Cloud Security | Breaking Cybersecurity News | The Hacker News

When generative AI tools became widely available in late 2022, it wasn't just technologists who paid attention. Employees across all industries immediately recognized the potential of generative AI to boost productivity, streamline communication and accelerate work. Like so many waves of consumer-first IT innovation before it—file sharing, cloud storage and collaboration platforms—AI landed in the enterprise not through official channels, but through the hands of employees eager to work smarter. Faced with the risk of sensitive data being fed into public AI interfaces, many organizations responded with urgency and force: They blocked access. While understandable as an initial defensive measure, blocking public AI apps is not a long-term strategy—it's a stopgap. And in most cases, it's not even effective. Shadow AI: The Unseen Risk The Zscaler ThreatLabz team has been tracking AI and machine learning (ML) traffic across enterprises, and the numbers tell a compelling story. In 2024 ...

Your identity environment holds the keys to your most critical data in the form of privileged accounts. Industry consolidation and a desire for company growth both often lead to mergers or acquisitions which, if not managed closely, can wreak havoc on an identity landscape. Mergers of identity environments create a glut of identities and identity accounts to manage, some of which may be redundant. They also introduce new 3rd parties, contractors and non-human identities like service accounts, bots etc.... into the equation. In addition, a merger or acquisition could hybridize the identity landscape, adding Cloud applications to on-prem resources, and vice versa. All of this increases the attack surface if not managed properly. As the two companies determine how to best work together, there is a level of uncertainty that can result in temporary measures as a stop-gap. Temporary access is often granted to provide employee, contractor and third party access to applications and privile...

Sub: GenAI is here to stay. The organizations that thrive will be those that understand its risks, implement the right safeguards, and empower their employees to harness it safely and responsibly. For many people, generative AI (GenAI) began as personal experimentation in homes and on personal devices. Now, however, AI has become deeply ingrained in workplace habits, creating productivity gains, but also exposing organizations to significant security gaps. Sensitive company data, inadvertently or otherwise, regularly finds its way into public AI systems, leaving IT and cybersecurity leaders scrambling to respond. Once proprietary data is processed by a public AI tool, it may become part of the model's training data, serving other users down the line. For example, in March 2023, a multinational electronics manufacturer was reported to have experienced several incidents of employees entering confidential data, including product source code, into ChatGPT. Generative AI applications, su...

As AI continues to make inroads into enterprise security, it's easy to see the appeal: faster triage, smarter detection, and fewer manual workflows. From SOAR platforms streamlining alerts to AI-enhanced identity systems approving access requests in milliseconds, the value proposition is clear — greater efficiency, speed, and scale. But here's the rub: speed without scrutiny can lead to security drift. AI is a powerful enabler, not an autonomous guardian. And in corporate security — where stakes include sensitive employee data, internal intellectual property, and privileged infrastructure — the absence of human oversight isn't just risky; it's potentially catastrophic. AI as a Copilot, Not a Commander In modern corporate security environments, AI-driven tooling is increasingly embedded into day-to-day operations. Triage systems leverage AI to correlate alerts, automation scripts to remediate routine issues, and IAM platforms auto-approve low-risk access. These advancements undenia...

Salesforce Is Mission-Critical, but That Doesn't Mean It's Protected At the beating heart of customer operations, the scope of Salesforce goes well and beyond traditional customer relationship management (CRM) systems. As a system of records, a sales engine, a service dashboard, and a repository for years of business-critical insight, deals flow through it continuously. Strategies depend on it. Customer relationships live or die by what they contain.  Yet, despite this, a dangerous misconception persists: "It's in the cloud, so it must be safe." Unfortunately, this assumption is as costly as it is common.  Here's the reality. Salesforce operates under a shared responsibility model , meaning your cloud provider — in this case, Salesforce — is responsible for platform uptime, infrastructure integrity, and security of the cloud. But you, the customer, are responsible for its actual content (your data, your metadata, and your configurations). So, while Salesforce protects th...

Compliance is often treated as a paper exercise, something to tolerate, check off and forget. But in a threat landscape shaped by ransomware-as-a-service, AI-augmented phishing campaigns, and supply chain breaches, delaying compliance doesn't just create business and operational friction. It creates risk.  When compliance is layered late, organizations face mounting costs: duplicated controls, misaligned security priorities, reactive remediation efforts, and worst of all, security blind spots that attackers can exploit. Treating compliance as an afterthought is a gamble.  In this post, we highlight the real cost of sidelining compliance and why embedding compliance into your security strategy from the start is not just good hygiene, it's essential engineering.  Security and Compliance: Not Opposites, but Allies It's easy to think of security as "protecting" and compliance as "documenting". But that split is artificial. Frameworks like ISO/IEC 27001, NIST CSF, PCI ...

With thousands of endpoints, cloud instances, remote users, and third-party integrations, securing the enterprise has become a massive target. Each change in the IT environment - whether driven by digital transformation, M&A activity, or routine system updates - creates new opportunities for adversaries to leverage. Yet, the network is the backbone of business operations. It must always be available to support production, collaboration, and growth.  In this article, we'll explore the specific challenges large enterprises face when validating their security posture and how leading security teams are evolving their testing strategies to match the scale, speed, and sophistication of large, multi-faceted IT networks.  The Challenges of Validating Enterprise Network Security Enormous attack surface - In large enterprises, the attack surface spans countless assets across on-prem, cloud, and hybrid environments, making comprehensive security validation incredibly complex. Ac...

Identity Is the New Perimeter—And It's Fractured In 2025, identity isn't just a security issue—it's the battleground. And too many organizations are getting caught flat-footed. Organizations today must reckon with complex hybrid environments that contain interconnected endpoints, servers, cloud services, DevOps systems, identity infrastructure, and much more. And with enterprise systems no longer fitting neatly into a single network perimeter, the identities used to interact with these systems have become the new perimeter.  A strong cybersecurity foundation starts with clear visibility that puts risk in content. Identity security is no different. However, in practice, identity management systems are anything but centralized. Building IDs and access to physical offices are handled by one system. Logins to Windows machines are generally managed with Windows domains and Active Directory—but what about Macs and Linux machines? Companies use Okta, Ping Identity, or the equivalent ...

Gone are the days of mass phishing campaigns. Today's attackers are leveraging generative AI (GenAI) to deliver hyper-targeted scams, transforming every email, text, or call into a calculated act of manipulation. With flawless lures and tactics designed to outsmart AI defenses, cybercriminals are zeroing in on HR, payroll, and finance teams—exploiting human vulnerabilities with precision. The Zscaler ThreatLabz 2025 Phishing Report dives deep into the rapidly evolving phishing landscape and uncovers the latest trends, including top phishing targets, real-world examples of AI-driven phishing attacks, and actionable best practices to defend against the next wave of AI-powered phishing threats. Key findings on phishing attacks The ThreatLabz research team analyzed over 2 billion blocked phishing transactions captured across the Zscaler Zero Trust Exchange™ cloud security platform from January 2024 to December 2024 and uncovered several key findings: Phishing is down but is more tar...

In today's digital landscape, where cyber threats are becoming increasingly sophisticated and pervasive, organizations must take a hard look at their traditional security models. For over three decades, firewalls and VPNs have been the backbone of network security. However, as the threat landscape evolves, it's clear that these legacy systems are no longer sufficient. Enter the Zero Trust model, exemplified by innovative solutions like Zscaler, which could revolutionize the way your organization approaches cybersecurity. Understanding the Risks Public IP Addresses as Attack Surfaces One of the critical vulnerabilities inherent in traditional security models is the reliance on public IP addresses. These addresses serve as direct attack surfaces for malicious actors. Just as having your phone number in a public directory makes you susceptible to unwanted calls, exposing public IPs makes organizations vulnerable to cyberattacks. Attackers can easily discover these IPs, allowing th...

Many of the day-to-day digital operations of businesses, governments, and critical infrastructure have one thing in common: Microsoft. From the Microsoft Windows operating systems powering endpoints and servers, to Azure's rapidly growing cloud services, Microsoft's products are everywhere, making the company and its products attractive targets for threat actors seeking to exploit vulnerabilities at scale.  With more than 1.4 billion Windows users around the globe and the adoption of platforms like Microsoft 365, Active Directory, and Azure surging, a single exploitable vulnerability in a Microsoft product can open the door to privilege escalation, lateral movement, or ransomware deployments that impact tens of thousands of interconnected systems. Whether nation state or financially motivated, modern cyber-crime syndicates will consistently take the path of least resistance, and vulnerable assets are a reliable attack vector. For twelve years, the Microsoft Vulnerabilities Repor...