Cybersecurity & Cloud Digest — 2026-02-09 09:03

```html

Curated Digest: Cybersecurity & Networking/Cloud Insights

What ASEAN Governments Can Learn from the Russian State-Backed Attacks on Amazon Web Services

The recent state-sponsored cyberattacks on Amazon Web Services (AWS) highlight vulnerabilities in cloud infrastructure that ASEAN governments must address. The article discusses the implications of these attacks and the importance of enhancing cybersecurity measures to protect critical digital assets.

Understanding these tactics can help security practitioners in ASEAN develop more robust defenses against similar threats, ensuring the integrity and availability of their cloud services.

Read more

Cybersecurity breaches top risk for India Inc, says FICCI-EY Survey

A recent survey has identified cybersecurity breaches as the foremost risk facing Indian corporations. The findings emphasize the urgent need for enhanced security protocols and employee training to mitigate potential threats.

For security professionals, this highlights the critical need to prioritize cybersecurity measures and foster a culture of security awareness within organizations to combat the rising tide of cyber threats.

Read more

Cybersecurity Laws Tighten As Asia And World Respond

In response to increasing cyber threats, many Asian nations are tightening their cybersecurity laws. This shift aims to enhance regulatory frameworks and improve the overall security posture of organizations operating within these regions.

For cybersecurity practitioners, staying informed about evolving regulations is essential for compliance and for implementing effective security strategies that align with legal requirements.

Read more

Cybersecurity Weekly Newsletter - Notepad++ hack, Office 0-Day, ESXi 0-day Ransomware Attacks and More

This week's newsletter covers significant cybersecurity incidents, including a Notepad++ hack and multiple 0-day vulnerabilities affecting Microsoft Office and ESXi. The report emphasizes the urgency of patching and updating systems to protect against these exploits.

Security teams must remain vigilant and proactive in applying updates and educating users about potential threats to minimize the risk of exploitation.

Read more

'Cloud-based data, AI pipelines make development easier': Infosys' Anant Adya

Anant Adya of Infosys discusses how cloud-based data and AI pipelines streamline development processes. This shift allows organizations to leverage advanced analytics and machine learning, improving operational efficiency and innovation.

For cloud practitioners, understanding these advancements is crucial for optimizing cloud architectures and harnessing AI capabilities effectively within their organizations.

Read more

Quick Takeaways

• ASEAN governments must enhance cybersecurity measures in light of recent attacks.
• Cybersecurity breaches are a top concern for Indian corporations, necessitating improved protocols.
• Asia is tightening cybersecurity laws to bolster defenses against increasing threats.
• Staying updated on vulnerabilities and patches is critical for security teams.
• Cloud technologies are transforming development processes, emphasizing the need for skilled practitioners.

Sources

• Fulcrum.sg
• Deccan Herald
• MillenniumPost
• Evrim Ağacı
• CybersecurityNews

```

Cybersecurity & Cloud Digest — 2026-02-05 08:07

```html

Curated Digest: Cybersecurity and Networking/Cloud Insights

CISA: VMware ESXi flaw now exploited in ransomware attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has reported that a critical vulnerability in VMware ESXi is being actively exploited by ransomware groups. This sandbox escape flaw, previously identified in zero-day attacks, poses significant risks to organizations using affected versions of the software.

Why it matters: Security professionals must prioritize patching this vulnerability to mitigate the risk of ransomware attacks, as threat actors are increasingly targeting unpatched systems.

Source

CISA warns of five-year-old GitLab flaw exploited in attacks

CISA has issued a warning regarding a five-year-old vulnerability in GitLab that is currently being exploited in cyberattacks. The agency has urged government entities to apply necessary patches to protect their systems from potential breaches.

Why it matters: This incident underscores the importance of maintaining up-to-date software and regular patching practices to defend against attacks that leverage known vulnerabilities.

Source

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

A newly identified malware campaign named DEAD#VAX is using innovative techniques to deploy the AsyncRAT malware. This campaign utilizes IPFS-hosted VHD files and sophisticated obfuscation methods to evade detection and execute its payload.

Why it matters: Security teams should be aware of this campaign's tactics, as it highlights the evolving nature of malware delivery methods and the need for enhanced detection capabilities.

Source

NetSecOPEN Validates Cisco 8375 Secure Routers: Security and Performance for the Branch

Independent tests by NetSecOPEN have validated the Cisco 8375 secure routers, confirming that they deliver both high security and performance for branch locations. These routers integrate advanced routing capabilities with next-generation firewall features.

Why it matters: Organizations can now achieve a balance between security and performance in their branch networks, which is critical for maintaining operational efficiency while safeguarding against threats.

Source

Amazon EC2 C8id, M8id, and R8id instances with up to 22.8 TB local NVMe storage are generally available

AWS has announced the general availability of new EC2 instance types—C8id, M8id, and R8id—offering up to 22.8 TB of local NVMe storage. These instances provide significant improvements in vCPUs, memory, and storage capabilities, catering to demanding workloads.

Why it matters: Cloud practitioners can leverage these new instance types for high-performance applications, making them ideal for data-intensive tasks and enhancing overall cloud infrastructure efficiency.

Source

Quick Takeaways

• Critical VMware ESXi vulnerability is being exploited in ransomware attacks.
• A five-year-old GitLab flaw remains a target for attackers, highlighting the need for timely patching.
• The DEAD#VAX malware campaign showcases advanced evasion techniques using legitimate features.
• Cisco's validated routers offer a blend of security and performance for branch networking.
• AWS's new EC2 instances enhance cloud performance for data-intensive applications.

Sources

• CISA: VMware ESXi flaw now exploited in ransomware attacks
• CISA warns of five-year-old GitLab flaw exploited in attacks
• DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files
• NetSecOPEN Validates Cisco 8375 Secure Routers: Security and Performance for the Branch
• Amazon EC2 C8id, M8id, and R8id instances with up to 22.8 TB local NVMe storage are generally available

```

Cybersecurity & Cloud Digest — 2026-02-04 07:58

```html

Curated Digest: Cybersecurity and Networking/Cloud Insights

Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata

Docker has patched a significant vulnerability in its Ask Gordon AI assistant, which could have allowed malicious actors to execute arbitrary code through image metadata. This flaw, identified by Noma Labs and dubbed DockerDash, posed a risk of sensitive data exfiltration.

For security practitioners, this incident underscores the importance of regular vulnerability assessments and timely patch management in containerized environments to protect sensitive data and maintain system integrity.

Source

Critical Flaws in Ivanti EPMM Lead to Fast-Moving Exploitation Attempts

Recent reports indicate that critical vulnerabilities in Ivanti's Endpoint Manager Mobile (EPMM) are being rapidly exploited. These flaws could allow unauthorized access to sensitive information, raising alarms among security professionals.

This situation highlights the urgent need for organizations to prioritize patching and monitoring of mobile management solutions to mitigate potential breaches and protect user data.

Source

Microsoft SDL: Evolving Security Practices for an AI-Powered World

Microsoft's Security Development Lifecycle (SDL) has been updated to address the unique challenges posed by AI technologies. The initiative focuses on integrating policy, research, and practical tools to enhance the security of AI systems against evolving cyber threats.

This evolution in security practices is crucial for organizations leveraging AI, as it provides a framework to proactively address vulnerabilities and ensure compliance with emerging regulations.

Source

Static Security Models Broken for Dynamic Cloud

A recent analysis reveals that traditional static security models are inadequate for the dynamic nature of cloud environments. As organizations increasingly adopt cloud solutions, the need for adaptive security measures becomes critical to address evolving threats.

This insight is vital for security professionals, as it emphasizes the necessity for agile security frameworks that can respond to the rapid changes inherent in cloud infrastructures.

Source

NBC Sports Selects Cisco as Networking Provider

NBC Sports has chosen Cisco as its networking provider, aiming to enhance its broadcast capabilities and ensure reliable connectivity. This partnership is expected to improve the network infrastructure supporting NBC's sports events.

For networking professionals, this collaboration illustrates the importance of selecting robust and scalable networking solutions to support high-demand applications in media and entertainment sectors.

Source

Quick Takeaways

• Docker has patched a critical vulnerability in its AI assistant, emphasizing the need for timely updates in container security.
• Ivanti's EPMM vulnerabilities are being actively exploited, highlighting the importance of mobile security management.
• Microsoft's updated SDL reflects the growing need for AI security frameworks.
• Static security models are insufficient for dynamic cloud environments, necessitating adaptive security strategies.
• NBC Sports' partnership with Cisco underscores the importance of reliable networking in high-demand sectors.

Sources

• Docker Fixes Critical Ask Gordon AI Flaw
• Critical Flaws in Ivanti EPMM
• Microsoft SDL: Evolving Security Practices
• Static Security Models Broken for Dynamic Cloud
• NBC Sports Selects Cisco as Networking Provider

```

Cybersecurity & Cloud Digest — 2026-02-03 19:01

```html

Curated Digest: Cybersecurity in Networking and Cloud

APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

The notorious Russian hacking group APT28 has been linked to attacks exploiting a newly discovered vulnerability in Microsoft Office, identified as CVE-2026-21509. These attacks, part of a campaign dubbed Operation Neusploit, have primarily targeted users in Ukraine, Slovakia, and Romania.

Why it matters: This incident underscores the ongoing threat posed by state-sponsored actors and highlights the importance of timely patching and vulnerability management in organizational cybersecurity strategies.

Source

When Cloud Outages Ripple Across the Internet

Recent outages from major cloud service providers like AWS, Azure, and Cloudflare have caused widespread disruptions, impacting numerous websites and applications. These incidents reveal the interconnectedness of cloud services and the potential for cascading failures across the internet.

Why it matters: Understanding the implications of cloud outages is crucial for IT professionals as they design more resilient architectures and develop contingency plans to minimize downtime and service disruption.

Source

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

The Lotus Blossom hacking group, associated with China, has been implicated in a breach of the infrastructure hosting Notepad++. This breach facilitated the deployment of a new backdoor, known as Chrysalis, targeting users of the popular open-source text editor.

Why it matters: This incident highlights the risks associated with open-source software and the need for robust security measures to protect against state-sponsored threats that exploit widely-used applications.

Source

Cisco is Proud to Champion the UK’s Software Security Code of Practice

Cisco has taken a proactive stance in supporting the UK's Software Security Code of Practice, aimed at enhancing the security of software supply chains. This initiative seeks to build greater trust in digital services by establishing clear security benchmarks for software development.

Why it matters: For security practitioners, this code represents a significant step towards standardized security practices in software development, which can help mitigate vulnerabilities and enhance overall cybersecurity posture.

Source

Can Europe’s Digital Markets Act and Data Act Rein in Cloud Hyperscalers?

The European Union's Digital Markets Act and Data Act aim to regulate cloud service providers and promote fair competition. These legislative measures are designed to address concerns about the dominance of major cloud hyperscalers and their impact on the market.

Why it matters: Security and network professionals should stay informed about these regulations, as they could influence compliance requirements and operational strategies for organizations leveraging cloud services in Europe.

Source

Quick Takeaways

• State-sponsored actors continue to exploit vulnerabilities in widely-used software.
• Cloud outages can have significant ripple effects across the internet, necessitating better resilience planning.
• Open-source software remains a target for sophisticated cyber threats.
• Standardized security practices are critical for enhancing software supply chain security.
• Regulatory measures in Europe may reshape the cloud service landscape and compliance requirements.

Sources

• APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
• When Cloud Outages Ripple Across the Internet
• Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group
• Cisco is Proud to Champion the UK’s Software Security Code of Practice
• Can Europe’s Digital Markets Act and Data Act Rein in Cloud Hyperscalers?

```

Cybersecurity & Cloud Digest — 2026-02-03 10:23

```html

Curated Digest: Cybersecurity and Networking/Cloud Updates

Russian hackers exploit recently patched Microsoft Office bug in attacks

Ukraine's Computer Emergency Response Team (CERT) has reported that Russian cybercriminals are taking advantage of CVE-2026-21509, a vulnerability recently fixed in Microsoft Office. This exploitation highlights the ongoing threat posed by state-sponsored actors utilizing known vulnerabilities to launch attacks.

Why it matters: Security professionals must prioritize patch management and monitor for unusual activities, especially in environments using Microsoft Office, to mitigate potential breaches.

Source

New GlassWorm attack targets macOS via compromised OpenVSX extensions

A new malware campaign, dubbed GlassWorm, is targeting macOS users through compromised OpenVSX extensions. The attack aims to steal sensitive information, including passwords and crypto-wallet data, posing significant risks to developers and users alike.

Why it matters: As macOS environments become increasingly targeted, practitioners must ensure that third-party extensions are vetted and that users are educated on the risks of installing unverified software.

Source

WARNING: Notepad++ Hijacked By China State-Sponsored Threat Actors

Recent reports indicate that Notepad++, a popular text editor, has been compromised by state-sponsored threat actors from China. This incident underscores the vulnerabilities associated with widely-used software and the potential for sophisticated attacks on software supply chains.

Why it matters: Security teams should assess the integrity of their software supply chains and implement measures to detect and respond to potential compromises in widely-used applications.

Source

Google Cloud, Liberty Global sign five-year AI and cloud partnership across Europe

Google Cloud has entered into a significant partnership with Liberty Global, focusing on AI and cloud services across Europe. This collaboration aims to enhance digital transformation initiatives and leverage advanced technologies for improved customer experiences.

Why it matters: Cloud practitioners should stay informed about such partnerships, as they can lead to new tools and services that may enhance their own cloud strategies and offerings.

Source

AWS Weekly Roundup: Amazon Bedrock agent workflows, Amazon SageMaker private connectivity, and more

The latest AWS updates include enhancements to Amazon Bedrock agent workflows and the introduction of private connectivity for Amazon SageMaker. These developments aim to streamline workflows and improve data security for users leveraging AWS services.

Why it matters: Cloud practitioners should explore these new features, as they can significantly enhance operational efficiency and security within their AWS environments.

Source

Quick Takeaways

• Russian hackers are actively exploiting a recently patched Microsoft Office vulnerability.
• The GlassWorm malware campaign targets macOS users through compromised extensions.
• Notepad++ has been hijacked by state-sponsored actors, raising supply chain security concerns.
• Google Cloud's partnership with Liberty Global signifies a push towards AI and cloud integration.
• AWS introduces new features that enhance security and efficiency for cloud users.

Sources

• Bleeping Computer
• Bleeping Computer
• LinkedIn
• Storyboard18
• AWS Blog

```