The announcement came during the company\u2019s recent re:Invent conference, held in December 2019. AWS Outposts is used by Amazon customers to extend native AWS or VMware cloud deployments in their data centers.<\/p>\n
AWS Outposts is most suitable for workloads requiring low-latency access to on-premise systems or apps. According to Amazon\u2019s announcement, it may be applicable to those that work with real-time IoT data or databases used to run manufacturing plants.<\/p>\n
Still, there are a few areas where customers should be wary. For example, AWS Outposts can\u2019t store all data locally yet and cannot manage or replicate data across regions for high availability and disaster recovery uses. These shortcomings may be addressed in future updates.<\/p>\n
Ransomware Used by Hackers to Attack and Threaten Victims for GDPR Breaches Is Targeting MongoDB Users<\/h2>\n
22,900 MongoDB databases have been the target of an unknown hacker<\/a> in a ransomware attack where victims are threatened with being reported for breaching the European Union General Data Protection Regulations unless they pay.<\/p>\n This attack was discovered by security researcher Victor Gevers from the Dutch Institute for Vulnerability Disclosure and was first noticed in April. ZDNet reported that the hackers are employing a script that searches for unsecured active MongoDB installations. The script proceeds to remove the contents of the database and delivers a ransom note requiring payment of 0.015 in bitcoin ($137) within 48 hours in order to get the transferred data returned.<\/p>\n \u201cIn case of refusal to pay, we will contact the General Data Protection Regulation, GDPR and notify them that you store user data in an open form and is not safe,\u201d the ransom note reads in somewhat broken English. \u201cUnder the rules of the law, you face a heavy fine or arrest.\u201d<\/p>\n Although these types of attacks are commonplace, this attack is unusual because the 22,900 databases represented 47 percent of all MongoDB databases accessible online and were successfully targeted.<\/p>\n An advisory warning was issued<\/a> for MSPs by the US Secret Service due to the increase in cyberattacks against managed service providers. The attacks are being conducted to compromise the customer companies of the MSPs, according to the advisory. The attacks that use this method include point-of-sale intrusions and business email compromise (BEC), in addition to various ransomware attacks. The US-based Xchanging MSP is one of the latest victims, and their attackers are still unknown.<\/p>\n Global IT services and solutions provider DXC Technology disclosed an attack on systems of its MSP subsidiary Xchanging<\/a>. Xchanging is mainly known as a managed service provider for companies in the insurance industry; nevertheless, companies from financial services, aerospace and defense, automotive, education, consumer packaged goods, healthcare, and manufacturing fields also appear on its list of customers.<\/p>\n When DXC Technology reported the incident on July 5th, it expressed confidence that it hadn\u2019t spread beyond the Xchanging network.<\/p>\n The cyberattack affected an undisclosed number of customers. According to the company\u2019s notification, the attack resulted in a denial of access to their operating environment. DXC Technology is working with law enforcement and authorities on the investigation, which is usual in cases like this.<\/p>\n Learn about common ransomware attack scenarios and what to do if one of these attacks affects your clients:<\/p>\n Further reading<\/span> Ransomware Attack Scenarios<\/a><\/p><\/blockquote>\n With the increase in the number of employees shifting to remote work, customers are becoming exposed to additional security threats. One of these is consent phishing, which comes in addition to conventional credential theft and email phishing attacks.<\/p>\n Consent phishing is similar to an application-based attack, where the targets are scammed by malicious Office 365 OAuth applications<\/a> (web apps registered by the attackers with an OAuth 2.0 provider) and provide access to their Office 365 accounts.<\/p>\n After successfully getting access to the target\u2019s account, the attackers can access their email, contacts, notes, profile, and files. These may include sensitive information and resources, and anything kept on their corporate SharePoint document management\/storage system or OneDrive for Business cloud storage.<\/p>\n \u201cWhile application use has accelerated and enabled employees to be productive remotely, attackers are looking at leveraging application-based attacks to gain unwarranted access to valuable data in cloud services,\u201d Microsoft Partner Group PM Manager Agnieszka Girling said.![\"CTA\"](\"https:\/\/no-cache.hubspot.com\/cta\/default\/5442029\/4a146d91-d63d-4e82-9aab-1f5f0c43f780.png\")
<\/a><\/span><\/span><\/div>\nUS Secret Service Issues an Advisory Warning for MSPs<\/h2>\n
\nIt was noted that MSPs are usually compromised through their own tools, and these include enterprise applications in addition to open-source software.
\nThese applications and their vulnerabilities are the targets of these bad actors, allowing them to penetrate the MSPs\u2019 IT infrastructure.<\/p>\n![\"CTA\"](\"https:\/\/no-cache.hubspot.com\/cta\/default\/5442029\/dcb611f1-612b-448d-8afd-7e3fea1fccc0.png\")
<\/a><\/span><\/span>\n<\/div>\n![\"Webinar](\"https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2020\/03\/Ransomware_-Prevent-or-Recover-1.png\")
<\/div>\n<\/div>\nMSP Xchanging Suffers Ransomware Attack<\/h2>\n
Office 365 Users Hit by Phishing Attacks Through OAuth Apps<\/h2>\n
\nMicrosoft has also classified \u2014 by evaluating and monitoring trillions of signals \u2014 and disabled malicious Office 365 OAuth apps to block users from accessing them, besides taking legal action to take down domains used in consent phishing attacks.<\/p>\nNew Phishing Scam Using Fake ZoomSuspension Alerts Targets Office 365 Users<\/h2>\n