Security News

WireGuard, a high performance and easily configured VPN protocol, is getting a native port from Linux to the Windows kernel, and the code has been published as experimental work in progress. A WireGuard implementation for Windows already exists and can be found here, based on what Jason A Donenfeld, the creator of WireGuard, called "a generic TUN driver we developed called Wintun" and a cross-platform Go codebase called wireguard-go.

Google Cloud this week announced new security offerings for its customers, including Autonomic Security Operations to improve security operations centers and Cloud Intrusion Detection System for network-based threat detection. Autonomic Security Operations, the Internet giant says, represents a "Stack of products, integrations, blueprints, technical content, and an accelerator program" meant to help customers leverage Chronicle and Google technology and expertise to advance their SOC. A collection of philosophies, practices, and tools, Autonomic Security Operations should help organizations improve their resilience against cyberattacks, with an automated approach to threat management.

Wipro announced the launch of Wipro FullStride Cloud Services and its commitment to invest $1 billion in cloud technologies, capabilities, acquisitions and partnerships over the next three years. As the cloud opportunity accelerates, Wipro FullStride Cloud Services brings together the full portfolio of Wipro's cloud-related capabilities, offerings and talent to better orchestrate the cloud journey for clients.

Styra announced new cloud infrastructure support via Terraform, extending Styra Declarative Authorization Service guardrails to storage, network and compute resource configuration in public clouds including AWS, GCP and Azure. "Until now, DevOps and cloud platform teams had to manage authorization, policy and configuration with disparate tools in each of their clouds, in each of their orchestration clusters, and between the microservices that comprise modern apps," said Tim Hinrichs, co-founder and chief technology officer of Styra.

Google Cloud this week announced a new set of services aimed at help federal, state, and local government organizations in the United States to implement Zero Trust architecture. A recent Biden administration Executive Order on Improving the Nation's Cybersecurity requires government organizations adhere to a Zero Trust approach to cybersecurity, and Google Cloud has launched three new service offerings tailored to meet those needs and to be in line with National Institute of Standards and Technology standards.

Google has introduced a new Intrusion Detection Service together with "Adaptive Protection" for its cloud firewall, but such services make security a costly feature. CEO Thomas Kurian encouraged businesses to transfer their "Digital assets" to the cloud in order to benefit from "Cloud-native security." According to GM and VP of Cloud Security Sunil Potti, invisible security means "Security technologies are designed in... security operations as a silo disappears."

The CloudKnox deal is Microsoft's fourth cybersecurity acquisition over the last 12 months. Last June, Microsoft acquired CyberX to beef up its Azure IOT security capabilities and followed up soon after with a separate deal to buy firmware security security specialist ReFirm Labs.

Kubernetes clusters are being attacked via misconfigured Argo Workflows instances, security researchers are warning. Argo Workflows is an open-source, container-native workflow engine for orchestrating parallel jobs on Kubernetes - to speed up processing time for compute-intensive jobs like machine learning and big-data processing.

The researchers showed how an attacker could go from the cloud-based management console to all managed endpoint devices, and also from the endpoint devices to the management console. In the first attack, the attacker obtains unauthorized access to the account of a management console operator using stolen credentials or exploits.

The report, from Claroty research arm Team82, uncovered seven new CVEs, three affecting CODESYS software and four affecting WAGO PLCs. The vulnerabilities can be leveraged remotely and let an attacker break into a cloud management console via a single compromised field device, or take over multiple PLCs and OT devices using a single compromised workstation. Unfortunately for organizations moving their OT to the cloud, none of these exploits were possible when systems were located on site without any internet-facing elements.