Google Further Strengthens its Cloud Security, Over 500,000 Car-Tracking Device Passwords Leaked and More in This Week’s News

Google Announces New Cloud Security Initiatives

Last week Google announced two new initiatives that are bound to further strengthen their presence in the cloud security sphere.

Forseti Security and Google Cloud Endpoints are the new frameworks that will be available to developers. The first, Forseti Security, is a joint effort brought forward with Spotify aimed to develop an open-source security toolkit that focuses on GCP security.

Book a demo today to see GlobalDots is action.

Optimize cloud costs, control spend, and automate for deeper insights and efficiency.

Book a demo today to see GlobalDots is action.

Forseti has three main features. It catalogues and informs developers about what’s present in their cloud. Then the Scanner feature offers both monitoring and warning systems. Last, the Enforcer feature makes sure that policy files and resources stay as intended, by detecting and fixing GCP resources discrepancies through Google Cloud APIs.

The second project, Google Cloud Endpoints, is meant to help developers better manage their APIs. It mainly deals with API keys and the way developers distribute them, by giving them control over JSON Web Tokens.

Google has been moving aggressively to boost their cloud security. The new tools in the cloud security toolbox are just confirming it.

A person presenting on stage with their hands raised,in front of a backdrop displaying the Google logo.

Read More: Bizety

Passwords for 540,000 Car Tracking Devices Leaked

Over half a million records from the SVR Tracking company have been leaked. The exposed data contains personal and vehicle data of both drivers and businesses using the service.

The wide open misconfigured Amazon web server was first discovered by Kromtech Security Center. The public storage bucket left publicly accessible a cache containing some 540,000 SVR accounts.

The leaked data contained email addresses and passwords, users’ vehicle data (VIN – vehicle identification numbers, and GPS IMEI numbers), as well as information on 427 dealerships that use SVR’s services.

The exposed database contained exact information about exactly in the car the physical tracking unit was placed. It is still unclear if the data was accessed by hackers.

A person using a smartphone while working on a laptop with code on the screen.

Read More: MacKeeper Blog, Hacker News

Cloud Apps Growing in Popularity – 40% of European Organisations Uses Them

According to a recent research by IDC, 25% of EU businesses are using a hybrid approach to app hosting. The cloud, however, is becoming increasingly popular, with 40% of organisations claiming they keep on and off-premise environments separated.

IDC also found that 31% of businesses prefer hosting front-end tech on the public cloud, with back-end infrastructure on on-premise. The company also said it doesn’t seem as a sustainable model on the long run.

Connecting cloud environments with ad hoc bridges in a hybrid fashion won’t be enough in 2018, (…) Nor will standardising on one external provider, at least for large or innovative companies. Developers and line of business require ‘best of breed,’ and the purchasing department wants to avoid being locked in.

Giorgio Nebuloni, Research Director @ IDC European Infrastructure Group

The research has once again highlighted the need for businesses to embrace a multi-cloud strategy in order to optimize their app environments.

A hand holding an Ethernet cable with clouds in the background.

Read More: Cloud Pro, IDC

Viacom Leaves Data Up for Grabs on Unconfigured Amazon Server

A researcher from UpGuard recently discovered a misconfigured Amazon Web Server S3 cloud storage bucket with around 1GB of credentials and Viacom backend configuration files.

The exposed credentials could have easily been misused by hackers to bring down Viacom’s IT infrastructure. The available data could also have granted access to MTV, Paramount Pictures and Nickelodeon cloud servers.

The exposed data also contained Viacom’s master key to Amazon Web Services account, and the credentials required to build and maintain Viacom servers.

UpGuard contacted Viacom executives promptly. All the credentials have since been changed and the server has been secured. It’s still unclear if hackers were able to exploit the “up for grabs”. The media giant, however, claims there is no evidence of data abuse.

Signage of Viacom on a blue background.

Read More: Hacker News

SAP Acquires Gigya to Bring Identity Management to its Hybris Suite

SAP announced the acquisition of identity management company Gigya. The deal, which has been widely reported to be worth some $350 million, is aimed to integrate Gigya features into SAP’s Hybris platform.

The move will allow Europe’s largest software company to further expand its e-commerce services.

Gigya brings a wealth of skills and expertise that will significantly enhance the SAP Hybris Profile solution and allow us to take leadership of the emerging customer identity and access management market

Carsten Thoma, President and Co-founder @ SAP Hybris

Gigya serves roughly 1.3 billion customers globally across sites that use its software to manage identities and profiles. The deal will ultimately enable SAP to track the details of where and how customers shop, whether it be online, in-store or through mobile apps.

Exterior view of a modern building with a prominently displayed SAP logo.

Read More: SAP, Cloud Pro

Latest Articles

Vulnerability Assessments vs. Penetration Testing: Key Differences, Use Cases & Best Practices

They’re not interchangeable. A vulnerability assessment identifies known flaws at scale. A penetration test mimics an actual attacker probing for impact. Yet many teams treat them the same. They substitute one for the other, check a compliance box, and move on as if they’re covered. They’re not. And that gap shows up later in real-world […]

Ganesh The Awesome
7th July, 2025
Web Application Firewalls (WAFs): The Evolving First Line of Defense in Cloud Security

Modern applications are built for speed, not simplicity. Containers, microservices, and cloud-native deployments have blown up the security perimeter. Traditional tools can’t keep up with this complexity. That’s why Web Application Firewalls (WAFs) matter. But the WAF of 2025 isn’t just an appliance sitting in front of a static website. It’s a flexible, cloud-aware security […]

Ganesh The Awesome
7th July, 2025
What is an API Security Audit?

 In January 2024, a misconfigured API exposed 650,000 private messages. These included passwords and internal communications. No exploit chain. No zero-day. Just a public-facing endpoint with no authentication. This wasn’t an isolated incident. From T-Mobile and Twitter (now X) to Kronos Research and the US Treasury, attackers have consistently used APIs as entry points. They […]

Ganesh The Awesome
26th June, 2025
The Ultimate API Security Checklist for 2025

APIs are now the top attack vector in enterprise apps. In 2024 alone, breaches tied to APIs cost an average of $4.88 million, and that number is rising fast. Attackers exploit gaps in API authentication, input validation, and outdated endpoints to compromise systems. Legacy controls no longer suffice, and the OWASP API Top 10 outlines […]

Ganesh The Awesome
26th June, 2025

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services