Monday here at the show, as I’ve written before, is quiet. As far as RSAC is concerned, the only people here really are the vendors and their staff, a few press and analyst types, conference organizers, and the workers putting the expo hall together. I’ve always thought of this day as the calm before the storm.

RSAC isn’t a hacker conference; it’s a business conference. It’s been around since 1991, and has grown quite a bit since then. Last year, nearly 30,000 people attended, along with more than 350 vendors.

Google plans to serve most of its ads over encrypted HTTPS connections by the end of June, a move that will protect against some ad hijacking attacks and will encourage website owners to enable encryption on their Web properties.

However, malicious advertising attacks that direct users to Web-based exploits will still be possible and, because of the new encryption, it will be harder for security researchers to pinpoint their source.

Optus Business has partnered Microsoft to offer enterprise and government customers an Azure enabled solution on the software giant’s Cloud OS network.

The Microsoft solution expands Optus’ cloud capability and provides enterprise and government customers a private cloud solution to use Microsoft products on any cloud deployment model while meeting enterprise-grade requirements for security, performance, and availability.

Optus business managing director, John Paitaridis, said, increasingly, customers wanted more flexibility in the way they used their Cloud environment to realise the benefits of as-a-service and consumption-based models.

“We are excited about this partnership which means that Optus enterprise and government customers can benefit from a combination of industry-leading Microsoft technology and Optus’ managed Cloud and hosting expertise,” he said.

As a member of the Microsoft Cloud OS Network, Optus can offer our customers data sovereignty, security, privacy, service level management and the ability to customise their Cloud deployments.

Optus’ Microsoft Cloud professional services delivery was recently strengthened by the acquisition of IT professional and managed services company Ensyst.

Ensyst is Microsoft’s 2014 Australian Country Partner of the Year and Worldwide Cloud Excellence Partner.

Read more:New Pure Storage executive line-up overhauls global channel strategy

Microsoft Australia managing director, Pip Marlow, said the Cloud OS Network program was for service providers who had embraced the vision of Cloud computing.

“Through this partnership with Microsoft, Optus can now deliver solutions based on the Microsoft Cloud Platform designed to meet enterprise customers’ hybrid computing needs,” she said.

“Optus can offer customers more flexibility and control when it comes to managing the Cloud environments.

Read more:EXCLUSIVE: Dell names new A/NZ channel director

Marlow said Cloud was all about creating new opportunities more quickly, improving employee productivity and lowering costs.

“This new partnership helps Australian organisations to achieve these goals,” she said.

Paitaridis he would share more about the company’s broader Cloud strategy at the annual ICT thought leadership event — Optus Vision — next month in Sydney.

Read more:Interviews galore added in 5 for 15 and 15 for 15

Optus Vision 2015 will be held on May 27 at Sydney Town Hall.

Leading industry experts will focus on change-readiness and discuss how businesses can retain a competitive edge in the face of rapid technological change, rising customer expectations and the emergence of disruptive business models.

Last month, Optus Business confirmed it was one of the first major telco and ICT providers to join the Federal Government’s Cloud Services Provider’s panel.

Twitter revised its privacy policy over the weekend, changing where it handles the account information of users outside the U.S. and clarifying some points.

As of Saturday, account information for Twitter users outside the U.S. is handled by Twitter International in Dublin, Ireland. This means that all account information will be subject to Irish privacy and data protection law, which is based on the European Union’s Data Protection Directive, Twitter said on its site.

The accounts of U.S. users will still be handled by Twitter’s head office in San Francisco under U.S. law.

Dublin is popular with U.S. tech companies, which often base their international and EU operations there. The country’s favorable corporation tax regime is often seen as a reason for IT companies to settle there — as is the small staff of its privacy regulator, which has a staff of just 29 to tackle domestic and international companies.

The office of the Irish Data Protection Commissioner (DPC) will have more resources to police companies like Twitter and Facebook, which also controls its European operations from there: In December the Irish government doubled its budget, from €1.89 million (a little over US$2 million) in 2014 to €3.65 million this year.

What’s more, since last years “right to be forgotten” ruling gave Spain’s privacy regulator the right to enforce EU privacy laws against Google, privacy regulators in other countries have taken this ruling to start their own procedures against tech companies. This means that companies like Twitter and Facebook, which also has its European headquarters in Ireland, are now subject to the scrutiny of privacy regulators other than the Irish DPC.

Meanwhile, the EU is preparing a new Data Protection Regulation under which European privacy regulators are planned to have more cooperation on cross-border privacy cases. In order to prepare for such a system which can be extremely challenging for data protection regulators in the coming years, the Irish DPC will move from a small office in the Irish countryside to Dublin where it will have room for additional expert staff.

Besides changing things for users outside of the U.S., Twitter is also adding a couple of clarifications to its privacy policy, making it easier to read and adding some extra detail, it said.

The company for instance clarified that people signing up for Twitter can use a pseudonym as their name, something that Facebook does not allow. Twitter also clarified that a phone number can be used as contact information.

The changes were made to improve support for users globally, Twitter said.

Loek is Amsterdam Correspondent and covers online privacy, intellectual property, online payment issues as well as EU technology policy and regulation for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to loek_essers@idg.com

A fresh attack by a long-known hacking group suspected to be linked with Russia did little to mask its activity in an attack a week ago.

The computer security firm FireEye wrote on Saturday that the group — called APT 28 — attacked an “international government entity” on April 13, using two recently disclosed software flaws, one of which has not been patched.

The attack sought to trick victims into clicking on a link that led to a website which attacked their computer. It first used a vulnerability in Adobe Systems’ Flash player, CVE-2015-3043, then used a still unpatched Microsoft vulnerability, CVE-2015-1701, to gain higher privileges on a computer.

In a white paper released last year, FireEye said APT 28 had conducted attacks against political and military-related organizations since at least 2007. The group compiles “malware samples with Russian language settings during working hours consistent with the time zone of Russia’s major cities, including Moscow and St. Petersburg.”

The malware delivered in the latest attack is very similar to CHOPSTICK, a backdoor known to be used by APT 28. In fact, the malware delivered in the latest attack used the same RC4 encryption key that was used by CHOPSTICK, FireEye said.

Even hacking groups considered to be sophisticated often reuse infrastructure or components, which over the long term help security researchers identify their attacks. FireEye also said the latest malware connects to the same command-and-control infrastructure that APT 28 has used.

The exploit used by APT 28 won’t work if users have upgraded to the latest Flash version released on Tuesday, so administrators are advised to patch.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk