[Some Interesting] Cloud ‘n Sec news: 28th Jan 22

What’s worth your reading time

Cloud

Azure

Azure Platform growth was massive in 2021, Yahoo Finance comments.

This is news related to performance of these services. “Hey this is not tech! Why are you talking about it?” Well, seeing the results and how the market is adopting these Cloud provider’s is key to all the ecosystem of professionals of the platform. These numbers mean more demand for Azure, thus more opportunities for anyone willing to work with it — lucky Cloud professionals! :-)

Microsoft announced their earnings and the results were positive. Finance analysts hyped it up, have a look at this video from Yahoo Finance:

Microsoft’s Azure makes it the ‘cloud king,’ analyst says — Bing video

GCP

Google Cloud Platform has some news, they make a good job concentrating their news in a page, so I will point you to it:

Google Cloud latest news and announcements | Google Cloud Blog

Other, Cloud

The next is a bit of an Odd one, but I figure it’s relevant to Cloud and noteworthy given the size of the organization and what happened.

Discord goes down due to: API ?

Who would’ve figured that a SaaS company that so many people and companies/startups rely on as Chat and communications platform would suffer an outage due to API issues.

It is uncler what the issues were, the official status page from Discord claimed the below:

Investigating — We are currently investigating a widespread API outage.

Identified — We have identified the underlying issue with the API outage but are dealing with a secondary issue on one of our database clusters. We have our entire on-call response team online and responding to the issue.
Jan 26, 12:03 PST

More details on this article: Discord is down, it’s not just you | TechCrunch

More details on this page: Discord Status

Security

Hacking as a way of stop conflict?

This is an intersting story since it shows har far hacktivists are willing to go to (alledgedly) avoid military advancements and consequently defer geopolitical conflicts.

Ars technica reported:

Hacktivists in Belarus said on Monday they had infected the network of the country’s state-run railroad system with ransomware and would provide the decryption key only if Belarus President Alexander Lukashenko stopped aiding Russian troops ahead of a possible invasion of Ukraine.

More details on this article: Hactivists say they hacked Belarus rail system to stop Russian military buildup | Ars Technica

Canada Foreign affairs hacked

Interesting to see an attack to such a large country, without attribution or consequences yet.

TBS Canada on Twitter: “The cyber incident was detected on January 19, after which mitigation actions were taken. (4/9)” / Twitter

“The Record” reported:

Officials did not attribute the attack to any particular entity or reveal any technical details of what happened, and it is currently unclear if this was an attack that targeted the government’s network on purpose or just some random exploitation event that managed to find an unpatched system on GAC’s network.

A day after the attack, Canada’s cybersecurity agency published a security alert warning that Russian threat actors might target Canada’s critical infrastructure. Due to the alert’s timing, some security experts and local journalists speculated that the two events could be related.

More details on this article: Canada confirms cyber-attack on foreign affairs ministry — The Record by Recorded Future

Do nothing and still get hacked.

Zoom is notorious with their security incidents. I remember a few years back having discussions with customers about this and how their software could be used by attackers to pawn the host.

Well, this time around, a researchers disclosed a Zero Click exploit on server-side their software allowed attackers to intercept call information, if encryption hadn’t been turned on for calls, confidential data could have leaked.

Wired reported:

“Though fixed now, the two vulnerabilities could have been exploited without any user involvement to take over a victim’s device or even compromise a Zoom server that processes many users’ communications in addition to those of the original victim. Zoom users have the option to turn on end-to-end encryption for their calls on the platform, which would keep an attacker with that server access from surveilling their communications. But a hacker could still have used the access to intercept calls in which users didn’t enable that protection.”

The researcher, that found other zero-clicks vulnerabilities in other software before, said that carrying out and exploiting the vulnerability would be difficult. They also explained that Zoom was very responsive and swift to patch the issue.

More details on this article: ‘Zero-Click’ Zoom Vulnerabilities Could Have Exposed Calls | WIRED

Don’t praise the sun on this one

Dark souls 3 clients were being exploited in a way that allowed gamers to lauch Remote Code Execute code to other players while in online mode.

This is a good story to remind you to not game on the same machine where you have important work/data!

Or just game from consoles, which I prefer and recommend, anyway! :-)

Ars technica reported:

Bandai Namco, publisher of the Dark Souls role-playing game series, has taken down its player-versus-player servers while it investigates reports of a serious vulnerability that allows players to execute malicious code on the PCs of fellow players.

Word of the critical remote-code-execution flaw emerged over the weekend in Reddit.

The article also explains potential impact:

Based on the description and the demo on Twitch, the vulnerability sounds critical because it allows hackers to remotely execute code of their choice on PCs as they play the games against other players. That means attackers could conceivably install ransomware, keyloggers, remote access trojans, or other malicious wares when they’re connected to the same PvP server as a target.

More details : Dark Souls servers taken down following discovery of critical vulnerability | Ars Technica

Follow me on twitter: Camillo (@iamcamillo) / Twitter

Learn more about my Cloud and Security Projects:

Web: www.cloudnsec.com

Listen: bit.ly/cloudnsecspotify
Watch: bit.ly/cloudnsecyoutube

Thank you for reading and leave your thoughts/comments!

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Andre Camillo

Andre Camillo

Cloud and Security technologies, Career, sometimes Music and Gaming easter eggs. Technical Specialist @Microsoft. Opinions are my own.