[Some Interesting] Cloud ‘n Sec news: 4th Feb 22
What’s worth your reading time
Cloud
Multi-Cloud strategy
Forbes published the results of a survey it made to 45 Enterprise Cloud customers on their view of Multi-cloud usage after recent AWS outages in december 2021 and Azure and GCP earlier in 2021.
Customers such as Lyft, American Express, 1password and more voiced their thoughts in the survey, essentially confirming the need to a multi-cloud strategy to avoid being left in the dark in during major CSP outages.
Read more in the original article:
Azure
DDoS protection for you, and you, and you!
Microsoft released their Azure DDoS Protection based on Q3 and Q4 experiences in the platform. According to the article:
In the second half of 2021, the world experienced an unprecedented level of Distributed Denial-of-Service (DDoS) activity in both complexity and frequency. The gaming industry was perhaps the hardest hit
Results include:
Microsoft mitigated an average of 1,955 attacks per day, a 40 percent increase from the first half of 2021. The maximum number of attacks in a day recorded was 4,296 attacks on August 10, 2021. In total, we mitigated upwards of 359,713 unique attacks against our global infrastructure during the second half of 2021, a 43 percent increase from the first half of 2021.
Plus
Microsoft mitigated a 3.47 Tbps attack, and two more attacks above 2.5 Tbps
Impressive numbers to any provider.
Azure DDoS Protection — 2021 Q3 and Q4 DDoS attack trends | Azure Blog and Updates | Microsoft Azure
Free Azure event
A good event for anyone looking to learn more about Open Source in Azure — new linux capabilities!
To show you the latest capabilities of using Linux and Azure — and share some exciting announcements — we will be hosting Azure Open Source Day on Tuesday, February 15. More details on the link.
7 reasons to attend Azure Open Source Day | Azure Blog and Updates | Microsoft Azure
Powershell on Linux OS ?
This is a good example of how they keep pushing more into the Linux environment.
Azure Functions support for PowerShell on Linux OS is now generally available in Azure Functions runtime 4.0 on all hosting plans. You can now develop Azure Functions PowerShell apps locally and deploy them to Azure Functions on Linux OS.
Generally available: PowerShell on Linux OS in Azure Functions | Azure updates | Microsoft Azure
Security
ESET antivirus bug allows for privilege escalation
The flaw (CVE-2021–37852) was reported by Michael DePlante of Trend Micro’s Zero Day Initiative, and it enables attackers to escalate privileges to NT AUTHORITY\SYSTEM account rights (the highest level of privileges on a Windows system)
ESET antivirus bug let attackers gain Windows SYSTEM privileges (bleepingcomputer.com)
Follow me on twitter: Camillo (@iamcamillo) / Twitter
Learn more about my Cloud and Security Projects:
Web: www.cloudnsec.com
Listen: bit.ly/cloudnsecspotify
Watch: bit.ly/cloudnsecyoutube
Thank you for reading and leave your thoughts/comments!
