Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Bitglass Security Spotlight: Google, SynAck, and Drupal

DZone's Guide to

Bitglass Security Spotlight: Google, SynAck, and Drupal

Here are some important headlines in Bitglass security, including news from Google, SynAck, Drugal, and others.

· Security Zone ·
Free Resource

Discover how to provide active runtime protection for your web applications from known and unknown vulnerabilities including Remote Code Execution Attacks.

Here are the top cybersecurity stories of recent weeks: 

  • Google improves G Suite's collaboration capabilities.
  • SynAck ransomware evades antivirus software.
  • Drupal websites subject to cryptojacking.
  • Nigelthorn malware targets Facebook users to mine cryptocurrency.
  • 211 LA County exposes 3.2 million files through AWS misconfiguration.

Google Improves G Suite's Collaboration Capabilities

Google has recently revamped its ability to integrate with a variety of other cloud services in an effort to bolster its position as a leader in collaborative cloud services. G Suite was recently found to be trailing Office 365 in enterprise adoption. This is more than two times as many organizations as those that have chosen Microsoft's offering as Google's

SynAck Ransomware Evades Antivirus Software

The SynAck ransomware has resurfaced in a new and improved form. The threat is now capable of employing the Process Doppelgänging technique. This means that the ransomware can hide its nefarious activities through code injection on Windows machines, inhibiting antivirus software's ability to detect it. 

Drupal Websites Subject to Cryptojacking

Drupal-based websites have been exposed by vulnerabilities in the underlying Drupal platform. Malicious parties have been leveraging said security gaps in order to infiltrate websites and use them to engage in malicious cryptomining. This trend of cryptojacking is becoming fairly commonplace. 

Nigelthorn Malware Targets Facebook Users to Mine Cryptocurrency

New malware called Nigelthorn is infecting Facebook users through means like faux direct messages to steal their credentials and install scripts for malicious cryptomining. This is similar to the recent Stresspaint malware that also targeted Facebook users' credentials. 

211 LA County Exposes 3.2 Million Files Through AWS Misconfiguration

Nonprofit organization 211 LA County is the most recent firm to suffer from a misconfiguration in its AWS S3 bucket. The NPO's security mistake left 3.2 million files publicly available — files that contained personally identifiable information. For those that 211 LA County serves, this means that their personal information has been exposed to potentially nefarious parties. 

While malware continues its assault upon the cloud, cloud access security brokers (CASBs) should be used to defend against zero-day threats in any cloud application (whether G Suite or Office 365). To learn more, download the Zero-Day Solution Brief. 

Find out how Waratek’s award-winning application security platform can improve the security of your new and legacy applications and platforms with no false positives, code changes or slowing your application.

Topics:
security ,malware ,cryptojacking ,cybersecurity

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}