Cloud
Critical Vulnerability Found in Google Cloud Functions
Tenable has disclosed that its Tenable Cloud Research Team has discovered a vulnerability in Google Cloud Platform (GCP), involving its Cloud Function serverless compute service and its Cloud Build CI/CD pipeline service. GCP has remediated ConfusedFunction for future Cloud Build accounts, however existing Cloud Build instances remain at risk with immediate evasive action required.
Cloud Functions in GCP are event-triggered, serverless functions. They automatically scale and execute code responding to specific events like HTTP requests or data changes. A multi-step backend process is triggered when a GCP user creates or updates a Cloud Function. This process, among other things, attaches a default Cloud Build service account to the Cloud Build instance that is created as part of the function’s deployment. This default Cloud Build service account gives the user excessive permissions. This process happens in the background and isn’t something ordinary users would be aware of.
An attacker who gains access to create or update a Cloud Function can take advantage of the function’s deployment process to escalate privileges to the default Cloud Build service account and other GCP services including Cloud Storage, and Artifact Registry or Container Registry. By exploiting the deployment flow and the flawed trust between services an attacker could run code as the default Cloud Build service account.
“The ConfusedFunction vulnerability highlights the problematic scenarios that may arise due to software complexity and inter-service communication in a cloud provider’s services,” explains Liv Matan, senior research engineer, Tenable. “To support backward compatibility, GCP has not changed the privileges from Cloud Build service accounts created before the fix was implemented. This means that the vulnerability is still affecting existing instances and we highly recommend customers take immediate action.”
GCP confirmed it had remediated ConfusedFunction, to some extent, for Cloud Build accounts created after February 14, 2024. While the fix has reduced the severity of the problem for future deployments, it hasn’t eliminated it. For every cloud function using the legacy Cloud Build service account, the advice is to replace it with a least-privilege service account.
Cloud
Veeam Bolsters Data Resilience for 21M Microsoft 365 Users
Veeam Software has announced the next generation of Veeam Data Cloud for Microsoft 365 with the new capabilities offered by Microsoft 365 Backup Storage. Veeam Data Cloud, built on Microsoft Azure, provides backup-as-a-service (BaaS) for Microsoft 365, enabling data resilience and leveraging powerful data protection and security technology within a simple, seamless user experience.
As a launch partner for Microsoft 365 Backup Storage, Veeam is leveraging the latest Microsoft technology with Veeam Data Cloud for Microsoft 365 to deliver lightning-fast backup and recovery capabilities for large Microsoft 365 environments, ensuring organizations protect critical data against cyber-attacks and data loss scenarios, further enabling complete data resiliency. This solution further strengthens Veeam’s position in protecting Microsoft 365 users, with over 21 million users already under Veeam’s protection.
“One of the benefits of our multi-year strategic partnership with Microsoft is rapidly bringing new advances to our joint customers and partners. This new release combines the benefits of Veeam’s industry-leading technology – in both data protection and ransomware recovery – with the latest Microsoft 365 data resilience capabilities introduced by Microsoft, and extends them to even more customers using Microsoft 365. In addition, we’re making great progress in our joint innovation bringing the power and insights of Microsoft Copilot to the Veeam product family,” said John Jester, Chief Revenue Officer (CRO) at Veeam.
Microsoft’s new backup technology is seamlessly embedded inside Veeam’s backup service for Microsoft 365, combining the new high-speed backup and recovery capabilities with Veeam’s established and unmatched restore and eDiscovery options tailored to meet any potential data loss and compliance scenario. This powerful fusion, where speed and scale meet control and flexibility, empowers organizations with the best of both worlds. “The collaboration with Veeam is an advancement in assisting our shared clients with quick recovery after cyber incidents. We look forward to deepening our collaboration to improve data protection for users,” said Zach Rosenfield, Director of PM for Collaborative Apps and Platforms at Microsoft.
Veeam Data Cloud for Microsoft 365 with Microsoft 365 Backup Storage delivers:
- Speed and Scale: This latest offering from Veeam and Microsoft is designed to manage large volumes of data seamlessly, with the ability to protect and restore 100+ TBs of data or 10,000+ objects. With this advanced solution, what used to take weeks or months is now accomplished within hours.
- Disaster Recovery: This new solution offers bulk restores at scale, ensuring increased resilience to ransomware or malware attacks and minimizing downtime. Veeam Data Cloud for Microsoft 365 with Microsoft 365 Backup Storage empowers organizations to bounce back quickly from any data loss scenario. Organizations no longer have to choose between paying a ransom or enduring weeks or months of data restoration.
- Future Readiness: As part of a new 5-year strategic partnership, Veeam is developing future solutions with Microsoft integrating Microsoft Copilot and Azure AI services to enhance data protection for Microsoft 365 and Azure. These solutions will simplify operations, automate administrative tasks, and allow organizations to allocate resources to business-critical initiatives, ensuring they stay ahead in a rapidly changing digital landscape.
“As adoption of Microsoft 365 increases, the volume and criticality of their associated data sets is also growing,” said Krista Macomber, Research Director at The Futurum Group. “Without the proper data protection solution, this can lead to highly time-consuming, cumbersome backup processes – ultimately resulting in delayed, missed, or incomplete backups. Equally an issue, it can also lead to slow and incomplete recovery processes. This cannot be afforded, especially given the need for resiliency against the onslaught of cyber-attacks. Veeam is directly addressing these challenges with the most recent update to its Microsoft 365 backup capabilities.”
5G
GSMA NESAS & MCKB: Leading the Way in Mobile Network Security International Standards for Regulators and Operators in the Region
As our interconnected digital world becomes essential, new technologies like 5G, cloud computing, big data, and AI create exciting possibilities. However, vulnerabilities increase alongside these advancements. Over 100 countries now have data protection laws, highlighting the growing focus on cybersecurity.
As the deployment of 5G technology and its next generation, 5G-Advanced (5G-A), which was already announced this year by global vendors like Huawei, mobile networks are increasingly becoming the backbone of our digital life, and robust cybersecurity standards and good practices are paramount for telecom authorities and operators.
Pioneering 5G deployment, Saudi Arabia and the GCC are now upgrading to 5G-Advanced for even greater value.
The telecom industry, constantly adapting, integrates cloud and AI with these networks, driving new digital business models. Telecom’s role in national security necessitates robust cybersecurity. Regulators, operators, and industry stakeholders in the region must collaborate to identify best practices and implement measures to safeguard networks, systems, and data from cyber threats. This cross-sector effort requires close cooperation with service providers, equipment manufacturers, and government agencies to mitigate risks, develop best practices, and raise cybersecurity awareness.
At the recently concluded MWC Shanghai 2024 organized by GSMA, the ‘Middle East and Central Asia ICT Policy and Governance Forum’ round table, themed “Driving Policy and Innovation to Shape Our Digital Future”, mobile network security took centre stage. The forum brought together a wide range of stakeholders, including senior officials from GSMA, regulatory authorities, operators, Huawei, and the China Academy of Information and Communications Technology, to discuss industry policies, successful practices, and valuable insights on network security and key industry trends.
The round table discussed the importance of spectrum, optical, and datacom policy planning and explored how carriers, enterprises, oversight agencies, and regulators can enhance mobile security capabilities and guide risk management strategies. The discussions also sought to promote the adoption of GSMA’s Network Equipment Security Assurance Scheme (NESAS) and Mobile Cybersecurity Knowledge Base (MCKB). Attendees also reviewed industry policies and best practices, with examples from China’s successful use cases.
Mr. Jawad Abassi, Head of MENA at GSMA, who moderated the roundtable discussion, said, “The GSMA regularly explores a range of security considerations including secure by design, 5G deployment models and security activities. Good security practices and policies by industry suppliers are essential. The mobile ecosystem should empower advancing positive policy and spectrum outcomes, driving digital innovation to reduce inequalities in our world and tackling today’s biggest societal challenges.”
GSMA NESAS is a rigorous security framework covering some of the most vital aspects of national critical infrastructure. Providing a universal industry standard, it highlights the ability of network equipment vendors to meet and maintain security levels—from product development to lifecycle management processes. Specifically, it covers equipment that supports functions defined by 3GPP and is deployed by mobile network operators on their networks.
NESAS is a trusted and proven standard for tracking records across the world. Vendors’ equipment is tested and audited against a security baseline defined by industry experts through GSMA and 3GPP. It reflects the security needs of the entire ecosystem – including regulators, mobile network operators, hyperscalers, and equipment vendors. The standard continually evolves to meet the needs of the whole industry, based on 3GPP + GSMA standards – avoiding security requirements fragmenting regionally. The GSMA works with internationally recognized partners to audit and test equipment, with selection criteria agreed upon by the GSMA NESAS Oversight Board.
Audits and evaluations allow experts to give in-depth feedback and analysis – helping vendors improve their processes and products while enhancing security across the wider industry. The list of accredited vendors provides near real-time visibility of security status, allowing procurement teams to make informed decisions and comparisons. Huawei’s 5G wireless and core network equipment (5G RAN gNodeB, 5G Core UDG, UDM, UNC, UPCF) and LTE eNodeB were the first to pass the GSMA’s Network Equipment Security Assurance Scheme (NESAS). With one transparent and independent global scheme reflecting the security needs of the entire ecosystem, regulators in the region can take advantage of clear guidance and support for national security mitigations.
GSMA has created the Mobile Cyber Security Knowledge Base (MCKB), which offers the combined knowledge of the 5G ecosystem to increase trust in 5G networks and make the interconnected world as secure as possible. The Knowledge Base is regularly enhanced and extended to respond to the evolving cybersecurity threat landscape.
The 5G Cybersecurity Knowledge Base is an industry effort that composes a comprehensive threat landscape designed to help key stakeholders such as MNOs, equipment vendors, regulators, application developers, and service providers understand the security threats posed by 5G networks in a systematic and objective fashion.
It provides essential insights for the stakeholders’ risk management strategy as well as guidance covering best practices and risk mitigation measures. The Knowledge Base will help enhance 5G security competencies and capabilities and strengthen the work of carriers, enterprises, oversight agencies, and regulators. At an operational level, the Knowledge Base offers clear instructions for taking step-by-step actions to build security assurance while considering the entire risk spectrum of 5G end-to-end networks.
Jeff Wang, President of the Public Affairs and Communications Department at Huawei, said, “To fully reap digital dividends, we need to pay more attention to enhancing connectivity, embracing digital application, and empowering digital talent.” The forum discussions provided recommendations for various countries in the region based on their specific needs and achievements in these areas and the need to specifically improve their optical fibre networks to ensure homes and offices have the speed and stability for these advancements.
The forum spotlighted the robust national network development strategies aligned with visions and key industries crucial for the growing demand for advanced services that necessitate network upgrades, vital for ambitious projects, as is the case of Saudi Arabia’s 10Gbs Society. Supportive policies from governments will incentivize carriers and enterprises to invest in infrastructure optimization.
Lin Yanqing, Principal Consultant, Industry Policy Public & Government Affairs, Huawei Technologies and Aloysious Cheang, Chief Security Officer, Huawei Middle East and Central Asia, joined the round table discussions and reiterated that Huawei has taken a proactive approach to telecom cybersecurity standardization. Cheang said, “Cybersecurity is a team sport, and together with GSMA, we can leverage their good work, such as NESAS and MCKB, that will lay the foundation to secure broadband, 5G, 5G-A, and beyond.”
The company works with the GSMA, the ITU, the 3GPP, and others, as well as through partnerships with security organizations and companies, to ensure the security of its customers and promote the healthy development of the mobile ecosystem, the executives explained. Huawei has passed NESAS/SCAS 2.0 evaluations for its 5G base station and NESAS audits for its RAN and core network, demonstrating the company’s commitment to cybersecurity. Saudi Arabia’s Vision 2030 fuels a digital revolution, prioritizing network investment. As the digital backbone, robust networks are essential for faster internet, advanced services, and a secure, sustainable digital economy.
Artificial Intelligence
Cloudflare Launches Tool to Block AI Bots
Cloud service giant Cloudflare is taking a stand against rogue AI bots scraping website data for training models. Their newly launched, free tool aims to combat this growing problem. The issue lies with some AI vendors, like Google, OpenAI, and Apple, who allow website owners to block data-scraping bots through robots.txt files. However, as Cloudflare points out, these blockers are often ignored, leaving website owners vulnerable.
To address this, Cloudflare has developed advanced bot detection models specifically trained to identify AI bots. These models analyze traffic patterns and behaviour, including attempts to mimic human web browsing activity. This allows them to catch even the most cunning scraper bots. Cloudflare has also implemented a reporting system for website owners to flag suspected AI bots and crawlers. They plan to continuously update their blacklist based on user reports and manual investigations.
The rise of powerful generative AI models has fueled a massive demand for training data. This has led to a surge in AI scraper bots, often operating without permission or compensation for the data they collect. Many websites are opting to block these bots entirely. Studies show a significant number of top websites blocking bots used by leading AI companies. However, some vendors seem to disregard these blockers, prioritizing data collection over user consent.
Blocking all bots can have unintended consequences. Some AI tools, like Google’s AI Overviews, exclude websites that block specific crawlers. This can limit valuable referral traffic for website owners. Cloudflare’s tool offers a potential solution, but its effectiveness hinges on the accurate detection of these clandestine AI bots. The ongoing battle between website owners and AI companies highlights the need for a clearer regulatory framework to govern data collection practices in the AI training landscape.
-
Cyber Security1 week ago
Global Cybersecurity Efforts Gain Momentum, But More Action Needed
-
Cyber Security1 week ago
Proofpoint Sets New Standard for Human-Centric Security
-
Homeland Security1 week ago
Homeland Security Market is Expected to Surpass $900 Bn By 2032
-
Homeland Security1 week ago
Lockheed Martin Delivers C-130J Super Hercules to Egypt
-
Events1 week ago
GITEX Digi_Health 5.0 Expo-Summit Asia Launches in Thailand
-
Cyber Security2 days ago
UAE and Saudi Arabia Face Unprecedented 70% Rise in Threats: Positive Technologies
-
Cyber Security2 days ago
BotGuard OÜ to Offer Live Demos at GITEX GLOBAL 2024
-
Cyber Security14 hours ago
AmiViz Champions Cybersecurity Innovation at Leading MENA Events