Security roundup for Oct. 28: Cloud security holes; Facebook vulnerable?; China hackers lambasted

In last week's news, Amazon Web Services vulnerabilities were found and fixed, but other cloud service providers are probably susceptible to similar problems discovered by a German research team at Ruhr University Bochum.

The research team used a variety of XML-based signature-wrapped attacks to gain administrative access of customer accounts, then created new instances of the customer's cloud. They also used cross-site scripting attacks against open source private-cloud framework Eucalyptus, and said the Amazon service was susceptible to cross-site scripting attacks, too. To its credit, Amazon is paying close attention to this research and has worked to correct problems.

MORE SECURITY: Got cyberinsurance?

Potential vulnerabilities in Facebook also got attention last week, with Symantec pointing to an attack technique called cross-site request forgery that allows the attacker to piggyback into an active session. Symantec said it's working with browser vendors on solutions to attacks of this style it's uncovered.

Separately, consultancy CDW posted a blog item about an alleged vulnerability in Facebook that would allow a hacker to send a potentially malicious file to anyone on Facebook. Facebook downplayed the risk.

Well, maybe all this interest in Facebook is due to the countdown to Nov. 5, the day celebrated as Guy Fawkes Day in England, which is the day on which the shadowy hacker group Anonymous last August said it would "destroy" Facebook. Yes, completely destroy. And that's next Saturday ...

Security-event management

Last week IBM officially completely its acquisition of Q1 Labs, and the IBM Security Systems Division is making it clear that the Q1 security information and event management (SIEM) technology will be the centerpiece for IBM security products going forward. The goal is to extend SIEM, which traditionally aggregated and correlated real-time data from security devices such as firewalls and intrusion-detection systems, in several ways, such as combining it with identity management data, as well as business intelligence analytics.

The evolving role of SIEM came up when discussing with the chief security officer at Zions Bancorporation how the multibillion-dollar bank-holding company is adopting the data security warehouse approach. In this arrangement, the SIEM becomes another feed into a massive repository for analytics that can also take in business intelligence. This is all fairly new, but it suggests SIEM, one of the more important technologies advanced over the past half-decade for security, is not standing still.

China in the news, again and again

Last Thursday, The New York Times, The Wall Street Journal and Bloomberg all ran articles highly critical of China on security and human rights grounds, and each article took up a different topic related to information technology.

There was everything from accusations about Chinese hackers trying to hack U.S. satellites, to China out to set up an "Internet management system" to strictly control social-networking and messaging, to Chinese firm Huawei Technologies setting up a surveillance-monitoring system for the Iranian government through the Iranian cellular-telephone system.

Two weeks ago, Chinese-based company Huawei was complaining about getting the cold shoulder for U.S. federal contracts related to an emergency response system.

There are a lot of political nuances that are coming to the fore and information technology, at least on the part of the U.S., is not seen as something that can necessarily be separated from geopolitical security and human rights.

Last week as well, Richard Clarke, former cybersecurity adviser and now CEO and consultant at Good Harbor Consulting, spoke plainly when he said in his discussion of cyberattacks, "Frankly, the government of China is involved in hacking into American companies and taking that information and giving it to Chinese companies. It means our intellectual property is going out the door in petabytes and terabytes."

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags Amazon Web ServicessymantecIBMsecurityFacebook

More about Amazon Web ServicesBlackBerryBloombergCDWFacebookGoogleHuaweiIBM AustraliaIBM AustraliaLANSecurity SystemsSymantecWall StreetZions Bancorporation

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts