Blog

Google Further Strengthens its Cloud Security, Over 500,000 Car-Tracking Device Passwords Leaked and More in This Week’s News

Admin Globaldots
28.09.2017
image 4 Min read

Google Announces New Cloud Security Initiatives

Last week Google announced two new initiatives that are bound to further strengthen their presence in the cloud security sphere.

Forseti Security and Google Cloud Endpoints are the new frameworks that will be available to developers. The first, Forseti Security, is a joint effort brought forward with Spotify aimed to develop an open-source security toolkit that focuses on GCP security.

Forseti has three main features. It catalogues and informs developers about what’s present in their cloud. Then the Scanner feature offers both monitoring and warning systems. Last, the Enforcer feature makes sure that policy files and resources stay as intended, by detecting and fixing GCP resources discrepancies through Google Cloud APIs.

The second project, Google Cloud Endpoints, is meant to help developers better manage their APIs. It mainly deals with API keys and the way developers distribute them, by giving them control over JSON Web Tokens.

Google has been moving aggressively to boost their cloud security. The new tools in the cloud security toolbox are just confirming it.

Read More:

Bizety

Passwords for 540,000 Car Tracking Devices Leaked

Over half a million records from the SVR Tracking company have been leaked. The exposed data contains personal and vehicle data of both drivers and businesses using the service.

The wide open misconfigured Amazon web server was first discovered by Kromtech Security Center. The public storage bucket left publicly accessible a cache containing some 540,000 SVR accounts.

The leaked data contained email addresses and passwords, users’ vehicle data (VIN – vehicle identification numbers, and GPS IMEI numbers), as well as information on 427 dealerships that use SVR’s services.

The exposed database contained exact information about exactly in the car the physical tracking unit was placed. It is still unclear if the data was accessed by hackers.

Read More:

MacKeeper Blog, Hacker News

Cloud Apps Growing in Popularity – 40% of European Organisations Uses Them

According to a recent research by IDC, 25% of EU businesses are using a hybrid approach to app hosting. The cloud, however, is becoming increasingly popular, with 40% of organisations claiming they keep on and off-premise environments separated.

IDC also found that 31% of businesses prefer hosting front-end tech on the public cloud, with back-end infrastructure on on-premise. The company also said it doesn’t seem as a sustainable model on the long run.

Connecting cloud environments with ad hoc bridges in a hybrid fashion won’t be enough in 2018, (…) Nor will standardising on one external provider, at least for large or innovative companies. Developers and line of business require ‘best of breed,’ and the purchasing department wants to avoid being locked in.

Giorgio Nebuloni, Research Director @ IDC European Infrastructure Group

The research has once again highlighted the need for businesses to embrace a multi-cloud strategy in order to optimize their app environments.

Read More:

Cloud Pro, IDC

Viacom Leaves Data Up for Grabs on Unconfigured Amazon Server

A researcher from UpGuard recently discovered a misconfigured Amazon Web Server S3 cloud storage bucket with around 1GB of credentials and Viacom backend configuration files.

The exposed credentials could have easily been misused by hackers to bring down Viacom’s IT infrastructure. The available data could also have granted access to MTV, Paramount Pictures and Nickelodeon cloud servers.

The exposed data also contained Viacom’s master key to Amazon Web Services account, and the credentials required to build and maintain Viacom servers.

UpGuard contacted Viacom executives promptly. All the credentials have since been changed and the server has been secured. It’s still unclear if hackers were able to exploit the “up for grabs”. The media giant, however, claims there is no evidence of data abuse.

Read More:

Hacker News

SAP Acquires Gigya to Bring Identity Management to its Hybris Suite

SAP announced the acquisition of identity management company Gigya. The deal, which has been widely reported to be worth some $350 million, is aimed to integrate Gigya features into SAP’s Hybris platform.

The move will allow Europe’s largest software company to further expand its e-commerce services.

Gigya brings a wealth of skills and expertise that will significantly enhance the SAP Hybris Profile solution and allow us to take leadership of the emerging customer identity and access management market

Carsten Thoma, President and Co-founder @ SAP Hybris

Gigya serves roughly 1.3 billion customers globally across sites that use its software to manage identities and profiles. The deal will ultimately enable SAP to track the details of where and how customers shop, whether it be online, in-store or through mobile apps.

Read More:

SAP, Cloud Pro

Comments

0 comments

There’s more to see

How Separating Data & Network Security Protects Your Supply Chain
Supply-Chain Data Protection
How Separating Data & Network Security Protects Your Supply Chain
Dr. Eduardo Rocha, Senior Solutions Engineer & Security Analyst @ GlobalDots 09.05.22

Software supply chain security is an enormous concern for businesses today. According to a 2021 Argon cybersecurity report, software supply chain attacks increased threefold in 2021 compared to the previous year.  The constant race of companies to do things faster while delivering a better, richer user experience adds a multitude of vulnerabilities to the supply […]

Read more
SASE vs. SD-WAN: A Quick Guide
SD-WAN and SASE
SASE vs. SD-WAN: A Quick Guide
Miguel Fersen, Senior Cloud Consultant @ GlobalDots

New technologies have a wicked tendency to pile up. With cloud solution categories now emerging on a weekly basis, the result of bringing them into your estate is usually more complexity and confusion. But sometimes, a single new technology allows us to rid a bunch of old ones in a snap. SASE pretends to be […]

Read more
Old Dogs, New Tricks: Innovating with CDNs
Content Delivery Network (CDN)
Old Dogs, New Tricks: Innovating with CDNs
Dror Arie, Senior Solutions Architect @ GlobalDots 20.04.22

Today’s digital businesses with global customers cannot afford slow page loads and applications caused by physical distance and latency issues. Page load speeds can have a significant effect on customer acquisition and retention. Walmart discovered that a 1% increase in page load time results in a 2% increase in conversion rates. So businesses are using […]

Read more
Back to Blog
Unlock Your Cloud Potential
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Contact us