Last Week: Google, Gooligan, and Amazon Glue

Google Security 

It has been revealed that over one million Google accounts have been hacked by an attack campaign called “Gooligan” – breaching 13,000 new devices every day. The malware attack was uncovered by a security group who immediately contacted the Google Security team and continue to work closely with Google to combat the malware.

Gooligan could potentially affect any devices running on Android 4 or 5 (that’s Jelly Bean, KitKat, or Lollipop), which accounts for over 74% of in-market devices.

Google’s director of Android security, Adrian Ludwig, released a statement on Thursday, thanking the group for their research and reassuring customers that they are working to fix the problem:

As part of our ongoing efforts to protect users from the Ghost Push family of malware, we’ve taken numerous steps to protect our users and improve the security of the Android ecosystem overall…”

The malware itself exploited known weaknesses in older versions of the Android OS, it used this weakness to take control of devices and install apps and software without permission – using innocuous and harmless sounding names such as StopWatch or Wi-Fi Enhancer. There have also been cases of hackers using the victim’s username and password to post false reviews of the apps. The Malware can access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more – in a similar fashion to the Android malware campaign found by researchers in the SnapPea app last year.

Google have removed associated apps from Google Play, disrupted the servers used by the attackers, and taken steps to secure Google accounts that may have been compromised by the malware.

Amazon Glue

On Thursday at Re:Invent, AWS’s Las Vegas Conference, Amazon announced Amazon Glue, a fully managed ETL (Extract, Transform, Load) service that eases the process of moving data between your data stores. The program is designed to help you through the process of compiling and preparing your data for analytics, and loading it from source to destination with the utmost ease. CTO, Werner Vogels, said during the announcement that they want to turn the accepted notion, that it takes 80% of your time preparing data and only 20% analyzing it, on its head.

AWS wrote in their blog post announcement that:

AWS Glue simplifies and automates the difficult and time consuming data discovery, conversion, mapping, and job scheduling tasks,”

AWS Glue is integrated with Amazon S3, Amazon RDS, and Amazon Redshift, and can be connected to any data store that is JDBC (Java Database Connectivity)-compliant. AWS Glue will trawl through your data sources, identify data formats, and then offer suggested schemas and transformations, to save you the time spent hand-coding data flows. These transformations can be edited using tools like Python, Spark and Git, and shared with other AWS Glue users.

Google App Builder

On Thursday Google released their brand new App Maker, their new, super-fast way for businesses to build apps- to “go from idea to app in days, not months”. App Maker features built-in templates, a drag-and-drop UI editor, point-and-click data modelling, support for open standards (HTML, CSS, Javascript etc), and built in integration with G Suite and Google services like Maps, Contacts, and Groups. All of which work together to help developers move through the process as fast as possible.

Google have been using the buzzword “serverless” to promote the product, given the cloud-based infrastructure and drag-and-drop development. Despite the simplification of the developmental process, there is room for users who want to delve deeper into the coding thanks to the built-in script editor – one that purportedly function like a fully featured IDE (Integrated Development Environment). App Maker is available via Google’s Early Adopter Program for G Suite Business.

By Josh Hamilton

Bi Tools
BI Tools For Data Scientists Many data scientists prefer to use open-source framework to code scripts; after all, it’s something they already trust to work. Business intelligence tools like Qlik Sense, Power BI, or Tableau, ...
Rahul
How to Start Your Cloud Career Cloud computing is the present. And it is the future as well!! In fact, a quote by Chris Howard says, ‘Cloud Computing is a spectrum of things complementing one ...
Bitcoin electricity
Bitcoin Heating? Bitcoin mining or cryptocurrency mining has been widely vilified for it’s environmental impact. Why it does draw a huge amount of energy, more and more of it is coming from renewable sources and ...
Jonathan Custance
IoT –  Part of Your Essential Kit Jonathan Custance, Co-Founder of Green Custard outlines how industrial organisations can leverage IoT to dramatically reduce their carbon footprint  Technological progress and environmental sustainability have always been at ...
Jim Fagan
Subsea Connectivity Digital transformation and the migration of data and applications to the cloud is a global phenomenon. While we may like to think that the cloud knows no borders, the reality is that geopolitics ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.