Security News
Google Compute Engine virtual machines can be hijacked and made to hand over root shell access via a cunning DHCP attack, according to security researcher Imre Rad. Though the weakness remains unpatched, there are some mitigating factors that diminish the potential risk. A successful attack involves overloading a victim's VM with DHCP traffic so that it ends up using a rogue attacker-controlled metadata server, which can be on the same network or on the other side of the internet.
The Asia Pacific Network Information Centre, the internet registry for the region, has admitted it left at least a portion of its Whois SQL database, which contains sensitive information, facing the public internet for three months. During that maintenance effort, a dump from APNIC's Whois SQL database was copied to a Google Cloud storage bucket that Sanjaya said "Was believed to be private".
Blue Hexagon offers agentless cloud-native AI security at runtime for Google Cloud. "With the rise of cloud-based Infrastructure as a Service and Platform as a Service driving rapid enterprise workload migration to the cloud, new challenges with security of cloud compute and network are ever emerging," said Nayeem Islam, CEO and Co-founder, Blue Hexagon.
Versa Networks announced its integration with Google Cloud Network Connectivity Center, allowing for secure and reliable connectivity to cloud workloads and on-premises resources in an automated, dynamic approach that reduces total costs of ownership. The integration between Versa SASE and Google Cloud represents continued development in security, SD-WAN, bandwidth management, and high availability differentiation and innovation to deliver the most consistent and high-performing user experience for secure access to applications anywhere in the world.
Threat actors are cashing in on the rapid shift to cloud-based business services during the pandemic, by hiding behind ubiquitous, trusted services from Microsoft and Google to make their email phishing scams look legit. In the first three months of 2021 alone, researchers found 7 million malicious emails sent from Microsoft 365 and a staggering 45 million sent from Google's infrastructure, Proofpoint reported, adding that cybercriminals have used Office 365, Azure, OneDrive, SharePoint, G-Suite and Firebase storage to send phishing emails and host attacks.
Cobalt Iron announced that its Compass enterprise software-as-a-service backup platform now enables seamless management of Google Cloud Platform virtual machine snapshots. Through this new capability, Compass users are able to manage backup retentions and schedules for GCP VM snapshots using the Compass Commander GUI, the same interface with which they manage their enterprise backups.
CrowdStrike and Google Cloud announced a series of product integrations to deliver joint customers defense-in-depth security, comprehensive visibility and workload protection at scale across hybrid cloud environments. These integrations will enable more seamless sharing of telemetry and data between the two security platforms, helping maintain high levels of security across a customers' entire cloud or hybrid environment.
Teradata announced a set of enhancements for Teradata Vantage on Google Cloud, making it easier for Teradata customers to use the Google Cloud services they prefer in a consumption pricing model. The platform enhancements highlight Teradata's commitment to its Google Cloud offering, as well as its commitment to provide Vantage customers with the choice, integration, and consistency they need to leverage their modern data platform in the cloud.
Siemens intends to integrate Google Cloud's leading data cloud and artificial intelligence/machine learning technologies with its factory automation solutions to help manufacturers innovate for the future. While AI projects have been deployed by many companies in "Islands" across the plant floor, manufacturers have struggled to implement AI at scale across their global operations.
Digital Realty expands secure and private access to Google Cloud’s global network in five key metros
Digital Realty announced it has expanded secure, private access to Google Cloud's global network in five key metros. Direct, low-latency interconnections to Google Cloud are available from 12 locations on Digital Realty's global platform - in Atlanta, Los Angeles and New York in North America, and in Düsseldorf, Madrid, Marseille, Paris, Stockholm, Vienna, and Zürich as well as two distinct locations in Frankfurt within EMEA. In addition, the Digital Realty Internet Exchange supports Google's Direct Peering capabilities and dedicated access to multiple third-party Internet Exchanges on PlatformDIGITAL, providing a direct path from on-premise networks to Google Cloud services.