Security News

Google has announced the public preview of a new Virtual Machine Threat Detection system that can detect cryptocurrency miners and other malware without the need for software agents. A significant problem for developers and enterprises using cloud-based virtual machines is the constant targeting of threat actors who breach servers to install cryptominers.

Threat actors are exploiting improperly-secured Google Cloud Platform instances to download cryptocurrency mining software to the compromised systems as well as abusing its infrastructure to install ransomware, stage phishing campaigns, and even generate traffic to YouTube videos for view count manipulation. "While cloud customers continue to face a variety of threats across applications and infrastructure, many successful attacks are due to poor hygiene and a lack of basic control implementation," Google's Cybersecurity Action Team outlined as part of its recent Threat Horizons report published last week.

Google Cloud and Workday announced a strategic partnership that will enable businesses across the world to further their digital transformations. As a Workday preferred cloud partner across core industries-such as healthcare, financial services, and retail-Google Cloud will help businesses run Workday enterprise applications for finance, HR, and planning in a public cloud environment, with ease-of-management, and low network latency.

This undocumented spying option was also available at Google Cloud DNS and at least one other DNS-as-a-service provider. In a presentation earlier this week at the Black Hat USA 2021 security conference in Las Vegas, Nevada, Shir Tamari and Ami Luttwak from security firm Wiz, described how they found a DNS name server hijacking flaw that allowed them to spy on the dynamic DNS traffic of other customers.

Boutique cloud engineering and agile DevOps firm, Hunter Strategy, announced their entrance to Google Cloud's partner network. As a Google Cloud Partner, Hunter joins a premier alliance of Cloud engineers to expand services offerings around cloud advisory, migration, software security, automation, orchestration, and robust managed services capabilities.

Google Cloud this week announced new security offerings for its customers, including Autonomic Security Operations to improve security operations centers and Cloud Intrusion Detection System for network-based threat detection. Autonomic Security Operations, the Internet giant says, represents a "Stack of products, integrations, blueprints, technical content, and an accelerator program" meant to help customers leverage Chronicle and Google technology and expertise to advance their SOC. A collection of philosophies, practices, and tools, Autonomic Security Operations should help organizations improve their resilience against cyberattacks, with an automated approach to threat management.

Google Cloud this week announced a new set of services aimed at help federal, state, and local government organizations in the United States to implement Zero Trust architecture. A recent Biden administration Executive Order on Improving the Nation's Cybersecurity requires government organizations adhere to a Zero Trust approach to cybersecurity, and Google Cloud has launched three new service offerings tailored to meet those needs and to be in line with National Institute of Standards and Technology standards.

Google has introduced a new Intrusion Detection Service together with "Adaptive Protection" for its cloud firewall, but such services make security a costly feature. CEO Thomas Kurian encouraged businesses to transfer their "Digital assets" to the cloud in order to benefit from "Cloud-native security." According to GM and VP of Cloud Security Sunil Potti, invisible security means "Security technologies are designed in... security operations as a silo disappears."

Google Cloud today announced new zero trust offerings for government, a set of services to help U.S. federal, state, and local government organizations implement zero trust architecture in accordance with the Biden Administration's Executive Order on Improving the Nation's Cybersecurity and in alignment with National Institute of Standards and Technology standards. Zero Trust Assessment and Planning offering: Delivered through Google Cloud's professional services organization, the Zero Trust Assessment and Planning offering is designed to help the government reach security goals through zero trust architecture planning for core applications and data.

CoreSite Realty announced support for Google Cloud's Partner Interconnect, a service from Google Cloud that allows customers to connect to Google Cloud globally, along with direct internet peering available natively on its Silicon Valley data center campus. This additional option provides CoreSite with the ability to offer low-latency fiber connectivity to Google Cloud using Dedicated Interconnect to support the Silicon Valley region's most demanding data and application requirements.