What's new this week in the news for MSPs?
Azure Spring Cloud launched by Microsoft; AWS debuts Rust language Bottlerocket for Linux containers; Emotet new Red Dawn malware dangerous, say researchers; New Qbot trojan launches Microsoft Outlook threads; and Tesla cybersecurity ransomware attack prevented. Let's see what it's all about.
Azure Spring Cloud Launched by Microsoft
Microsoft announced its release of Azure Spring Cloud. This new offering resulted from a collaboration between Microsoft and VMware, Inc. and was first previewed by enterprises last year.
Companies like Netflix use Azure Spring Cloud to build applications more quickly, as the service provides them with software building blocks that are already made for them to use in their projects. A specific edition of the Spring boot framework is in use for the cloud service. It is essentially a simplified version with preconfigured options that save companies the effort of setting it up themselves.
Microsoft has included some value-added options that help automate associated administrative jobs; for example, network security features and integration with Azure Monitor, where administrators find potential issues in their environments. It also has an auto-scaling tool that optimizes applications' infrastructure usage.
AWS Rust Language Bottlerocket Debuts for Linux Containers
Linus Torvalds supported adding other components and new drivers in Rust to Linux earlier this year. At the Linux Plumbers Conference, held in virtual mode, developers began giving serious thought to using the Rust language for new Linux inline code. Recently, AWS announced the debut of Bottlerocket Linux for containers, which is mainly coded in Rust.
The decision to use Rust came because it adapts better to writing secure software. It has enhanced security through the use of the Device Mapper's verity target, which prevents the overwriting of core system software by cyberattackers and other rootkit-type attacks.
Logging on to individual production Bottlerocket instances has been made mostly unnecessary, except where high-level troubleshooting or debugging is required. Production server administrative connections have been discouraged in this new version of Linux. The admin container runs Amazon Linux 2, where it has utilities for troubleshooting and debugging Bottlerocket and runs with elevated privileges.
AWS customers will be attracted by the straightforward, secure container Linux for the AWS public cloud.
Emotet New Red Dawn Malware as Dangerous, According to Researchers
When Emotet resurfaced in July, researchers found it had arrived with new attachments in its spam campaigns. These masquerade as invoices, COVID-19 information, financial documents, resumes, and more. Still, these malicious Microsoft Word (.doc) attachments run malicious macros that install the Emotet malware on a victim's PC when the recipient enables the content as prompted.
Emotet uses tricks to get the user to enable the macros. For example, they will be told the document was created in iOS and can't be viewed unless they click on the button to allow the content.
On August 25, Emotet began using a new template, dubbed “Red Dawn” by researchers, due to its red accents, which they say is as dangerous as previous ones. Emotet is considered the most widely spread malware targeting users right now. It also comes paired with other risky malware that it will install on a victim's computer.
New Qbot Trojan Can Launch Microsoft Outlook Threads
The Qbot trojan has been detected in a new enhanced version, with new features like stealing Microsoft Outlook email threads. Security researchers at Check Point Software Technologies Ltd reported this, comparing the malware to a Swiss Army knife.
They first found the new version of Qbot in the recent Emotet trojan campaigns in July. It was also detected in August's malspam attacks, where it was observed activating a specific "email collector module." This module extracts all email threads from the victim's Outlook client and uploads emails to a remote server in order to use them later in future malspam campaigns.
With Qbot becoming more dangerous, it's more important than ever that users become well versed in cyber-hygiene.
Tesla Cybersecurity Ransomware Attack Prevented
Thanks to an employee’s quick response, Tesla was able to prevent a cyberattack at the electric car maker's Nevada factory, which had been the target of a Russian operative and his unknown co-conspirators.
The employee was contacted and offered a substantial payoff for injecting malware into Tesla's computer network. The employee reported the extortion plot to the FBI in order to prevent the attack.
Elon Musk confirmed the attempted "serious cyberattack" in a Twitter post.
That's a Wrap for News You Might've Missed
I hope this update has been helpful. MSP360 is your resource for MSP news. Stay home, stay safe and healthy, and remember to check back every week for more highlights.