[Some Interesting] Cloud ‘n Sec news: 29th Apr 22
What’s worth your reading time
Microsoft releases Quarterly results
Azure maintains strong growth on the third quarter for 2022, as reported by reseller news:
Microsoft posted strong results across the board for its third quarter of 2022, with total revenue increasing by 18 per cent year-over-year to US$49.4 billion, thanks in large part to continued growth of its cloud products. Net income for the quarter was $16.7 billion.
Google Cloud Q1 results released
Strong results from GCP reported by CRN:
Google Cloud was a bright spot for its parent companies Google and Alphabet during its first quarter 2022, with Google Cloud sales soaring 44 percent year over year to $5.82 billion.
AWS awarded US government contract
Amazon Web Services was awarded once again with a National Security Agency cloud computing contract worth up to $10 billion
RFC for Vulnerability Discovery
After years in the work, the official RFC for a format to disclosure vulnerability in a standard manner. As described by the RFC 9116:
When security vulnerabilities are discovered by researchers, proper reporting channels are often lacking. As a result, vulnerabilities may be left unreported. This document defines a machine-parsable format (“security.txt”) to help organizations describe their vulnerability disclosure practices to make it easier for researchers to report vulnerabilities.
Twitter bought by Musk
For 44 Billion dollars, it’s a good amount of money for a platform that has issues with monetization and revenues, and not a lot of users when compared to other social media platforms, in fact it reported it overcounted its users over the last 3 years according to this techcrunch report.
Top Vulnerabilities exploited in 2021
Cybersecurity agencies worldwide, in partnership with the NSA and FBI, have released a list of the top 15 most exploited vulnerabilities in 2021.
These reports are always interesting from a defense point of view.
The CISA report states:
U.S., Australian, Canadian, New Zealand, and UK cybersecurity authorities assess, in 2021, malicious cyber actors aggressively targeted newly disclosed critical software vulnerabilities against broad target sets, including public and private sector organizations worldwide. To a lesser extent, malicious cyber actors continued to exploit publicly known, dated software vulnerabilities across a broad spectrum of targets.
Amongst the top were Log4Shell, ProxyLogon and Proxyshell.
Patching isn’t a recommendation, it’s to be expected if it’s touching the internet.
Get more details in the official report.
“Lightning” Ransomware infection
The Digital forensics and incident response report team from “thedfirreport.com” have shared a report on a recent infection by quantum ransomware where threat actors went from initial infection to domain wide ransomware in under four hours.
A summary of the report was shared by the team in their official report:
Once the initial IcedID payload was executed, approximately 2 hours after initial infection, the threat actors appeared to begin hands-on-keyboard activity. Cobalt Strike and RDP were used to move across the network before using WMI and PsExec to deploy the Quantum ransomware. This case exemplified an extremely short Time-to-Ransom (TTR) of 3 hours and 44 minutes.