The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...
InfoWorld

‘Silent’ Google API key change exposed Gemini AI data

API key exploitation is more than hypothetical. In a different context, a student who reportedly exposed a GCP API key on GitHub last June was left nursing a $55,444 bill (later waived by Google) ...
InfoWorld

Why are we still confused about cloud security?

A report by cloud security company Tenable discovered that 74% of companies surveyed had exposed storage or other misconfigurations. This is a dangerous open door to cybercriminals. Overall, cloud ...
Security

FireTail API Security Report reveals 80% increase in API breaches in 2024

MCLEAN, Va. -- FireTail Inc. today published The State of API Security 2024 report, a comprehensive analysis of the API security landscape and how this technology is reshaping cybersecurity as we know ...
Infosecurity-magazine.com

Security Leaders Acknowledge API Security Gaps Despite Looming Threat

A vast majority of security leaders are aware that application programmable interfaces (APIs) have become a worrying attack vector. Yet, in a new study, cloud computing service provider Fastly found ...
Security

Black Hat 2024: Cloud Security Alliance releases Top Threats to Cloud Computing 2024 Report

Black Hat Conference—Traditional cloud security issues often associated with cloud service providers (CSPs) are continuing to decrease in importance, according to the Top Threats to Cloud Computing ...
CSOonline

Cloud Computing

Is Your Security Truly “Cloud-Native”? The cloud is designed to simplify delivery, scale, and management in order to drive innovation. Can it also be a force-multiplier for security?
SiliconANGLE

Akamai enhances API security with new native connector for Connected Cloud

Content delivery network and cloud services provider Akamai Technologies Inc. today announced a new native connector between Akamai API Security and the Akamai Connected Cloud that simplifies the ...
CRN

Cloud Computing Security Policies, Procedures Lacking

The majority of companies deploying cloud computing solutions have no cloud-specific security policies and procedures in place and have no measures to approve or evaluate cloud applications that use ...
Computerworld

Cloud computing security skeptics abound

The prospect of data security in cloud computing — particularly public-cloud computing — has security professionals taking a cautious approach. “We are a very conservative risk-adverse company by ...