Dropbox used by hacks to spread malware
FYI...
Dropbox used by hacks to spread malware
- http://www.nbcnews.com/technology/dr...are-6C10642402
July 15, 2013 - "... Comment Crew*, the same Chinese cyberespionage team thought to be behind the recent attack on The New York Times, has been using publicly shared Dropbox folders** to spread malware, reports... Cyber Squared. "The attackers have simply registered for a free Dropbox account, uploaded the malicious content and then publicly shared it with their targeted users," a Cyber Squared blog posting*** explained last week. For malicious hackers, Dropbox is an attractive malware distribution platform because it's widely used in the corporate environment and is unlikely to be blocked by IT security teams. In this way, Cyber Squared wrote, "the attackers could mask themselves behind the trusted Dropbox brand, increasing credibility and the likelihood of victim interaction with the malicious file from either personal or corporate Dropbox users"..."
* http://www.technewsdaily.com/17012-f...r-reports.html
** http://www.technewsdaily.com/4196-2-...e-syncing.html
*** http://www.cybersquared.com/killing-...cyber-attacks/
:fear::fear: :sad: :mad:
Malware in the cloud - 2014 ...
FYI...
Malware in the cloud - 2014
- https://net-security.org/malware_news.php?id=2675
Jan 15, 2014 - "... malware distributors are rapidly and widely adopting cloud computing, either by buying services directly or by compromising legitimate domains. This trend is allowing distributors to quickly and cost-effectively develop sites and bring them online, as well as to avoid geographic blacklisting by hiding behind the reputations of major hosting providers such as Amazon, GoDaddy and Google... The cloud is allowing malware distributors to create, host and remove websites rapidly, and major hosting providers such as Amazon, GoDaddy and Google have made it economical for malicious actors to use their services to infect millions of computers and vast numbers of enterprise systems..."
___
IBM to spend $1.2 billion to expand cloud services
- http://www.reuters.com/article/2014/...A0G05P20140117
Jan 16, 2014 - "IBM Corp said it will invest more than $1.2 billion to build up to 15 new data centers across five continents to expand its cloud services and reach new clients and markets. The new cloud centers will be in Washington D.C., Mexico City, Dallas, China, Hong Kong, London, Japan, India and Canada, with plans to expand in the Middle East and Africa in 2015... IBM said the global cloud market is estimated to grow to $200 billion by 2020... it will use web hosting technology from SoftLayer for the delivery of its cloud services..."
:fear: :mad: :fear:
Creative Cloud crash - no cloud is too big to fail
FYI...
Creative Cloud crash - no cloud is too big to fail
Adobe's ID services went down for over 24 hours, leaving Creative Cloud users - and a great many others - locked out of their software and accounts
- http://www.infoworld.com/t/cloud-com...ig-fail-242674
May 16, 2014 - "A problem with Adobe Creative Cloud locked users of Adobe's software out of their programs - and a good deal else on top of that - for more than 24 hours starting Wednesday night. According to a blog post by Adobe*, the failure "happened during database maintenance activity and affected services that require users to log in with an Adobe ID." This includes Adobe's Creative Cloud service, which provides cloud-hosted and -managed versions of Adobe's flagship software, such as Adobe Photoshop and Adobe Premiere... every other Adobe service that used Adobe's ID system was also affected... This isn't the first cloud-related black eye Adobe's suffered, either. Last year Adobe admitted to having 130 million passwords stolen from a backup system that was to have been decommissioned. Many Facebook accounts were also indirectly affected. Adobe's also received sharp criticism for aggressively shepherding its users into cloud subscription, pay-as-you-go plans for its software; in 2013 Adobe stopped selling standalone editions of the Creative Suite altogether... no cloud infrastructure is too big or too important to fail. Dropbox went down for 16 hours in January of 2013, and Google Drive experienced a similar 17-hour meltdown of its own in March. One estimate has put the cost of major-league cloud outages at some $71 million since 2007, but failures like Adobe's - where a single piece of failing infrastructure brings down multiple systems - have most likely driven that estimate far higher..."
* http://blogs.adobe.com/adobecare/201...ervice-outage/
___
- http://www.theinquirer.net/inquirer/...an-application
May 19 2014 - "IBM HAS LAUNCHED a version of Openstack that can be downloaded directly from its Marketplace like any other application. IBM Cloudmanager with Openstack is based on IBM Cloudentry, and includes full access to Icehouse, the latest version of Openstack. As well as appearing in its own right, it can also be bought as part of a package along with the recently announced IBM Power Systems server range to form the extensively titled IBM Power Systems Solution Edition for Scale Out Cloud..."
:fear::fear: :sad:
Amazon cloud attackers install DDoS bots ...
FYI...
Amazon cloud attackers install DDoS bots ...
Attackers are targeting Amazon EC2 instances with Elasticsearch 1.1.x installed
- https://www.computerworld.com/s/arti...earch_weakness
July 28, 2014 - "Attackers are exploiting a vulnerability in distributed search engine software Elasticsearch to install DDoS malware on Amazon and possibly other cloud servers. Elasticsearch is an increasingly popular open-source search engine server developed in Java that allows applications to perform full-text search for various types of documents through a REST API (representational state transfer application programming interface). Because it has a distributed architecture that allows for multiple nodes, Elasticsearch is commonly used in cloud environments. It can be deployed on Amazon Elastic Compute Cloud (EC2), Microsoft Azure, Google Compute Engine and other cloud platforms. Versions 1.1.x of Elasticsearch have support for active scripting through API calls in their default configuration. This feature poses a security risk because it doesn't require authentication and the script code is -not- sandboxed. Security researchers reported earlier this year that attackers can exploit Elasticsearch's scripting capability to execute arbitrary code on the underlying server, the issue being tracked as CVE-2014-3120* in the Common Vulnerabilities and Exposures (CVE) database. Elasticsearch's developers haven't released a patch for the 1.1.x branch, but starting with version 1.2.0, released on May 22, dynamic scripting is disabled by default. Last week security researchers from Kaspersky Lab** found new variants of Mayday, a Trojan program for Linux that's used to launch distributed denial-of-service (DDoS) attacks. The malware supports several DDoS techniques, including DNS amplification. One of the new Mayday variants was found running on compromised Amazon EC2 server instances, but this is not the only platform being misused... Users of Elasticsearch 1.1.x should upgrade to a newer version and those who require the scripting functionality should follow the security recommendations made by the software's developers in a blog post*** on July 9."
* https://web.nvd.nist.gov/view/vuln/d...=CVE-2014-3120 - 6.8
- https://web.nvd.nist.gov/view/vuln/d...=CVE-2014-4326 - 7.5 (HIGH)
- http://www.elasticsearch.org/blog/logstash-1-4-2/
Jun 24
Changelog for 1.4.2
- https://github.com/elasticsearch/log...ster/CHANGELOG
** https://securelist.com/blog/virus-wa...os-and-profit/
*** http://www.elasticsearch.org/blog/scripting-security/
- https://www.found.no/foundation/elas...-elasticsearch
Insecure default in Elasticsearch enables remote code execution
- http://bouk.co/blog/elasticsearch-rce/
May 2014 - "... How to secure against this vulnerability..."
___
>> http://www.rapid7.com/db/modules/exp...cript_mvel_rce
___
- http://atlas.arbor.net/briefs/index#-961013762
High Severity
31 Jul 2014
:fear::fear: :mad:
Dropbox glitch leaves some users with deleted files
FYI...
Dropbox glitch leaves some users with deleted files
- http://www.theinquirer.net/inquirer/...-deleted-files
Oct 13 2014 - "... a 'glitch' in some versions of the Dropbox app resulted in the deletion of files... The bug occurred when certain versions of the desktop sync app were shutdown prematurely by a program or system crash, and was limited to users of the selective sync feature where only certain folders are replicated on the desktop..."
:fear::fear: