Pentagon cloud deal, Apple now encrypts iCloud backups, CloudSEK hacked by cybersecurity firm?
Pentagon awards cloud deal to four major providers
The Pentagon said Wednesday that Amazon, Google, Microsoft and Oracle received a cloud-computing contract that could total as high as $9 billion through 2028. The approach aligns to the US Defense Department’s strategy of relying on multiple remote technology infrastructure providers to improve resiliency. Back in 2019, the Pentagon awarded a cloud deal to Microsoft, but upon a series of challenges (including from AWS and Oracle), the agency expanded its requests for bids to include the four tech giants.?
(CNBC )
Apple finally adds encryption to iCloud backups
On Wednesday, Apple unveiled its “Advanced Data Protection” features including end-to-end encryption for iCloud backups as well as iMessage Contact Key Verification, which allows users to verify who they’re communicating with. Apple also now allows users to use a hardware Security Key such as a USB drive or near-field communication (NFC) dongles for two-factor authentication to protect their Apple ID account. In addition to iCloud backups, Apple’s encryption also now covers Contacts, Notes, Photos, Voice Memos and Wallet Passes. The only data still not covered by Advanced Data Protection are iCloud Mail, Contacts, and Calendar due to compatibility reasons. Advanced Data Protection is currently in beta in the US and will be made available to all US users by the end of the year. The feature will start rolling out globally in early 2023.
(Computerworld ?and?WSJ )
CloudSEK claims it was hacked by another cybersecurity firm
India-based security firm CloudSEK says a threat actor gained access to its Confluence server using credentials stolen from one of its employee’s Jira accounts. While some internal info was exfiltrated from its Confluence wiki, CloudSEK says the attackers did not compromise its databases. A threat actor named ‘sedut’ has leaked some of CloudSEK’s internal data and is trying to sell what they claim is CloudSEK’s database, codebase, and product docs on various hacking forums. CloudSEK’s CEO, Rahul Sasi, stated he believes that a “notorious Cyber Security company that is into Dark web monitoring” is responsible for the attack. CloudSEK refused to provide the name of the firm they believe is behind the attack.
Microsoft’s November patches continue to break things
According to Microsoft, ODBC connections to some apps may fail after installing the November 2022 Patch Tuesday Windows updates. Microsoft clarified that the issue is associated with connections using SQL Server Driver (sqlsrv32.dll). Microsoft published instructions for customers to diagnose the issue and says it is still working on a fix. In mid-November, Microsoft?addressed domain controller sign-in failures and the company continues to investigate ongoing domain controller freezes and restarts. These issues were also triggered by last month’s Patch Tuesday Windows Server updates.
领英推荐
Thanks to today’s episode sponsor, PlexTrac
Watchdog reveals UK agency use of unsupported applications
The UK’s National Audit Office (NAO) has revealed that nearly one third (30%) of applications used by the Department for Environment, Food and Rural Affairs (Defra) are unsupported. The issue, which is commonly referred to as “tech debt”, means that apps can no longer receive security or software updates. Defra provides critical services related to disease prevention, flood protection and air quality and a major cyber incident could have severe consequences. The NAO concluded that while Defra is taking steps to address urgent system risks and vulnerabilities, it lacks an adequate digital transformation plan. The government has provided Defra with £366m ($445m) to make IT investments over the next three years.
FFT and Ransomware account for bulk of cyber insurance claims
According to figures from Corvus, fraudulent funds transfer (FFT) and ransomware caused the most financial damage in 2022, accounting for more than 50% of insurance claims. FFT accounted for an all-time high 36% of all claims this year. There were fewer ransomware claims in H1 2022 compared to H2 2021, however the rate of data exfiltration increased by 25% over the same period. The prevalence of FFT highlights the growing effectiveness of business email compromise (BEC) scams with FFT representing 70% of all BEC-related claims. The average FFT claim was significantly lower than ransomware due to the fact that such incidents typically don’t include costs of data restoration, system recovery, business interruption or breach response efforts.
New Zerobot malware leverages an array of exploits
A new Go-based malware named ‘Zerobot’, was first spotted in mid-November, and exploits 21 vulnerabilities across numerous devices including F5 BIG-IP, Zyxel firewalls, Totolink and D-Link routers, and Hikvision cameras.?Zerobot scans networks and self-propagates to adjacent devices with the goal of adding compromised devices to a distributed denial-of-service (DDoS) botnet. Researchers indicate that since November a new version of Zerobot has emerged with improved obfuscation and exploit capabilities signaling that the malware is under active development.
San Francisco makes U-turn on ‘killer robots’ plan
We reported last week that San Francisco’s city legislators passed a proposal to authorize police to kill suspects using robots equipped with lethal weapons. Protesters and several dissenting board members gathered on the steps of city hall to call for the city to reverse its decision. On Tuesday, the board did just that, in a secondary vote which normally serves to rubber-stamp board decisions. The original proposal will now be refined or entirely scrapped. This type of lethal robot is already in use in other parts of the US.
(BBC )