This week Microsoft enhances Kubernetes features and Red Hat integrations; Amazon launches Keyspaces for Apache Cassandra; a PAAY LLC database exposes 2.5 million credit card transactions online; Microsoft patches a security flaw in Microsoft Teams; and a hacker group is targeting businesses on the Revive ad-server platform. Let's see what's going on.
Microsoft Enhances Kubernetes Features and Red Hat Integrations
Microsoft launched two updates for Azure this week that may help the cloud platform better serve businesses with different types of applications. Specifically, the container-based update is to the Azure Kubernetes Service (AKS), a managed implementation of Kubernetes, and is Microsoft hosted. It makes it now possible for AKS to run both standard Linux containers, and Windows software containers as well.
With these new capabilities, Microsoft will be able to expand the market for its Kubernetes service by marketing to businesses building Windows-based containerized apps. It may also be a benefit for existing AKS customers as well, since they will now be able to manage both their Linux and Windows workloads with one set of tools.
In addition to the AKS update, Microsoft also released an update for Azure Arc. This product permits businesses to run Azure services on competitors’ clouds and hardware on-premises. The update previewed by Microsoft displayed integrations that will let customers run Azure services on an infrastructure powered by Red Hat's OpenShift distribution of Kubernetes, and the Red Hat Enterprise Linux operating system.
Amazon launches Keyspaces for Apache Cassandra
This week Amazon announced that its service Keyspaces for Apache Cassandra is now publicly available. It initially previewed the service at its "re:Invent 2019" conference, where it was called the Amazon Managed Cassandra Service. Keyspaces for Apache Cassandra is a cloud database that is compatible with the existing open-source Cassandra database.
Most notably, it supports the same developer tools, application code, and Apache 2.0 licensed drivers as already used by customers operating Cassandra workloads. The best feature of the Keyspaces service is that it lets customers migrate their on-premises Cassandra workloads to its cloud, where they're much easier to maintain.
PAAY LLC Database Exposes 2.5 Million Credit Card Transactions Online
New York mobile payments solutions provider PAAY LLC recently discovered that one of their databases containing 2.5 million credit card transactions was exposed online. The database had credit card numbers and expiration dates but didn't include the name of the owner of the card or the card verification values.
It has been estimated that the data was online for about three weeks before it was taken down after Techcrunch contacted PAAY LLC. While they admitted that it was their database that was exposed, they say it did not contain credit card numbers. They also say that an error was made during an upgrade process that left the database exposed without a password.
Some say this is another instance of a company failing to secure a cloud-hosted database correctly. What's more, the list of companies who have exposed data in such a way is quite long. This year the numbers are a bit lower, due to the fact that security awareness has improved around this issue.
Robert Prigge, CEO of Jumio Corp., suggested that, instead of passwords, banks should look to artificial intelligence coupled with biometrics as a better way to secure and confirm identity.
Microsoft Patches a Security Flaw in Microsoft Teams
A vulnerability in Microsoft Teams was initially noticed by CyberArk Software Inc., which revealed its findings in a report. This security flaw might have allowed hackers to hijack user accounts by posting a malicious image to a chat channel. This week, Microsoft updated the collaboration service to ensure that this doesn't happen.
Microsoft Teams has an authentication feature that ensures that users have permission to view images shared with them in a chat channel. Once the user's rights are verified, they are assigned a unique authentication token. The concern was the token could be used for other things beyond images. For example, it could have been used by a hacker to hijack the user's credentials. More than this, the vulnerability made it possible for hackers to read victims' messages, as well as send messages to others on their behalf.
To exploit the vulnerability, hackers would first have needed to enter a Microsoft Teams chat channel run by the business to be targeted. By compromising a weakly protected user account or by enticing a worker using a phishing email scam, a smart attacker could have been successful, according to CyberArk.
Based on their findings, it would have been possible for a hacker to carry out such an attack before the patch was put in place.
Businesses on the Revive Ad-Serving Platform Targeted by a Hacking Group
According to an attack reported today by security researcher Eliya Stein from Confiant Inc., businesses using Revive ad servers are being targeted by a group dubbed Tag Barnacle. Revive Adserver is a popular open-source platform for companies who don't want to use hosted services like Google LLC.
Confiant found sixty compromised Revive ad servers that serve approximately 360 websites. While that's not an unusually large number, one of the compromised ad servers had nevertheless served 1.25 million malicious ad impressions in a single day. Businesses that use Revive are usually small online advertising firms and may not even be aware they've been compromised.
Experts advise keeping browsers updated and using antivirus solutions. Digital site owners should look for browser-malware protection solutions. Protection that provides insight into client-side malware on their site would be beneficial.
That's a Wrap
That's the news for MSPs this week in summary. I hope this has been helpful. MSP360 is your resource for MSP news. Stay home, stay safe and healthy, and remember to check back next week for more highlights.