The cloud is full of zombies, but that's OK

IBM discloses vulnerability in Dropbox's Android SDK Problems reported with Microsoft patch KB 3002657, warning issued on KB 3046049

TechBrief March 11, 2015 The cloud is full of zombies, but that's OK Microsoft wants you to believe that Amazon Web Services is "a bridge to nowhere," but nothing could be further from the truth. In fact, as Gartner says, "New stuff [workloads] tends to go to the public cloud ... and new stuff is simply growing faster” than the traditional workloads that currently feed the data center. Most of that “new stuff” is heading for AWS, although Microsoft Azure is an increasingly credible play. Also read: Microsoft Azure is giving Amazon a run for its cloud money And: Can Amazon Web Services be stopped? READ MORE   Issue highlights 1. IBM discloses vulnerability in Dropbox's Android SDK 2. Problems reported with Microsoft patch KB 3002657, warning issued on KB 3046049 3. Facebook nets billions in savings from Open Compute Project 4. Microsoft fixes FREAK vulnerability in Patch Tuesday update White Paper: Damballa ESG Lab Spotlight: Damballa Failsafe with HP TippingPoint The Need for Certainty and Automation in Network Security – Damballa Failsafe with HP TippingPoint: ESG believes this may be the most effective means for reducing risk and combatting advanced malware attacks. Damballa and HP have partnered to bring a joint solution to the market to help automate responses to infections.LEARN MORE IBM discloses vulnerability in Dropbox's Android SDK Security researchers at IBM have found a vulnerability in Dropbox's Android SDK, versions 1.5.4 through 1.6.1, which allows attackers to connect applications on mobile devices to the Dropbox accounts they control. IBM and Dropbox have been working together since December to verify and patch the vulnerability. Check out the Insider report: How to take advantage of Dropbox for Business APIs READ MORE Problems reported with Microsoft patch KB 3002657, warning issued on KB 3046049 Yesterday brought an enormous round of patches from Microsoft: 14 security bulletins, 43 separately identified security holes, and a fury of updated programs. (Definition: A fury is much more than a hundred but probably fewer than a thousand.) It's still much too early to declare this month's round of updates safe, of course, but I've only heard of a couple problems so far. Check out the slideshow: 20 epic Microsoft Windows Automatic Update meltdowns READ MORE White Paper: Damballa Finding Advanced Threats Before They Strike Enterprise security teams are on a high state of alert to keep up with ever-morphing advanced threats. This SANS Institute review shows how Damballa Failsafe can be the first and last line of defense. READ NOW Facebook nets billions in savings from Open Compute Project Facebook, by adhering to the Open Compute Project it founded in October 2011, has saved more than $2 billion over the past three years, a company official said at the Open Compute Summit Conference in Silicon Valley. Also read: 4 ways the Open Compute Project will impact hardware designREAD MORE Microsoft fixes FREAK vulnerability in Patch Tuesday update With the latest Patch Tuesday release, Microsoft is fixing the FREAK vulnerability that could help attackers intercept secured network communications.The security bulletin is one of 14 Microsoft issued Tuesday, five of which are marked critical, meaning administrators should apply them as quickly as possible. Also read: Time to FREAK out? How to tell if you're vulnerable READ MORE White Paper: Proofpoint, Inc. Analysis of Cybercrime Infrastructure Proofpoint security researchers have published an analysis that provides a detailed and rarely seen inside view of the infrastructure, tools and techniques that enabled a cybercrime operation to target online banking credentials for banks in the United States and Europe, infecting over 500,000 PCs. VIEW NOW>>