Google Further Strengthens its Cloud Security, Over 500,000 Car-Tracking Device Passwords Leaked and More in This Week’s News

4 Min read

Google Announces New Cloud Security Initiatives

Last week Google announced two new initiatives that are bound to further strengthen their presence in the cloud security sphere.

Reduce your AWS costs by over 50%

Discover your Cloud Saving Potential – Answer just 5 simple questions. AppsFlyer, Playtika, Lufthansa, IBM, top leading companies are already using our FinOps services.

Reduce your AWS costs by over 50%

Forseti Security and Google Cloud Endpoints are the new frameworks that will be available to developers. The first, Forseti Security, is a joint effort brought forward with Spotify aimed to develop an open-source security toolkit that focuses on GCP security.

Forseti has three main features. It catalogues and informs developers about what’s present in their cloud. Then the Scanner feature offers both monitoring and warning systems. Last, the Enforcer feature makes sure that policy files and resources stay as intended, by detecting and fixing GCP resources discrepancies through Google Cloud APIs.

The second project, Google Cloud Endpoints, is meant to help developers better manage their APIs. It mainly deals with API keys and the way developers distribute them, by giving them control over JSON Web Tokens.

Google has been moving aggressively to boost their cloud security. The new tools in the cloud security toolbox are just confirming it.

Read More:


Passwords for 540,000 Car Tracking Devices Leaked

Over half a million records from the SVR Tracking company have been leaked. The exposed data contains personal and vehicle data of both drivers and businesses using the service.

The wide open misconfigured Amazon web server was first discovered by Kromtech Security Center. The public storage bucket left publicly accessible a cache containing some 540,000 SVR accounts.

The leaked data contained email addresses and passwords, users’ vehicle data (VIN – vehicle identification numbers, and GPS IMEI numbers), as well as information on 427 dealerships that use SVR’s services.

The exposed database contained exact information about exactly in the car the physical tracking unit was placed. It is still unclear if the data was accessed by hackers.

Read More:

MacKeeper Blog, Hacker News

Cloud Apps Growing in Popularity – 40% of European Organisations Uses Them

According to a recent research by IDC, 25% of EU businesses are using a hybrid approach to app hosting. The cloud, however, is becoming increasingly popular, with 40% of organisations claiming they keep on and off-premise environments separated.

IDC also found that 31% of businesses prefer hosting front-end tech on the public cloud, with back-end infrastructure on on-premise. The company also said it doesn’t seem as a sustainable model on the long run.

Connecting cloud environments with ad hoc bridges in a hybrid fashion won’t be enough in 2018, (…) Nor will standardising on one external provider, at least for large or innovative companies. Developers and line of business require ‘best of breed,’ and the purchasing department wants to avoid being locked in.

Giorgio Nebuloni, Research Director @ IDC European Infrastructure Group

The research has once again highlighted the need for businesses to embrace a multi-cloud strategy in order to optimize their app environments.

Read More:

Cloud Pro, IDC

Viacom Leaves Data Up for Grabs on Unconfigured Amazon Server

A researcher from UpGuard recently discovered a misconfigured Amazon Web Server S3 cloud storage bucket with around 1GB of credentials and Viacom backend configuration files.

The exposed credentials could have easily been misused by hackers to bring down Viacom’s IT infrastructure. The available data could also have granted access to MTV, Paramount Pictures and Nickelodeon cloud servers.

The exposed data also contained Viacom’s master key to Amazon Web Services account, and the credentials required to build and maintain Viacom servers.

UpGuard contacted Viacom executives promptly. All the credentials have since been changed and the server has been secured. It’s still unclear if hackers were able to exploit the “up for grabs”. The media giant, however, claims there is no evidence of data abuse.

Read More:

Hacker News

SAP Acquires Gigya to Bring Identity Management to its Hybris Suite

SAP announced the acquisition of identity management company Gigya. The deal, which has been widely reported to be worth some $350 million, is aimed to integrate Gigya features into SAP’s Hybris platform.

The move will allow Europe’s largest software company to further expand its e-commerce services.

Gigya brings a wealth of skills and expertise that will significantly enhance the SAP Hybris Profile solution and allow us to take leadership of the emerging customer identity and access management market

Carsten Thoma, President and Co-founder @ SAP Hybris

Gigya serves roughly 1.3 billion customers globally across sites that use its software to manage identities and profiles. The deal will ultimately enable SAP to track the details of where and how customers shop, whether it be online, in-store or through mobile apps.

Read More:

SAP, Cloud Pro

Latest Articles

3 IT Infrastructure Costs Increasing in 2024:

As we navigate through the evolving landscape of IT infrastructure, a closer look at the cost trends for 2024 reveals significant shifts. From cloud expenses feeling the pressure of economic changes. With global cloud spending expected to hit over $1 trillion and various sectors facing unique challenges, staying informed is more crucial than ever.  Dive […]

Miguel Fersen Iberia & LATAM Regional Manager @ GlobalDots
26th February, 2024
Justt – IaC

Justt is a chargeback mitigation startup based in Tel Aviv. Chargebacks, as defined, are demands by a credit card provider for a retailer to reimburse losses on fraudulent or disputed transactions. Justt’s objective is to assist merchants worldwide in combating false chargebacks using its proprietary artificial intelligence technology.

22nd February, 2024
8 FinOps Best Practices for Cutting Cloud Costs

The cloud used to be viewed as a place of significant cost savings: rather than purchasing and maintaining dozens of server stacks, organizations could outsource this and purchase compute power on an as-needed basis. In the ensuing rush to cloud architecture, however, many companies simply lifted-and-shifted their old financial bad habits. The sheer speed of […]

22nd February, 2024

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

Unlock Your Cloud Potential