Today’s topics include Microsoft offering free OneDrive to Box, Dropbox and Google Drive customers; a water utility in Europe hit by a cryptocurrency mining attack; Dell EMC launching three Epyc-based servers; and Uber detailing its bug bounty breach payout in court.
Microsoft announced Feb. 6 that it is giving free OneDrive access to existing business customers of Box, Dropbox or Google Drive for the duration of their contract. The deal requires a minimum commitment of 500 users, and businesses can’t already be customers of OneDrive or Office 365.
Microsoft is also offering migration and onboarding support through its FastTrack service as part of the deal. One of the selling points that Microsoft stresses in its offer is that Office 365 is the only service that allows real co-authoring collaboration in Office documents on all platforms.
Google, however, has responded to Microsoft’s deal by announcing a day later the ability to mark up Microsoft Office documents in Google Drive. The Google commenting tool allows task assignment and interactive comments and supports replies. While it’s not as complete as the interactive editing you can do within Office 365, it will meet the needs of many organizations, Google believes.
Security firm Radiflow discovered cryptocurrency mining malware in the network of an undisclosed water utility provider in Europe. This marks the first public discovery of an unauthorized cryptocurrency miner impacting industrial control systems or SCADA servers. In a cryptojacking attack, cryptocurrency mining code is deployed without authorization on a system or a network.
While Radiflow is still in the early stages of the investigation, it has determined that the cryptocurrency mining software was on the water utility’s network for approximately three weeks before it was detected.
The malware was likely downloaded from a malicious advertising site. The primary theory is that an operator at the water utility opened a web browser and clicked on an advertising link that installed the mining code on the system.
Dell EMC is turning to Advanced Micro Devices and its Epyc processors to power three new servers, giving enterprises another processor option beyond Intel. The new servers, available now, can handle the new workloads emerging in a fast-changing data center environment featuring trends like the cloud, the internet of things and data analytics.
The PowerEdge R6415 is an ultra-dense system that can scale out and offer flexible storage capabilities through up to 10 PCI NVMe drives. The PowerEdge R7415 is certified as a vSAN Ready Node, offering up to 20 percent better total cost of ownership per four-node cluster for vSAN deployments at the edge than competitive systems.
The PowerEdge R7425 supports containers, hypervisors, virtual machines and cloud computing and runs such high-performance computing workloads as computational fluid dynamics.
Uber Chief Information Security Officer John Flynn appeared before a U.S. Senate committee on Feb. 6 to explain how a bug bounty was used to help cover up Uber’s 2016 data breach that exposed personally identifiable information on its drivers and users. Uber paid the attackers $100,000 to keep the data safe, but did not reveal that it paid the attackers via the HackerOne bug bounty program in an effort to cover up the breach.
Flynn said that through the program, Uber has been able to fix 800 system vulnerabilities and has paid out approximately $1.3 million in awards to security researchers.
“We recognize that the bug bounty program is not an appropriate vehicle for dealing with intruders who seek to extort funds from the company,” Flynn said. He added that it was wrong not to disclose the 2016 breach earlier as it should have been disclosed in a timely manner.