Adobe Creative Cloud PDFs Source of New Threats to Office 365, Gmail

This week’s cloud news roundup also features initiatives from Civo, SADA and Arrow Electronics.

Kelly Teal, Contributing Editor

January 14, 2022

5 Min Read
Adobe Creative Cloud
Wachiwit/Shutterstock

It’s not the most high-profile week for cloud computing news, but there is some activity channel partners need to review. The most significant development comes from a report that shows threat actors have found a way to exploit trust in Adobe Creative Cloud. Cloud managed service providers and managed security service providers must remain on the alert, and the defensive. There are certain precautions you can implement for customers. Read more about all of that below.

Plus, find out what Civo is doing to entice new companies to use the cloud. Learn what Google Cloud-only MSP SADA is doing to accommodate the cloud adoption journey. And find out how Arrow Electronics is helping channel partners adjust to those not-so-simple Microsoft New Commerce Experience changes.

Hackers Target Office 365, Gmail Users Through Adobe Creative Cloud

Cybersecurity company Avanan says threat actors are using Adobe Creative Cloud to attack Office 365 and Gmail users.

The hackers create an Adobe account and then import a PDF file into cloud storage. That file holds links to sites that harvest user credentials. When the hackers share the files through Adobe Creative Cloud, they look legit – “innocent,” Avanan says, because Adobe is a trusted sender worldwide – and they can bypass endpoint protection software. Hackers can also track recipients who open and click in the PDF, Avanan says. (Recipients may get drawn in by the titles that create a sense of urgency, the company warns.)

Avanan first discovered the exploit last month. One way to tell the purported Adobe Creative Cloud PDFs are less than innocent? “Notice the grammatical errors,” Avanan points out.

Cloud and security channel partners should step in with safeguards that use more artificial intelligence and that open PDFs in a sandbox where all links can be safely inspected.

Civo Entices Startups to Rely on Cloud with Cost-Control Promo

U.K.-based Civo, which bills itself as a Kubernetes-powered cloud-native service provider, has kicked off its Startup program. The initiative gives startups one year of free credit to keep cloud costs under control, Civo says.

The company aims to address the ongoing problem of how to prevent unpredictable cloud expenses. As channel partners know, cloud resources can easily eat up the IT budget. Civo says its internal survey of 1,000 cloud developers indicates that almost half (47%) had trouble determining how much they would pay each month. Another 45% said they got an unexpected bill from a cloud provider.

To combat the issue, Civo says it’s giving emerging businesses up to a year of free credit, plus training and mentorship, access to support and more.

Boost-Mark_Civo.jpeg

Civo’s Mark Boost

“It’s time to put a stop to the surprise billing tactics employed by big cloud providers, and to support businesses by shaping the skills of the teams they have,” Civo CEO Mark Boost said in a press release. “We aim to help those in need circumvent these issues to access the cloud’s full potential.”

SADA Amps up the ‘POWER’

This week, Google Cloud-only managed services provider SADA debuted a swath of new capabilities dubbed SADA POWER.

The portfolio is more than a package of services. Rather, the lineup mirrors the customer journey when integrating Google Cloud, SADA says. To that end, there’s a planning component, followed by …

… testing and proof of concept. Then come implementation and managed services and support.

CTO Miles Ward told Channel Futures that SADA developed POWER over the last two years.

Ward-Miles_SADA-Systems-135x150.jpg

SADA Systems’ Miles Ward

“It was one of the first efforts we started to think about as I came on board as CTO, and our services work has been accruing to this point since then with customers going through the process,” he said. “These services were developed from learnings and patterns in customer engagements over the past year or so, with increased focus and investment in 2021 to get us to where we are today.”

And while the cadence of the services does not necessarily reflect a new or unique idea, it does come at a significant time.

“As we continue to navigate the pandemic, digital transformation efforts are no longer a ‘nice to have,’ but an existential need — and becoming a cloud-first organization is a great first step to transforming a business,” Ward said.

Perhaps more to the point is that what SADA has launched represents where the MSP sector itself needs to head.

“What we see from customers is a need for both capabilities: a full consultative, custom, bespoke approach together with best-practice packages that simplify and accelerate the path to value,” Ward said. “MSP’s who can’t approach with confidence, dynamism and an astute technical approach will struggle.”

ArrowSphere Changes Help Partners Manage Microsoft’s New Commerce Experience

Microsoft’s New Commerce Experience is underway and the changes affecting Office 365 and other platforms are not simple to digest.

In response, Arrow Electronics said this week it has upgraded its ArrowSphere management platform accordingly. The distributor’s enterprise cloud computing arm now offers channel partners tools for streamlining the transition to NCE, it says. (We covered the impact of this change earlier this week — get up to speed here.)

Gourmelen-Eric_Arrow-135x150.jpg

Arrow’s Eric Gourmelen

The ArrowSphere additions help users “to easily understand, purchase and manage products with the new license terms and pricing models,” said Eric Gourmelen, vice president of IT for global cloud at Arrow’s enterprise computing solutions business. “Feedback from early adopters has been extremely positive.”

New capabilities include:

  • Identification of all New Commerce Experience products.

  • Consolidated management of existing and NCE products, supporting staged migration.

  • Inclusion of Microsoft’s new business rules so partners know purchases adhere to the new terms and conditions.

  • Safeguards and alerts to protect against mistaken purchases.

  • Support for individual and bulk migration of subscriptions.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Kelly Teal or connect with her on LinkedIn.

Read more about:

MSPs

About the Author

Kelly Teal

Contributing Editor, Channel Futures

Kelly Teal has more than 20 years’ experience as a journalist, editor and analyst, with longtime expertise in the indirect channel. She worked on the Channel Partners magazine staff for 11 years. Kelly now is principal of Kreativ Energy LLC.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like