Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Didn’t take them long did it?

The exploitation of cloud services is a flexible weapon in the hands of attackers, so flexible that we uncover new campaigns abusing legitimate apps on a daily basis.

Google Cloud HSM (Hardware Security Module) is a cloud service offered by Google that delivers secure key storage and cryptographic operations within a hardware environment that is set apart from any other instances. In contrast to HSMs, these hardware devices originated for the purpose of keeping cryptographic keys safe and executing cryptographic operations in a secure, tamper-resistant manner.

Data safety has become a primary issue for business organizations of any scale as they move to cloud computing. With businesses using cloud services to save and run critical information, the development of confidence encryption and essential management techniques is paramount. Several security methods have become popular; bring your own key (BYOK) is among them.

The growing sophistication of threat actors, supply chain disruptions, and the potential for systemic and catastrophic losses make for a precarious landscape for insurers and those seeking insurance. To help customers reduce risk at scale, insurers and brokers must adopt technology in order to visualize vulnerabilities while also forecasting, quantifying, and monitoring risks.

This article is a must-read guide on email security in healthcare. It analyzes the regulatory complexities of HIPAA, outlines practical strategies for secure communications, and sheds insights into why your healthcare organization may need to take action. By the end of reading this guide, you’ll be able to make informed choices regarding your email practices.

Many acronyms and security concepts come and go without much traction, but the term continuous threat exposure management (CTEM) seems to be taking hold for the foreseeable future. CTEM, a term originally coined by Gartner, offers a cyclical approach to finding and mitigating threat exposure—which is the accessibility and exploitability of digital and physical assets—in an ongoing, proactive, and prioritized way.