Google Further Strengthens its Cloud Security, Over 500,000 Car-Tracking Device Passwords Leaked and More in This Week’s News

4 Min read

Google Announces New Cloud Security Initiatives

Last week Google announced two new initiatives that are bound to further strengthen their presence in the cloud security sphere.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

Forseti Security and Google Cloud Endpoints are the new frameworks that will be available to developers. The first, Forseti Security, is a joint effort brought forward with Spotify aimed to develop an open-source security toolkit that focuses on GCP security.

Forseti has three main features. It catalogues and informs developers about what’s present in their cloud. Then the Scanner feature offers both monitoring and warning systems. Last, the Enforcer feature makes sure that policy files and resources stay as intended, by detecting and fixing GCP resources discrepancies through Google Cloud APIs.

The second project, Google Cloud Endpoints, is meant to help developers better manage their APIs. It mainly deals with API keys and the way developers distribute them, by giving them control over JSON Web Tokens.

Google has been moving aggressively to boost their cloud security. The new tools in the cloud security toolbox are just confirming it.

Read More:


Passwords for 540,000 Car Tracking Devices Leaked

Over half a million records from the SVR Tracking company have been leaked. The exposed data contains personal and vehicle data of both drivers and businesses using the service.

The wide open misconfigured Amazon web server was first discovered by Kromtech Security Center. The public storage bucket left publicly accessible a cache containing some 540,000 SVR accounts.

The leaked data contained email addresses and passwords, users’ vehicle data (VIN – vehicle identification numbers, and GPS IMEI numbers), as well as information on 427 dealerships that use SVR’s services.

The exposed database contained exact information about exactly in the car the physical tracking unit was placed. It is still unclear if the data was accessed by hackers.

Read More:

MacKeeper Blog, Hacker News

Cloud Apps Growing in Popularity – 40% of European Organisations Uses Them

According to a recent research by IDC, 25% of EU businesses are using a hybrid approach to app hosting. The cloud, however, is becoming increasingly popular, with 40% of organisations claiming they keep on and off-premise environments separated.

IDC also found that 31% of businesses prefer hosting front-end tech on the public cloud, with back-end infrastructure on on-premise. The company also said it doesn’t seem as a sustainable model on the long run.

Connecting cloud environments with ad hoc bridges in a hybrid fashion won’t be enough in 2018, (…) Nor will standardising on one external provider, at least for large or innovative companies. Developers and line of business require ‘best of breed,’ and the purchasing department wants to avoid being locked in.

Giorgio Nebuloni, Research Director @ IDC European Infrastructure Group

The research has once again highlighted the need for businesses to embrace a multi-cloud strategy in order to optimize their app environments.

Read More:

Cloud Pro, IDC

Viacom Leaves Data Up for Grabs on Unconfigured Amazon Server

A researcher from UpGuard recently discovered a misconfigured Amazon Web Server S3 cloud storage bucket with around 1GB of credentials and Viacom backend configuration files.

The exposed credentials could have easily been misused by hackers to bring down Viacom’s IT infrastructure. The available data could also have granted access to MTV, Paramount Pictures and Nickelodeon cloud servers.

The exposed data also contained Viacom’s master key to Amazon Web Services account, and the credentials required to build and maintain Viacom servers.

UpGuard contacted Viacom executives promptly. All the credentials have since been changed and the server has been secured. It’s still unclear if hackers were able to exploit the “up for grabs”. The media giant, however, claims there is no evidence of data abuse.

Read More:

Hacker News

SAP Acquires Gigya to Bring Identity Management to its Hybris Suite

SAP announced the acquisition of identity management company Gigya. The deal, which has been widely reported to be worth some $350 million, is aimed to integrate Gigya features into SAP’s Hybris platform.

The move will allow Europe’s largest software company to further expand its e-commerce services.

Gigya brings a wealth of skills and expertise that will significantly enhance the SAP Hybris Profile solution and allow us to take leadership of the emerging customer identity and access management market

Carsten Thoma, President and Co-founder @ SAP Hybris

Gigya serves roughly 1.3 billion customers globally across sites that use its software to manage identities and profiles. The deal will ultimately enable SAP to track the details of where and how customers shop, whether it be online, in-store or through mobile apps.

Read More:

SAP, Cloud Pro

Latest Articles

How to Defeat Bad Bots in 2024 (and Why It’s Still So Hard)

Introduction  Bots today outnumber human users in eCommerce sites: From 15% in 2017, to 30% in 2019, to 64% in 2021. Some extreme cases we’ve witnessed peaked in 90-99.8% bot traffic. But perhaps the more concerning bit is the traffic share of bad bots: an approximate 39% of all internet traffic in 2021.   Hackers are […]

Dr. Eduardo Rocha Senior Solutions Engineer & Security Analyst @ GlobalDots
13th June, 2024
Cut Big Data Costs by 23%: 7 Key Practices

In this webinar, we reveal a solution that cuts big data costs by 23% and enhances system efficiency - without changing a single line of code. We’ll also explore 7 key practices that will free your engineers to process and analyze data at the pace and scale they need - and ensure they never lose control of the process.

15th April, 2024

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

Unlock Your Cloud Potential