Today’s topics include a move by Google to have its Chrome browser block bad ads; Microsoft extending its Azure safety net for Windows Server cloud backups; OneLogin suffering a data breach through stolen AWS cloud keys; and IBM discovering the QakBot Trojan is locking out active users.
Sometime early next year, Google’s Chrome browser will stop showing ads on websites that are deemed as noncompliant with standards developed by a consortium of companies including Google, Facebook, Thomson Reuters and News Corp.
To prepare web publishers for the move, Google last week released information designed to help them understand how the so-called Better Ads Standards will apply to their websites so they can identify and remedy any issues before the change happens. Google’s Ad Experience Report includes screenshots and videos of the kinds of ads that will be blocked starting next year. It also includes tools that content publishers can use to test whether Google will be able to correctly display ads on their site.
The goal, according to Google, is to ensure that annoying and intrusive ad experiences on certain websites do not cause internet users to block all ads, as many do these days, resulting in revenue loss for content creators.
In its latest stab at cloud-based data protection for enterprises, Microsoft is making it easier for Azure Backup customers to bounce back from Windows Server mishaps or, worse, debilitating ransomware attacks.
Moving beyond simple data backups, Microsoft last week announced an expansion of the features in its Azure Backup agent software that also take a server’s operating system and application configuration into account, enabling businesses to quickly resume operations with a minimum of server setup chores.
The cloud backup now integrates with the Windows Server System State feature that has been available in the operating system since Windows Server 2008 Release 2.
Online password manager service OneLogin reported on May 31 that it was the victim of a data breach that exposed its users and their data to risk. Initially the company provided few details, but late on June 1, the company revealed that attackers had infiltrated OneLogin’s cloud back end and had unfettered access for 7 hours prior to being detected.
OneLogin is using Amazon Web Services as its cloud provider and at approximately 2 a.m. PDT on May 31, a hacker was able to use OneLogin’s AWS credentials. OneLogin’s AWS keys were used by the attacker from a smaller, unidentified service provider in the U.S. that was able to create new virtual server instances to get visibility and perform reconnaissance into OneLogin’s operations.
The QakBot financial Trojan has been active since at least 2011 stealing information from banks and end users around the world, but now the attacks have taken a new twist. They are locking out Microsoft Active Directory system users, according to research from IBM’s X-Force team.
“The X-Force Incident Response and Intelligence Services team observed a spike in the QakBot-related [Active Directory] lockouts over the past several weeks,” Michael Oppenheim, global research lead for IBM X-Force IRIS, told eWEEK.
With QakBot, IBM X-Force researchers found that the malware is attempting to spread through an infected network, utilizing the credentials of the affected machine and user, which in part is triggering the Active Directory lockout issues.