The NSA released a list of ten recommended security strategies for cloud customers. The advisory, published on March 7, 2024, includes ten strategies for cloud security, identity and access management, data security practices, and network segmentation.
CISA supported the NSA with six out of ten strategies for cybersecurity and infrastructure security in the US.
By infosecbulletin
/ Wednesday , June 18 2025
Russian cybersecurity experts discovered the first local data theft attacks using a modified version of legitimate near field communication (NFC)...
Read More
By infosecbulletin
/ Tuesday , June 17 2025
Cybersecurity researcher Jeremiah Fowler discovered an unsecured database with 170,360 records belonging to a real estate company. It contained personal...
Read More
By infosecbulletin
/ Tuesday , June 17 2025
GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel's IKE affecting UDP port 500. The attack centers around CVE-2023-28771,...
Read More
By infosecbulletin
/ Tuesday , June 17 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included two high-risk vulnerabilities in its Known Exploited Vulnerabilities (KEV)...
Read More
By infosecbulletin
/ Monday , June 16 2025
SafetyDetectives’ Cybersecurity Team discovered a public post on a clear web forum in which a threat actor claimed to have...
Read More
By infosecbulletin
/ Sunday , June 15 2025
WestJet, Canada's second-largest airline, is looking into a cyberattack that has affected some internal systems during its response to the...
Read More
By infosecbulletin
/ Saturday , June 14 2025
Resecurity found 7.4 million records of Paraguayan citizens' personal information leaked on the dark web today. Last week, cybercriminals attempted...
Read More
By infosecbulletin
/ Friday , June 13 2025
HashiCorp has revealed a critical vulnerability in its Nomad tool that may let attackers gain higher privileges by misusing the...
Read More
By infosecbulletin
/ Friday , June 13 2025
SoftBank has disclosed that personal information of more than 137,000 mobile subscribers—covering names, addresses, and phone numbers—might have been leaked...
Read More
By infosecbulletin
/ Friday , June 13 2025
Serious security vulnerabilities in Trend Micro Apex One could allow attackers to inject malicious code and elevate their privileges within...
Read More
The top 10 cloud security mitigation strategies are:
* Uphold the Cloud Shared Responsibility Model
* Use Secure Cloud Identity and Access Management Practices
* Use Secure Cloud Key Management Practices
* Implement Network Segmentation and Encryption in Cloud Environments
* Secure Data in the Cloud
* Defending Continuous Integration/Continuous Delivery (CI/CD) Environments
* Enforce Secure Automated Deployment Practices through Infrastructure as Code
* Account for Complexities Introduced by Hybrid Cloud and Multi-Cloud Environments
* Mitigate Risks from Managed Service Providers in Cloud Environments
* Manage Cloud Logs for Effective Threat Hunting
* Each strategy comes with an additional cybersecurity information sheet detailing how to implement it.
The sheets offer recommended steps and best practices from the NSA and CISA for cloud security, along with links for further details and resources.