizations to access mapping services through private network connections.

Microsoft has added private endpoint support to Azure Maps in preview, enabling secure access through Azure Private Link for location-based apps and analytics.

See how Azure Maps is strengthening network security: https://ow.ly/uo6p50YAAMZ

#Microsoft #AzureMaps #CloudSecurity

Reminder: Microsoft's shared responsibility model means they protect the infrastructure, but YOUR data, YOUR identities, and YOUR configurations are YOUR responsibility.

#SharedResponsibility #CloudSecurity #M365
https://365securityassessment.com

OpenAI Codex Vulnerability Exposes GitHub Credentials via Command Injection An OpenAI Codex vulnerability led to a GitHub token compromise: a command injection flaw in the task creation HTTP request exposes AI agent security risks.

Full Article: www.technadu.com/openai-codex...

How is your organization securing AI-assisted development workflows? Share your thoughts below 👇
#CyberSecurity #AIsecurity #DevSecOps #GitHub #OpenAI #Codex #AppSec #CloudSecurity #Infosec #ThreatIntelligence

Exploiting SharePoint Permissions the Co-Pilot Way - risk3sixty Copilot makes identifying mis-configurations in SharePoint much faster and easier to see. It honors existing permissions via Microsoft Graph: if a user can access content, Copilot can summarize. That ...

Read the full technical remediation guide from the Armada team here: risk3sixty.com/blog/exploit...

#InfoSec #CyberSecurity #CloudSecurity #Armada #AI #LLM #Sharepoint #Microsoft #Cyber #Copilot

🚨 Lambda Watchdog CVE Report 🚨
Latest AWS Lambda image scan detected 18 CVEs across 27 images:
• 🔴 Critical: 0
• 🟠 High: 13
• 🟡 Medium: 2
• 🔵 Low: 3

Check the full report 👉 https://lambdawatchdog.com/
#AWS #Lambda #CVE #CloudSecurity #Serverless

Internxt Offers First Class Security With Bargain Plans Some time ago I wrote a post about the slew of new cloud storage services becoming available and questioned whether or not they were safe…

Internxt Offers First Class Cloud Security With Bargain Plans
medium.com/@kevinko_...
#Internxt #FolderFort #CloudStorage #CloudSecurity