User credentials remain the Achilles heel of cloud apps: How you can prevent an attack

(c)iStock.com/bestdesigns

High-profile security breaches have dominated the headlines in 2014. Two notable examples over the last few months, the Apple iCloud and Dropbox breaches, have revealed a juicy target for attackers: user credentials.

Rather than try to hack into the application itself like iCloud, Dropbox, Salesforce, or Amazon Web Services (AWS), an easier and much more feasible approach to gaining access to sensitive data, celebrity photos, or whatever else an attacker is after, is through stolen...

By Ofer Hendler, 02 January 2015, 3 comments. Categories: Exploits, Security, Vulnerabilities.

The cryptic cloud: Can cloud encryption operate effectively right now?

©iStock.com/Henrik5000

Encryption in the digital world is akin to a safe in the physical world. Data is locked away and can only be seen by those who have the correct key. Among other things, encryption is what provides an assurance of confidentiality in data security and it is fast gaining ground in the cloud. But is encrypted data therefore more secure? Not if your keys are transferred in the clear, duplicated or mismanaged.

Data that goes to the public cloud is usually transferred securely and files are...

By Pedro Venda, 23 December 2014, 0 comments. Categories: Exploits, Security, Vulnerabilities.

Meet Zenedge, the firm which protects the entire enterprise ecosystem in the cloud

Picture credit: iStockPhoto

Zenedge has announced the general availability of its latest Zenshield DOME platform with a simple goal: to protect your enterprise from what it perceives to be its weakest link.

That weakest link is a firm’s partner and supplier ecosystem, which Zenedge insists is a more likely target for hackers trying to infiltrate an enterprise in the cloud.

The product is a security platform as a service (SPaaS), and can be extended to a retailer’s partner and supplier network so...

By James Bourne, 28 November 2014, 0 comments. Categories: Exploits, Platform, Security, Vulnerabilities.