Today’s topics include Oracle expanding its cloud business with a next-generation data center in Canada, and Chinese hacker group Rocke taking a new approach to installing cryptominers.
Oracle last week revealed exclusively to eWEEK the opening of a Toronto data center to support regional customer demand for Oracle’s public cloud.
Oracle Cloud Infrastructure is an enterprise infrastructure-as-a-service platform that companies of various sizes use to run enterprise and cloud-native applications with high-end performance and core-to-edge security. Oracle runs both traditional and new-gen workloads on a cloud system that includes compute, storage, networking, database and containers.
The company didn’t disclose how much the new facility is going to cost, but new-gen enterprise data centers—especially ones with high-performance systems that Oracle makes—can easily cost in the eight-figure realm.
Oracle added that by the end of this year, it also plans to open additional data centers in Australia, Europe, Japan, South Korea, India, Brazil, the Middle East and the United States.
According to a report released on Jan. 17 by Palo Alto Networks’ Unit 42 security research division, the Rocke hacker group in China is actively exploiting servers and gaining administrative access, then uninstalling security software and, in its place, installing unauthorized cryptocurrency mining software.
The group has uninstalled five different cloud security protection and monitoring products from cloud servers running Linux, including the Cloud Workload Protection Platform offerings from Tencent Cloud and Alibaba Cloud. The group is exploiting existing, known vulnerabilities in multiple applications to gain access to the servers.
Among the vulnerabilities attacked are Apache Struts 2, Oracle WebLogic and Adobe ColdFusion. Struts in particular has been an actively targeted application, and an unpatched Struts server was the core of the massive Equifax data breach that was reported in 2017.