The first step is to build skills and assess applications. To create your cloud team and assess application readiness, your organization must transform. IT is becoming a broker for cloud services, and the role of cloud architect is a big part of that. Gartner used to ask if an organization could take the risk of moving the cloud, but the question is no longer about "if," Cancila said. The question now is where you are moving and how are you going to get there. The next step in the process is to select cloud providers and services. Consider the different layers of the cloud (SaaS, PaaS, and IaaS) and how they fit into your organization's goals. Also, assess your app architecture and infrastructure.
While private cloud proponents have spent the last five years focusing on getting their IaaS offerings working, the big three cloud providers have moved way beyond core computing services. They’re delivering the services IT groups will need in the future to keep their companies from being eaten by software. Google, although its revenue is still small in comparison to AWS and Azure, offers an incredibly interesting machine learning set of services. I’ve worked with them, and they offer tremendous power at an affordable price, delivered in an easy-to-use framework. It’s clear we’re at the beginning of an AI-powered revolution, and Google is staking its claim to be the pioneer in the field, as demonstrated by its Deep Mind offering defeating the world’s champion Go player.
Silicon Valley treats Moore’s Law as if it is immutable, and with even more reverence than it does paranoia. But it was not a scientific law; it was always an observation about the behavior of a market for computers and software, which paid off at a rate to justify increasing investment in making chips. It is changing, Mr. Krzanich said, because phones, sensors and cloud systems develop at different rates. “It’s lengthened to 24 to 36 months,” he said. “The performance of the ecosystem is much more than Moore’s Law.” That is why Intel is in the wireless and networking fields, and is working on a new kind of three-dimensional memory chip, which Mr. Krzanich said would be out at the end of this year, that can speed performance of big-data-type calculations sevenfold.
The availability of Cerber to anyone who wants to pay for it differentiates it from another of the most successful ransomware families, Locky. "Locky is only being sent by one threat actor -- they use it on their own and don't share or sell it. Cerber acts as ransomware-as-a-service -- those who created it are now leasing it for anyone to use," says Horowitz. That arguably makes Cerber more dangerous than Locky because each affiliate user can infect victims using a variety of different attack methods, although the two most common involve the victim unknowingly executing a malicious program disguised as a legitimate file, delivered in a phishing email, or the victim is infected browsing a compromised website. Researchers believe there are currently over 150 active Cerber campaigns targeting users in 201 countries, with victims in South Korea, the US, and Taiwan accounting for over half of ransom payments.
“Oracle’s silence has been deafening,” said Michael Blake, chief executive officer at HTNG, a trade association for hotels and technology. “They are still grappling and trying to answer questions on the extent of the breach. Oracle has been invited to the last three [industry] calls this week and they are still going about trying to reach each customer individually and in the process of doing so they have done nothing but given the lame advice of changing passwords.” The hospitality industry has been particularly hard hit by point-of-sale compromises over the past two years. Last month, KrebsOnSecurity broke the news of a breach at Kimpton Hotels. Kimpton joins a long list of hotel brands that have acknowledged card breaches over the last year, including Trump Hotels, Hilton, Mandarin Oriental, and White Lodging, Starwood Hotels and Hyatt.
Contextual access is, at its essence, an evolution of adaptive authentication that replaces the use of static rules and blacklists with machine learning to assess risk based on user behavior and context. Indeed, many providers already do super simplistic “context,” such as blacklisted locations. These approaches. however, are far too coarse to be effective at balancing security with usability. At the same time, 2FA adoption is hard -- users have to install an app or use insecure SMS. In fact, the U.S. government announced that it is set to phase out text-based 2FA. But contextual authentication can sit in the background and simply do its thing pretty much invisibly (unless higher risk is determined).
Successful whaling attempts are so believable and seemingly trustworthy that executives who should probably know better are clicking on links and attachments that appear to be from fellow executives, employees or business partners. One stellar example of this includes a senior executive with a security firm who received an email that appeared to be from an underling but was actually from a whaler. He was tricked into giving up employee W-2 data. Another incident involved an executive from a major soft drink company that was in talks to choose a bottler in a highly profitable, under-serviced country. Before negotiations were completed, someone working under the executive was spear phished, and the whaler was able to harvest all email related to the negotiations, jeopardizing the talks and putting the company at a distinct disadvantage.
Unlike a cloud application where code is structured in a more monolithic fashion and may handle several tasks, code running on serverless services like Lambda is more typical of that found in a microservices software architecture. Under this model, applications are broken down into their core functions, which are written to be run independently and communicate via API. These small functions run by serverless services are triggered by what are called events. Taking Lambda as an example, an event could be a user uploading a file to S3 or a video being placed into an AWS Kinesis stream. The Lambda function runs every time one of these relevant events is fired. Once the function has run the cloud service will spin down the underlying infrastructure.
Although the exploits were poorly coded, “nonetheless, this appears to be legitimate code,” Matt Suiche, CEO of cyber security startup Comae Technologies added. Virginia-based Risk Based Security has also looked at the sample files and said that one of the exploits contains an IP address registered by the U.S. Department of Defense. None of this means that the NSA has been hacked. The Shadow Brokers may have simply come across a compromised system that was hosting the exploits, Risk Based Security said in a blog post. It's also possible the Shadow Brokers are promoting a big scam. Deception-based schemes are very common in hacking, Risk Based Security added. The NSA hasn't acknowledged any ties with Equation Group and on Monday, it didn't respond for comment.
Ditching text messaging and shifting to a new form of authentication would likely confuse customers, security experts say. Instead, financial institutions should take a more nuanced approach, said Rich Rezek, vice president of market development for authentication solutions for the tech vendor Early Warning. SMS-based authentication "will still remain a tool in the tool kit" since it's inexpensive and simple for banks to set up, and something consumers are familiar with, Rezek said. But banks still must need to take steps to improve how they handle two-factor authentication and SMS. "As fraudsters start to figure out [an authentication method], then you have to evolve and take the next approach," Rezek said. Common ways for a criminal to compromise an SMS authenticator include remotely hacking a phone and having the texts forward to a different phone, or to a computer via voice over internet protocol, Rezek said.
Quote for the day:
“Things work out best for those who make the best of how things work out.” -- John Wooden