[Some Interesting] Cloud ‘n Sec news: 18th Mar 22
What’s worth your reading time
Cloud Native technologies part of new Developer bootcamp
The Linux foundation released a new content stream focused on Cloud Native Developers, which tackles upcoming technologies such as Kubernetes which as gained a lot of interest from app developers and enterprises lately.
The Bootcamp is paid but has some discount over the page indicated below.
New online bootcamp from The Linux Foundation and Cloud Native Computing Foundation covers key cloud native development practices, increasing pool of talent for employers
Stadia added to Google Cloud Services
An interesting move to the Stadia Gaming platform, which failed as a consumer gaming service — Google is now pivoting the platform as a gaming stream services, unbranded, to companies who will offer gaming services to their customers, an early example is AT&T offering gaming services via this new offering, to their mobile customers.
Ars technica reported, and I quote:
Stadia’s pivot to cloud gaming was definitely not part of the original plan. Stadia is a failing service that dramatically undershot Google sales estimates, and many of Google’s promises made three years ago at Stadia’s unveiling have not come true. Pitching Stadia as a Google Cloud service for other businesses is definitely a “plan B” and somewhat of a soft shutdown for the consumer service. The Business Insider report that broke the news of Stadia’s Google Cloud transition said the consumer platform was being “deprioritized” and that only “about 20 percent” of the Stadia team’s focus was still on “Stadia,” the consumer platform.
A Metaverse to learn AWS
Your heard it right and yes, it looks as whacky as you think. It focuses on Cloud Practitioner-level so nothing advanced, but good for people getting started in their cloud journey.
NBCDFW reported, and I quote:
The game, AWS Cloud Quest: Cloud Practitioner, has users create their own avatar who moves through a virtual city, helping its denizens solve technology-related cloud issues. Users earn points for completing Amazon Web Services simulations and puzzles that will unlock such things as new character styles, pet companions, city themes and virtual items like a hoverboard and a unicorn pool float.
SentinelOne acquiring Attivo Networks to bring Identity to its XDR
Singularity’s XDR capabilities are set to increase with the acquisition — bringing Identity Threat Response Capabilities to it.
This will make for an argument for SentinelOne solution against Microsoft’s Platform approach, specially in its Zero-trust based on Identity, journey.
Yahoo news reported details, and I quote:
Under the terms of the agreement, SentinelOne will acquire Attivo Networks in a cash and stock transaction valued at $616.5 million. The acquisition is expected to close in SentinelOne’s upcoming fiscal second quarter, subject to regulatory approval and customary closing conditions.
Android malware that steals MFA codes
This is not a new malware, but a new spin on an old strain, as reported by Bleeping computer — and I quote:
The Aberebot Android banking trojan has returned under the name ‘Escobar’ with new features, including stealing Google Authenticator multi-factor authentication codes.
The new features in the latest Aberebot version also include taking control of the infected Android devices using VNC, recording audio, and taking photos, while also expanding the set of targeted apps for credential theft.
It has been reported by Malwarehunter team that initial sightings of this new strain, known as “escobar” was spoofing McAfee apps in the Android store.
MalwareHunterTeam first spotted the suspicious APK on March 3, 2022, masqueraded as a McAfee app, and warned about its stealthiness against the vast majority of anti-virus engines.
Security Flaws in Software Package managers
A number of Software package managers have been found to be vulnerable to run arbitrary code in specific circumstances. The vulnerabilities are not easily exploitable, as it requires developers with the vulnerable package managers to run a malicious package.
The hacker news .com reported, and I quote:
Following responsible disclosure on September 9, 2021, fixes have been released to address the issues in Composer, Bundler, Bower, Poetry, Yarn, and Pnpm. But Composer, Pip, and Pipenv, all three of which are affected by the untrusted search path flaw, have opted not to address the bug.
Wipers found targeting Ukrainian Systems
ESET research announced via social media that they found another wiper targeting Ukraine. They named it Caddy Wiper.
Reports indicate that the malware is deployed via GPO and that it avoids destroying data on domain controllers.
Read more here.
Ubisoft confirms attack, staff passwords reset
The official note stated, and I quote:
Last week, Ubisoft experienced a cyber security incident that caused temporary disruption to some of our games, systems, and services. Our IT teams are working with leading external experts to investigate the issue. As a precautionary measure we initiated a company-wide password reset. Also, we can confirm that all our games and services are functioning normally and that at this time there is no evidence any player personal information was accessed or exposed as a by-product of this incident.
According to bleeping computer, the team behind Nvidia and Samsung’s recent breaches are behind the attack too, the Lapsus$ group, read more in their page.