A report on Cloud Adoption and Risk from McAfee, who polled 1000 enterprises worldwide, has highlighted that while organisations benefit from the better security offered in the cloud there are some exceptions.

Poorly configured cloud infrastructure is an increasing problem according to the report:

  • about 5% of Amazon S3 buckets are misconfigured rendering the contents publicly accessible
  • only 36% of those polled said they could enforce Data Loss Prevention
  • just 33% can control collaboration settings to determine how data is shared
  • only 26% of IaaS users said they could audit configuration settings

The NCSC has issued guidance, in the form of the Cloud Security collection, which draws upon our experience of implementing cloud services. It includes guidance that lays out your responsibilities when building in IaaS. We have discussed the importance of configuring cloud services properly and, as an example, talked through the challenges of configuring storage well in in a cloud service

Organisations urged to patch Microsoft Azure

Microsoft has urged Azure users to update their systems following the discovery of a new attack campaign targeting Linux Exim email servers.

Microsoft has confirmed that the attack affects servers running Exim version 4.87 to 4.91.

Customers have been asked to observe Azure security best practices and to patch or restrict network access to VMs running the affected versions of Exim.

Security researchers at Cybereason have suggested that the vulnerability can be exploited to gain remote command execution on the target machine, search the Internet for other machines to infect, and initiate a crypto miner.

Patching is one of the most important things an organisation can do to mitigate vulnerabilities. The NCSC has guidance on managing vulnerabilities and recommends that organisations perform vulnerability assessment of their entire estate on a monthly basis.

Free decryption tool for GandCrab ransomware

A new decryption tool that counters GandCrab ransomware by allowing victims to retrieve their files for free has been launched.

The tool is a collaborative effort by Europol, the UK’s National Crime Agency and Met Police, the FBI, cybersecurity company Bitdefender, and others.

The decryptor neutralises GandCrab 5.0 through to GandCrab 5.2, as well as allowing users to retrieve files encrypted by older versions of the ransomware.

It is available to download from both Bitdefender Labs and the No More Ransom project.