#cloud-security — Public Fediverse posts

«Warum Cloud-Lock-in zum Sicherheitsrisiko wird—Digitale Souveränität braucht einen Exit-Plan:
Mit dem Wechsel hin zu Open-Source-Strukturen hat Schleswig-Holstein Anfang des Jahres ein deutliches Signal gesetzt. Die Abhängigkeit von großen Technologiekonzernen ist kein Naturgesetz.»

Viele verantwortliche Leute glauben wenn sie die Tools aufzuzählen, dass dies ein Plan sei. Es ist komplexer & benötigt Zeit.

💻 https://www.it-daily.net/it-management/cloud-computing/digitale-souveraenitaet-exit-plan

#cybersicherheit #cloudservices #itsicherheit #cloudsecurity

The future of money is moving to Amsterdam, and Upsun is proud to be part of the conversation! 🇳🇱 💶

We're heading to Money20/20 to show how we're helping fintechs move from legacy complexity to seamless modernization. 😎

Stop by our booth to meet the team! 🤝

📅 June 2 – 4, 2026
📍 Amsterdam, Netherlands
👉 https://europe.money2020.com/

#Money2020 #Fintech #FinancialServices #CloudSecurity

https://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised
#CyberSecurity #InfoSec #SupplyChainSecurity #SoftwareSupplyChain #NPM #OpenSourceSecurity #AppSec #DevSecOps #ThreatIntel #Malware #JavaScript #NodeJS #CICD #GitHubActions #CloudSecurity #TypeScript #ReactJS #WebDev #OpenSource #DevTools #SoftwareEngineering #DeveloperSecurity #SecureCoding #GitHub #SupplyChainAttack #Programming #TechNews #DevOps #ApplicationSecurity #ThreatResearch #SecurityEngineering #CyberAttack #Hackers #MalwareAlert #SecurityResearch #DevCommunity

Looking for a cloud firewall that’s not a black box?
IPFire runs on AWS as a standard AMI — transparent, open, and easy to manage.
#CloudSecurity #OpenSource #AWS #NetworkSecurity https://www.ipfire.org/downloads/cloud

📰 Braintrust AI Platform Breach Exposes Customer API Keys in AWS Account

📢 Braintrust AI platform discloses AWS security breach. Unauthorized access to an account storing customer API keys prompts urgent rotation advisory. A significant supply chain risk for the AI ecosystem. 🤖 #Braintrust #DataBreach #CloudSecurity #AI

🔗 https://cyber.netsecops.io

Gartner: sovereign cloud is only possible if you're American or Chinese. Everyone else is renting the illusion.
Europe produced white papers. One operator in Peel runs a genuinely sovereign stack.
The question was never capability. It was appetite.
https://haunted.lighthouse.co.im/articles/one-person-cares/?utm_source=mastodon
#DigitalSovereignty #CloudSecurity #CLOUDACT #Infrastructure

Eliminating database password risk might sound like a dream but we are making it a reality with network isolation and SSH keys. ☁️ 🔒

By ditching default passwords and opting for private networking, you can stop worrying about credential leaks and hardcoded secrets. 🛡️

Our latest guide breaks down how we use multi-layered isolation and explicit service authorization to keep your administrative access secure. 👉 https://devcenter.upsun.com/posts/eliminating-database-pwd-risk-with-network-isolation/

#CloudSecurity #DatabaseSafety #InfraAsCode #WebDev

@cryptomator
The "Cloud" is just someone else's computer—and as we see, even tech giants aren't invincible.
When big tech fails or laws compromise your privacy, having a transparent way to access and manage your own backups becomes a necessity, not a luxury.
This is why #Keepita focuses on giving users a clear window into their mobile data. Don't let your backups be a mystery hidden in someone else's vulnerable cloud.

#Keepita #DataPrivacy #MicrosoftHack #CloudSecurity #InfoSec #SelfCustody

Google Cloud Fraud Defence is just WEI repackaged

https://privatecaptcha.com/blog/google-cloud-fraud-defence-wei/

#HackerNews #GoogleCloud #FraudDefence #WEI #Repackaged #CloudSecurity #TechNews #Cybersecurity

IPFire in the cloud? Yes.
It’s available as an AMI on AWS, giving you full control with none of the complexity of native cloud firewalls.
#CloudSecurity #OpenSource #AWS #Firewall https://www.ipfire.org/downloads/cloud

Enterprises need flexibility, not lock-in.
IPFire offers an open-source firewall platform that works across environments — including AWS.
#CloudSecurity #Firewall #OpenSource #AWS https://www.ipfire.org/downloads/cloud

A practical cybersecurity brief on reducing operational risk, strengthening controls, and improving executive decision-making.

Where would are cloud security bypassers stealing your data ever... break first in your environment?

Read more: https://steelefortress.com/fortress-feed/are-cloud-security-bypassers-stealing-your-data-every-time-you-click

CyberSecurity #CloudSecurity #InfoSec #Security

🎥 Watch Teaser: https://steelefortress.com/6ztxan

May the Vault be with you. ✨

For Star Wars Day, we’re celebrating all space guardians, pilots, droids, and teams who keep their data safe across the galaxy.

With Cryptomator Hub, teams can centrally manage access to encrypted vaults — so important files stay protected, whether you’re working from the office, remotely, or on an intergalactic mission.

Happy May the 4th! 🚀🔐

#StarWarsDay #MayThe4th #Cryptomator #CryptomatorHub #Encryption #DataSecurity #CloudSecurity

Physical security has become an important aspect of protecting confidential computing workloads. Physical access is typically excluded from hardware vendors' CVM attack models, leaving physical and relay attacks largely unaddressed.
Flashbots and Intel have each been working independently on solutions to help bridge this physical-access gap: https://writings.flashbots.net/mind-the-gap-tee-poc

#ConfidentialComputing #CloudSecurity #TPM

Kubernetes moves fast.
Static security doesn’t.

Protect your ingress with real-time blocking + GitOps-friendly deployment 👇
https://crowdsec.net/blog/secure-kubernetes-ingress-with-crowdsec-and-traefik-devsecops-at-scale

#Kubernetes #DevSecOps #CloudSecurity

🚨 Most people think red teaming is about exploits.

It’s not.

The most effective attacks today don’t start with vulnerabilities —
they start with **trust**.

Modern environments are cloud-heavy, identity-driven, and full of SaaS integrations. In these systems, attackers don’t always need to “break in.”

They move quietly through:

• Over-permissioned identities
• Weak approval workflows
• Misconfigured cloud roles
• OAuth tokens and API access
• Human behavior under pressure
• Business processes no one questions

This is what I’ve been studying and calling the **Quiet Kill Chain** —
a sequence of legitimate-looking actions that, when chained together, become an attack path.

No loud exploits.
No obvious malware.
Just normal activity… used the wrong way.

## What changes at an advanced level?

You stop asking:
“What exploit should I use?”

And start asking:

• Where does this system trust too easily?
• Which action would look completely normal?
• What would defenders ignore?
• How can I blend into business operations?

Because the strongest intrusion today is not the one that is invisible.

It’s the one that looks **legitimate**.

## My takeaway

Offensive security is shifting from breaking systems
to understanding them deeply enough to move inside them unnoticed.

I’ve written a full deep-dive on this concept here 👇

🔗 https://dev.to/blackcipher/the-quiet-kill-chain-how-modern-red-teamers-break-organizations-without-exploits-1ell

Curious to hear your thoughts —
Is detection today ready for this level of subtlety?

#CyberSecurity #RedTeam #OffensiveSecurity #ThreatIntel #CloudSecurity #IdentitySecurity #EthicalHacking #BlackCipher

via #Microsoft : Microsoft Sovereign Private Cloud scales to thousands of nodes with Azure Local

https://ift.tt/4jIwXns
#AzureLocal #SovereignPrivateCloud #CloudSecurity #DataResidency #DataGovernance #EdgeComputing #AIinference #InfrastructureScaling #Dis(transaction)edOpera…