Daily Tech Digest - March 11, 2020

Open-source options offer increased SOC tool interoperability

interoperable gears / integrated tools / interoperability
"What we're trying to do as an industry, if we can align around a common data model and a common set of APIs, then that problem [a lack of interoperable security tools] becomes a much smaller problem than it is today," Chris Smith, senior sales engineer at McAfee, tells CSO. STIX (Structured Threat Information eXpression), contributed by IBM, is useful "if you're threat hunting and you want to query all your other tools for evidence of a certain artifact use STIXShifter to ask that question in a vendor-neutral platform agnostic language," the GitHub repo said. "STIX Shifter would be the technology that enables a company to search for an indicator of compromise across multiple tools, data repositories," Jason Keirstead, chief architect, IBM Security Threat Management, tells CSO. "If that search turns up a compromised device, OpenDXL Ontology would be the mechanism that would be used to issue alerts/notifications across other tools in order to begin remediation."



Enterprises roll out private 5G while standards, devices, coverage evolve

5G mobile wireless network
Outside of private deployments, 5G coverage remains an obstacle. All the major carriers, including AT&T, Verizon, Sprint, and T-Mobile, are promising 5G connectivity, but in practice it's limited to a few areas in the biggest cities. Consumers don't have 5G-capable phones yet, so the carriers' 5G promises are little more than marketing hype for the time being. Gartner, for example, places 5G at the "peak of inflated expectations" in its most recent hype cycle report and predicts that it will take two to five years before 5G reaches what the analyst firm calls the "plateau of productivity," when mainstream adoption starts to take off. Until that happens, many enterprises are circumventing the lack of coverage by deploying private 5G in factories, college campuses, hospitals, office buildings, or other contained environments – just as the VA Palo Alto hospital did. "We believe that enterprise deployments have the potential to be the most significant and leading set of use cases for 5G," says Dan Hays, principal and head of US corporate strategy practice at PricewaterhouseCoopers.


Details about new SMB wormable bug leak in Microsoft Patch Tuesday snafu

microsoft windows security patch tuesday
According to Fortinet, the bug was described as "a Buffer Overflow Vulnerability in Microsoft SMB Servers" and received a maximum severity rating. "The vulnerability is due to an error when the vulnerable software handles a maliciously crafted compressed data packet," Fortinet said. "A remote, unauthenticated attacker can exploit this to execute arbitrary code within the context of the application." A similar description was also posted -- and later removed -- in a Cisco Talos blog post. The company said that "the exploitation of this vulnerability opens systems up to a 'wormable' attack, which means it would be easy to move from victim to victim." ... However, there is currently no danger to organizations worldwide. Only details about the bug leaked online, not actual exploit code, as it did in 2017. Although today's leak alerted some bad actors about a major bug's presence in SMBv3, exploitation attempts aren't expected to start anytime soon. Furthermore, there are also other positives. For example, this new "wormable SMB bug" only impacts SMBv3, the latest version of the protocol, included only with recent versions of Windows.


Dump your passwords, improve your security -- really


Your first encounter with FIDO likely won't look much different than two-factor authentication. You'll first type a conventional password, then plug in or wirelessly connect a FIDO hardware security key. The process still uses passwords, but it's more secure than passwords alone or passwords bolstered by codes sent by SMS or retrieved from authenticators like Google Authenticator. This approach -- password plus security key -- is how you can use FIDO today on Google, Dropbox, Facebook, Twitter and Microsoft services like Outlook.com and eventually Windows. "Hardware security keys are very, very secure," said Diya Jolly, chief product officer of authentication service company Okta. That's why congressional campaigns, the Canadian government's computing services division and all Google employees use them. Consumer services today often require you to plug in the keys only when logging in for the first time on a new PC or phone, or when you're taking a particularly sensitive action like transferring money out of your bank account or changing your password. Of course, a security key can be a hassle if you don't have it readily available when you need it.


What is LLVM? The power behind Swift, Rust, Clang, and more

What is LLVM? The power behind Swift, Rust, Clang, and more
At its heart, LLVM is a library for programmatically creating machine-native code. A developer uses the API to generate instructions in a format called an intermediate representation, or IR. LLVM can then compile the IR into a standalone binary or perform a JIT (just-in-time) compilation on the code to run in the context of another program, such as an interpreter or runtime for the language. LLVM’s APIs provide primitives for developing many common structures and patterns found in programming languages. For example, almost every language has the concept of a function and of a global variable, and many have coroutines and C foreign-function interfaces. LLVM has functions and global variables as standard elements in its IR, and has metaphors for creating coroutines and interfacing with C libraries. Instead of spending time and energy reinventing those particular wheels, you can just use LLVM’s implementations and focus on the parts of your language that need the attention. ... LLVM’s architecture-neutral design makes it easier to support hardware of all kinds, present and future. For instance, IBM recently contributed code to support its z/OS, Linux on Power, and AIX architectures for LLVM’s C, C++, and Fortran projects.


Accelerating ML Inference on Raspberry Pi With PyArmNN

Arm NN is an inference engine for CPUs, GPUs, and NPUs. It executes ML models on-device in order to make predictions based on input data. Arm NN enables efficient translation of existing neural network frameworks, such as TensorFlow Lite, TensorFlow, ONNX, and Caffe, allowing them to run efficiently and without modification across Arm Cortex-A CPUs, Arm Mali GPUs, and Arm Ethos NPUs. PyArmNN is a newly developed Python extension for Arm NN SDK. In this tutorial, we are going to use PyArmNN APIs to run a fire detection image classification model fire_detection.tflite and compare the inference performance with TensorFlow Lite on a Raspberry Pi.  Arm NN provides TFLite parser armnnTfLiteParser, which is a library for loading neural networks defined by TensorFlow Lite FlatBuffers files into the Arm NN runtime. We are going to use the TFLite parser to parse our fire detection model for “Fire” vs. “Non-Fire” image classification.


Instant Low Code Database Web App - ASP.NET Core 3.1 Single Page Application(SPA)


A single-page application (SPA) is defined as a web application that fits on a single web page with the goal of providing a more pleasant user experience similar to a desktop application. It can be used to create a fully blown business web application linked to a database or quickly create a web application that can traverse, search & report on a large database. The following sample application code is an alternative to using libraries such as AngularJS, React, Vue, etc. Only jQuery and bootstrap are used in conjunction with vanilla JavaScript, HTML and CSS. A very simple approach is used in overlaying div tags and Ajax calls, to read and update the database, without any Postback. The Grid and Detail forms included in this application also contain simple CSS, to make them automatically resize to any mobile device, down to iPhone, etc. Using horizontal and vertical scrolling or swiping allows the user to quickly read all data columns and rows in a Grid. Can redo Parent, Child and Grandchild CRUD grids, over and over, within seconds.


What's the difference between RPA and IPA?


IPA development and implementations are significantly more complex. The technology requires data extraction and classification, machine learning and AI to foster decision-making. Businesses using IPA will need experts on hand who have an in-depth understanding of an evergrowing set of tools and capabilities in the space. Agarwal said technical skill requirements for users are key distinctions IT executives should be aware of upfront. The technical skill required for RPA ranges from basic to mature, whereas the technical skill required for IPA ranges from mature to advanced. RPA, not surprisingly, has considerably more traction as a result of this ease of use. "There are more processes being automated with RPA than IPA," he said. Process efficiencies associated with RPA, however, are not as high as the potential efficiencies realized by IPA. Agarwal said in RPA deployments, humans continue to play a significant role in data extraction and decision-making alongside the rules-based processing handled by RPA tools. IPA, in contrast, promises greater value in reducing manual labor costs, because it automates much of the human decision-making.


Enterprises being won over by speed, effectiveness of network automation

gears / build management + automation / circuits
It's a burgeoning field: MarketsandMarkets Research reports that the global network automation market is on track to grow from $2.3 billion in 2017 to an estimated $16.9 billion by 2022. "It’s a really exciting topic in the networking industry right now because the scale and complexity of networks is really greater than it ever was before," says Brandon Butler, senior research analyst covering enterprise networks at IDC, a Framingham, Mass.-based industry analyst firm. "It's a revolution we're still in the early days of. There are more mobile workers out there, accessing high-bandwidth company apps from more diverse places. By 2025, there are going to be 41.6 billion connected IoT devices that enterprises are getting data and insights from. If your network is down, it touches everything in the company. Relying on manual, ad-hoc management isn't efficient, scalable or secure." And while it's an exciting market, it really is in its infancy, according to Andre Kindness, principal analyst at Forrester, a Cambridge, Mass.-based research firm. He notes that enterprises might be automating firewall configurations or the monitoring of their switches and traffic.


UK government survives rebellion on ‘high-risk’ comms tech supplier strategy

Though relieved, the UK’s comms industry warned that it would still take a huge hit from the decision. In January 2020, EE network owner BT warned abiding by the UK government’s decision to restrict access to kit from suppliers such as Huawei could have a potential impact of around £500m, while in February 2020 Vodafone calculated that removing Huawei equipment that exists already in its core networks across Europe would cost as much as €200m over the next five years. Such recommendations were never accepted by a core group of backbench MPs among the UK’s ruling Conservative Party, and former leader Ian Duncan Smith led a rebellion against the Telecommunications Infrastructure Bill, proposing an amendment that would lead to an outright ban on Huawei technology, which he said posed a real and direct threat to the UK’s national security. Duncan Smith’s amendment would have seen firms classified as high-risk by the National Cyber Security Centre banned entirely from the UK’s 5G project by 31 December 2022.



Quote for the day:


"Leadership should be born out of the understanding of the needs of those who would be affected by it." -- Marian Anderson


No comments:

Post a Comment