[Some Interesting] Cloud ‘n Sec news: 27th May 22

What’s worth your reading time

Cloud

Azure

Microsoft Build 2022

The annual developers’ conference took place this week with many exciting announcements for dev and the Cloud industry in general.

All announcements and video recap can be accessed online.

Amongst the announcements worth double checking are Azure AI:

Azure OpenAI Service, an Azure Cognitive Service, is now available in preview. Approved customers can access different models from OpenAI, including the GPT-3 base series (Ada, Babbage, Curie and DaVinci), Codex series and embedding models, with the enterprise capabilities of Azure.

Microsoft Dev Box:

Microsoft Dev Box will give developers self-service access to high performance, cloud-based workstations that are preconfigured and ready-to-code for specific projects. Azure Deployment Environments will make it easy for developer teams to quickly spin up app infrastructure with project-based templates that establish consistency and best practices.

Microsoft Training and Learning platform

enhanced with new and updated training and certifications to offer a wide range of benefits for users, ranging from exam prep to cybersecurity training to data analytics to role-playing real-world tech issues.

The additions and updates include:

Microsoft Learn Cloud Games

Microsoft Exam Readiness Zone

Microsoft Certification Renewal

and more

Security

Industry

Twitter fined for using 2FA information for ads

As if all news about their “acquisition” wasn’t enough bad publicity.

No one should expect their security information to be used for monetization of a platform.

Bleeping Computer reported:

According to court documents [PDF], Twitter asked over 140 million users for this information to protect their accounts starting in 2013, but it failed to inform them that the data would also be used to allow advertisers to target them with ads.

Breach

Credential stuffing attack exposing personal information

Compromised Identities should be a thing of the past with all the available awareness, frameworks and technology (Password manage, 2FA) to mitigate it.

This attack comes to remind us that it isn’t. Bleeping computer reported:

GM disclosed that they detected the malicious login activity between April 11th and April 29th, 2022, and confirmed that the hackers redeemed customer reward points for gift cards in some cases.

GM states they will be restoring rewards points for all customers affected by this breach.

However, these breaches are not a result of a General Motors being hacked but rather are caused by a wave of credential stuffing attacks targeting customers on their platform.

Threats

Android malware using Zero-days

This piece of news comes from Google Threat Analysis Group which uncovered five zero-day vulnerabilities to install Predator Spyware.

A Google analyst explained the method:

All three campaigns delivered one-time links mimicking URL shortener services to the targeted Android users via email. The campaigns were limited — in each case, we assess the number of targets was in the tens of users

Read more about this here.

Malware in Word Doc in a PDF?

A report by HP Wolf Security on this attack using very traditional methods to deliver a payload. A Malicious Doc file, inside a PDF.

Bleeping computer reported:

In a campaign seen by HP Wolf Security, the PDF arriving via email is named “Remittance Invoice,” and our guess is that the email body contains vague promises of payment to the recipient.

When the PDF is opened, Adobe Reader prompts the user to open a DOCX file contained inside, which is already unusual and might confuse the victim.

Because the threat actors named the embedded document “has been verified,” the Open File prompt below states, “The file ‘has been verified.” This message could trick recipients into believing that Adobe verified the file as legitimate and that the file is safe to open.

Make sure to review the technical writeup uncovering the technique and threat here.

Learn more about my Cloud and Security Projects: https://linktr.ee/acamillo

Thank you for reading and leave your thoughts/comments!

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Andre Camillo

Andre Camillo

521 Followers

Cloud and Security technologies, Career, sometimes Music and Gaming easter eggs. Technical Specialist @Microsoft. Opinions are my own.