- UK’s spy agencies have given a contract to AWS to host classified material. Their intention is to boost use of data analytics and artificial intelligence for espionage. The agreement, estimated by industry experts to be worth £500m to £1bn over the next decade. The Guardian has reported that “the contract with Amazon is likely to ignite concerns over sovereignty because the UK’s most secret data will be hosted by a single US tech company” – Quite the interesting comment and Cloud Security News would love to hear your thoughts on this
- It’s also the season for Revenue announcements for Quarter 3 for our big cloud providers. Google announced this week that Google Cloud revenue jumped 45 percent to $4.99 billion in the third quarter compared to the same period last year, reflecting significant growth in infrastructure and platform services along with Google Workspace.
- Google CEO Sundar Pichai said that part of Google Cloud’s strength is that its open, scalable and flexible approach. You can view the results here. To compare, Microsoft also announced their Quarter 3 revenue for Intelligent Cloud (which comprises the Azure public cloud, enterprise services, GitHub, SQL Server, System Center, Visual Studio and Windows Server) to be $17.0 billion, an increase of 31% – Server products and cloud services revenue increased 35% driven by Azure and other cloud services revenue growth of 50%. You can view the results here . Amazon is due to announce their revenue tomorrow and we will include the same for you in next weeks episode.
- Microsoft shared earlier this month that things remain “Business as usual for Azure customers despite 2.4 Tbps DDoS attack” in Europe. They reported that the attack traffic originated from approximately 70,000 sources and from multiple countries in the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as from the United States. Microsoft explained further that attacks of this size demonstrate the ability of bad actors to wreak havoc by flooding targets with gigantic traffic volumes trying to choke network capacity however reassured that Azure’s DDoS protection platform, built on distributed DDoS detection and mitigation pipelines, can absorb tens of terabits of DDoS attacks. Read the full statement from Microsoft here
- Keeping in theme with updates from Microsoft – The Microsoft Threat Intelligence Center (MSTIC) has detected nation-state activity associated with NOBELIUM, the threat actors behind theSolarWinds compromise in 2020. They are attempting to gain access to downstream customers of multiple cloud service providers (CSP), managed service providers (MSP), and other IT services organizations that have been granted administrative or privileged access by other organizations. NOBELIUM is looking to exploit existing technical trust relationships between the provider organizations and the governments, think tanks, and other companies they serve. To protect yourself and your organization, Microsoft recommends enabling MFA (multi factor authentication) and enforcing conditional access policies, adopting a Secure Application Model Framework and regularly checking Partner Center Activity Logs. It’s quite the interesting read and the full blog can be found here.
- If you use discourse, a popular open source forum software, you should make sure that you update to Discourse versions 2.7.9 or later, as a security bug has been found that affects Discourse versions 2.7.8 and earlier. The bug is triggered through a malicious Amazon SNS subscription payload. Amazon SNS is Amazon’s Simple Notification Service, a fully managed messaging service for both application-to-application and application-to-person. The security bug if left unpatched may allow attackers to remotely execute commands on the vulnerable systems.
- Whilst Discourse vulnerabilities have been patched, popular Discord – online chats, voice, and video call platform with 150 million active users is becoming a tempting target for bad actors. Check Point Research has stated that “The Discord API does not require any type of confirmation or approval and is open for everyone to use,”. Check Point explained that it found several malicious GitHub repositories featuring malware based on the Discord API and malicious bots. According to Checkpoint “due to these Discord API freedoms, the only way to prevent Discord malware is by disabling all Discord bots. Discord bots for those of you not familiar with discord is artificial intelligence that can perform several useful tasks on your server automatically . Preventing Discord malware can’t be done without harming the Discord community. As a result, it’s up to the users’ actions to keep their devices safe.” Have a read of the entire blog here
