Cloud computing - episodes ...

[AplusWebMaster]

FYI...

MS BPOS cloud service hit with data breach
- http://www.computerworld.com/s/artic...th_data_breach
December 22, 2010 - "Company data belonging to customers of Microsoft's hosted business suite BPOS has been accessed and downloaded by other users of the software. The issue affected the Offline Address Book of customers of the Business Productivity Online Suite (BPOS) Standard suite... "We recently became aware that, due to a configuration issue, Offline Address Book information for Business Productivity Online Suite (BPOS) Standard customers could be inadvertently downloaded by other customers of the service, in a very specific circumstance," said Clint Patterson, director of BPOS Communications at Microsoft. The data breach occurred in Microsoft data centers in North America, Europe and Asia. The issue was resolved within two hours of being discovered, Microsoft said in a statement. However, during this time "a very small number" of illegitimate downloads occurred. "We are working with those few customers to remove the files," Patterson said. This Offline Address Book contains an organization's business contact information for employees. It is stored on a server hosted by Microsoft as part of Exchange Online but can be downloaded for offline access. It does not contain Outlook personal contacts, e-mail, documents or other types of information, Microsoft stressed... BPOS includes Exchange Online, SharePoint Online, Office Communications Online and Office Live Meeting. In October, Microsoft outlined the next version of BPOS, called Office 365, intended to be a full-fledged option to Google Apps and other cloud-based suites. Office 365 combines the collaboration and communication elements of BPOS with Office Web Apps and, alternatively, even with Office 2010."

[AplusWebMaster]

FYI...

Top 10 Cloud stories Of 2010
- http://www.informationweek.com/news/...-last-featured
12/24/2010 - "Everybody's head was in the cloud, or so it seemed in 2010. Both well established and startup vendors developed solutions and strategies designed to extend their reach or provide entry into this booming market. After all, IDC estimated the cloud market will be worth $55 billion by 2014; Gartner predicted the cloud world could be valued at $148 billion at that time*..."

* http://www.gartner.com/it/page.jsp?id=1389313

Windows 8 will be cloud-based ...
- http://windows8beta.com/2010/03/wind...cloud-based-os
___

Criminals host trojans on Cloud Storage Service Rapidshare
- http://www.eweek.com/c/a/Security/Cr...dshare-339725/
2010-12-30 - "Spammers are using cloud-based storage services to store malware, allowing them to circumvent e-mail spam filters, according to security experts at Kaspersky Lab and MX Lab. Kaspersky Lab detected the click-fraud Trojan, a variant of the Trojan-Dropper.Wind32.Drooptroop family, which has been in circulation since the beginning of December, said Vicente Diaz, a Kaspersky Lab expert. There are over 7,000 variants of this particular family, according to Kaspersky. As with other types of malware that took advantage of the holiday season, the executable file for this Trojan was named gift.exe, Diaz said. The security firm detected more than 1,000 infections using this technique to distribute this variant, according to Diaz. The Trojan is stored on Rapidshare, a cloud-based file-sharing and storage service. The spam messages that users receive in their Inbox have no text, just a single link pointing to a valid Rapidshare URL. These messages get past spam filters because there are no malicious files attached, the domain name is not considered a “bad” one, and executables hosted on Rapidshare aren’t automatically classified as a threat, said Diaz. There was also a recent fake antivirus spam campaign that included a Rapidshare link pointing to surprise.exe, according to security firm MX Lab. The executable file downloads and installs the fake AV Security Shield on the user’s computer, which runs after the computer is rebooted. Once downloaded, there’s no guarantee that authentic antivirus products will detect these Trojans. According to MX Lab, only 16 of the 43 major antivirus products detected surprise.exe as a Trojan or as fake AV..."

- http://www.securelist.com/en/blog/11...e_in_the_cloud

- http://blog.mxlab.eu/2010/12/14/malw...-surprise-exe/

The year of the cloud ...
- http://www.infoworld.com/d/cloud-com...-the-cloud-888
December 30, 2010

[AplusWebMaster]

FYI...

Has Big Brother gone Global?
- http://isc.sans.edu/diary.html?storyid=10261
Last Updated: 2011-01-12 13:45:46 UTC - "... the Tunsinian Government may be harvesting or hacking information from Gmail accounts and or Facebook accounts. This goes to show the moment it is in the “cloud” it is no longer private. If you want something private, encrypt it. Most of us at the ISC follow the “front page” rule. If you write it, treat it like the information is on the front page of your national newspaper.
http://www.fastcompany.com/1715575/t...mail-anonymous
Going back to last year, the US National Security Agency considers their network untrustworthy.
http://www.net-security.org/secworld.php?id=10333 ..."

- http://dilbert.com/strips/comic/2011-01-07/

[AplusWebMaster]

FYI...

Trojan built to disable cloud AV...
- http://www.itnews.com.au/News/245426...antivirus.aspx
Jan 20, 2011 - "Microsoft has discovered a Trojan that aims to sever the connection between a device and the cloud antivirus (AV) service that is meant to protect it. The Bohu Trojan, which targets Windows machines, contains three main functions: evade detection, install a filter that blocks traffic between the device and service provider, and prevent the local installation from uploading data to the server. The attack appears to aim to knock out the additional layer of security that many antivirus companies have added to bolster defences and reduce the processing burden of ever-expanding signature databases. "Cloud-based virus detection generally works by client sending important threat data to the server for backend analysis, and subsequently acquiring further detection and removal instruction," Jingli Li and Zhitao Zhou of Microsoft Malware Protection Center wrote on the company's blog..."
* http://blogs.technet.com/b/mmpc/arch...the-cloud.aspx

- http://www.theregister.co.uk/2011/01...usting_trojan/
20 January 2011

[AplusWebMaster]

FYI...

Google wipes out Gmail settings and msgs...
- http://www.theinquirer.net/inquirer/...ounts-messages
Feb 28 2011 - "COMPLAINTS ARE FLOODING IN to Google after some Gmail users woke up to find that their inboxes had been wiped clean of messages. A number of Gmail forum posters report that their messages, labels and settings have all been set back to default. The consensus is that it is a problem on Google's end, with many people deeply concerned because many of them use Gmail as their main email account... Google confirmed that there is a problem on the Google Apps dashboard. Engineers are busy working on the issue, with the affected accounts disabled... Already a major glitch for Google's cloud technology, this will be a horrendous public relations disaster if there is no backup system in place. The company is trying to sort this out quickly."

[AplusWebMaster]

FYI...

Google: "software update" triggered loss...
- http://www.theinquirer.net/inquirer/...red-gmail-loss
Mar 01 2011 - "... Google has confirmed that a storage software update was responsible for causing some Gmail users to lose access to their e-mail. Some Gmail users complained of losing e-mails, contacts, and folders. Google claimed that 0.29 per cent of the user base was affected by the problem but has since revised that figure to less than 0.02 per cent, or about 40,000 of the service's 200 million accounts. Ben Treynor, Google VP of engineering and site reliability czar, said sorry for the mess and said he expects to have the lost data restored soon. He said that the data was not completely lost and Google had restored most of it already... Users might be wondering how safe all this cloud computing lark really is if, as Google promises, all the data was backed up in different locations with the keys owned by people who have never met each other. Treynor said this is because in some rare instances software bugs can affect several copies of the data..."

[AplusWebMaster]

FYI...

Eucalyptus cloud - critical vuln...
- http://www.h-online.com/security/new...s-1252593.html
30 May 2011 - "... critical vulnerability in Eucalyptus, an open source implementation of the Amazon EC2 cloud APIs. An attacker can, with access to the network traffic, intercept Eucalyptus SOAP commands and either modify them or issue their own arbitrary commands. To achieve this, the attacker needs only to copy the signature from one of the XML packets sent by Eucalyptus to the user. As Eucalyptus did not properly validate SOAP requests, the attacker could use the copy in their own commands sent to the SOAP interface and have them executed as the authenticated user. All versions up to and including 2.0.2 are vulnerable; a fixed version, 2.0.3*, is available to download. Ubuntu's Eucalyptus-based Ubuntu Enterprise Cloud (UEC) is also vulnerable; updates for Ubuntu 10.04 LTS, 10.10 and 11.04 are already available in Canonical's repositories. Eucalyptus does note** that the changes made to close the holes may lead to some existing tools failing to work as the system will interpret them as a replay attack if they issue commands too rapidly."
* http://open.eucalyptus.com/downloads

** http://open.eucalyptus.com/news/2011...eucalyptus-203

[AplusWebMaster]

FYI...

Attackers use Amazon Cloud to host malware
- http://threatpost.com/en_us/blogs/at...malware-060611
June 6, 2011 - "Attackers are beginning to host their malicious domains and drive-by download sites, and most recently researchers have discovered a number of domains on Amazon's cloud platform that are being used to install malware as part of a spam and phishing campaign designed to steal banking credentials and other sensitive data... attack sites are installing a variety of malicious files on victims' machines, including a component that acts as a rootkit and attempts to disable installed anti-malware applications. Other components that are downloaded during the attack include one that tries to steal login information from a list of nine banks in Brazil and two other international banks, another that steals digital certificates from eTokens stored on the machine and one that collects unique data about the PC itself, which is used by some banks as part of an authentication routine. Researchers say that the attacks likely originated in Brazil and are targeting users in Brazil, specifically. The domains that are being used in this attack have now been removed by Amazon, according to Kaspersky Lab researcher Dmitry Bestuzhev, who discovered the malicious domains*... The advent of commodity cloud computing platforms gives attackers one more venue in which to host their attack domains, but the attacks themselves are quite similar to what users have been seeing for years."
* http://www.securelist.com/en/blog/20...Services_Cloud
___

- http://www.information-management.co...Printable=true
June 6, 2011

- https://www.computerworld.com/s/arti...ge_Gets_the_Ax
June 6, 2011

[AplusWebMaster]

FYI...

Amazon cloud users reveal confidential data...
- http://www.h-online.com/security/new...a-1263704.html
20 June 2011 - "Sharing Amazon Machine Images (AMIs) to run on Amazon's Web Services (AWS) can open the door to attackers when users do not follow appropriate safety advice. The AMIs may contain private cryptographic keys, certificates and passwords, as researchers at the Darmstadt Research Center's CASED (Center for Advanced Security Research Darmstadt) found. In a report** [German language], they say that they examined 1100 public AMIs for cloud services and found that 30 per cent were vulnerable to manipulation that could allow attackers to partially or completely take over virtual web service infrastructure or other resources... Amazon Web Services have also been informed which customers are affected."
* http://aws.amazon.com/amis
** http://www.sit.fraunhofer.de/presse/...ud-nutzung.jsp

- http://www.h-online.com/security/fea...m-1255576.html
20 June 2011 - "... As many people use the same password in multiple places, criminals can use the passwords to obtain unauthorised access to further services... Cloud, CUDA and multi-core computer technologies are both a blessing and a curse: they can greatly accelerate the processing of data and make even complex simulations available to end users. Unfortunately, crackers use the same high-speed computing power to reconstruct plain-text data from an encrypted password, and then they use the password to log into a system as administrators. In this context, password crackers can take advantage of the fact that the harvested hashes were probably created using the MD5 algorithm, which is optimised for fast processing..."

[AplusWebMaster]

FYI...

'We can hand over Office 365 data without your permission'...
- http://www.zdnet.com/blog/igeneratio...rmission/11041
June 23, 2011 - "... Hidden within a whitepaper*, detailing the security features in the upcoming Office 365 suite, it reveals links to the Trust Center; a treasure trove of data protection policies and legalities of how Microsoft will handle your data in its cloud datacenters. Next week, Microsoft will announce the launch of Office 365 in both New York and London... In light of the Patriot Act furore, customers of cloud services are naturally becoming more aware of the limitations to cloud security and privacy; with legalities and powerful acts of law taking precedent. In short, Microsoft states:
“In a limited number of circumstances, Microsoft may need to disclose data without your prior consent, including as needed to satisfy legal requirements, or to protect the rights or property of Microsoft or others (including the enforcement of agreements or policies governing the use of the service).”
This covers all users and data of Microsoft Online Services, including the current offering of BPOS (Business Productivity Online Suite), currently in migration to Office 365. Current Live@edu users are also affected by this — mostly schools and colleges — which are also upgrading to Office 365... a personal and heartfelt congratulations to Microsoft — in full sincerity — for being as open, honest and transparent in their documentation..."
(More detail at the URL above.)
* http://www.microsoft.com/download/en....aspx?id=26552
Security in Office 365 Whitepaper.docx 5.0 MB

Data Use Limits
- http://www.microsoft.com/online/legal/v2/?docid=23
"... FAQ: ... Question: Can Microsoft Online Services use or disclose my data without my permission? In a limited number of circumstances, Microsoft may need to disclose data without your prior consent..."