In this modern age, everything is interconnected, which means that if you’re trying to see the future of one thing — let’s say your field — you really do have to pay attention to developments in adjacent areas to see which connections will catapult change forward into the future. That means you have to pay attention to things like wealth distribution and education. And in both of those cases, we’re talking about who has access to what. Are there groups that are gaining more agency and ability where they live? Are there changes happening to regulations and to permissions? Essentially, this new app was a way to help people make money while they sleep. Gollum got its idea from something that existed in the ’90s and in fact still exists today. In the ’90s, while you were asleep, you could donate the unused compute power of your computer to others — to researchers and academics who needed supercomputing networks but maybe couldn’t afford to get access to one. So instead, there were these distributed networks of computers all around the world where people had donated their unused compute time while they were asleep, for great projects.
Predictably, a lot of the activity has involved phishing and social-engineering campaigns where COVID-19 has been used as a thematic lure to get people to click on malicious attachments and links in emails or to download malware on mobile and other devices. There have also been reports about account takeover and business email compromise activity, a growth in domains serving up drive-by malware, and attempts to exploit virtual private networks (VPNs) and other remote access tools. The danger posed by these threats has been exacerbated by new requirements for "social distancing" and the resulting push by many organizations to widen or implement telework capabilities for their workforce. The sudden COVID-19-related surge in the use of videoconferencing, remote access, and VPN services — especially at organizations that have not used them before — is giving attackers more targets to go after and defenders a lot more terrain to protect.
CERT-FR said it is still investigating how the Pysa gang is gaining access to victim's networks. However, forensics clues left behind paint a picture of what could have happened on some of the infected/ransomed networks. For example, CERT-FR said there was evidence suggesting that the Pysa gang launched brute-force attacks against management consoles and Active Directory accounts. These brute-force attacks were followed by the exfiltration of a company's accounts & passwords database. Victim organizations also reported seeing unauthorized RDP connections to their domain controllers, and the deployment of Batch and PowerShell scripts. Furthermore, the Pysa gang also deployed a version of the PowerShell Empire penetration-testing tool, stopped various antivirus products, and even uninstalled Windows Defender in some instances. CERT-FR says that in at least one case they analyzed, they also found a new version of the Pysa ransomware, which used the .newversion file extension instead of the older .pysa.
Third parties certainly are having a lot to do with data breaches these days. You read any study, Deloitte, Ernst & Young, any of the unbiased studies out there, a number of the data breaches are actually coming from third parties and vendors, so that we recognize that you might have your four walls or your firewalls under control, but what you’re doing with other vendors and other folks in your supply chain, certainly puts your data at risk. We think that’s certainly important. A lot of these heavily regulated industries are actually getting audited and examined to understand how they understand the ecosystem of third parties. But we’re also seeing it go down-market. Not just the heavily regulated industries, but other areas and other verticals are starting to really think about how they interact with third parties, what data they’re sharing, and also what kind of value they could get from those third parties. Are they understanding the metrics, the measurements that they measure those vendors on? Are they getting what they paid for? Are they getting the level of performance they expect? And because of that, I think we can optimize a lot of those relationships and help them better understand that ecosystem in which they behave.
Begin this year’s spring by reviewing your data assets. Move any sensitive information offline if it doesn’t need to be network-accessible. Keep in mind that any data not in your possession cannot be stolen from you. If you are storing information about other people or organizations and you can’t foresee any possible future use for that data, get rid of it. If you need it, move it to a secure offline facility. For instance, if you are storing credit card CVC codes — which you should not need to — get rid of them. There is no better method of ensuring data security than not having irrelevant data in the first place. Make sure you’re backing up properly and frequently. You should back up often enough that if something were to go severely wrong, you wouldn’t be panicking about lost personal or enterprise data. If you are responsible for ensuring that others back up, make sure that they understand the importance of doing so, and deploy technology that simplifies and automates the backup process. If you aren’t sure whether you’re backing up often enough, you probably are not.
Broadly speaking, the data plane "does the work" and is responsible for "conditionally translating, forwarding, and observing every network packet that flows to and from a [network endpoint]." In modern systems, the data plane is typically implemented as a proxy, that is run out-of-process alongside each service as a "sidecar." Klein states that within a service mesh, the data plane "touches every packet/request in the system, and is responsible for service discovery, health checking, routing, load balancing, authentication/authorization, and observability." There is work underway within the CNCF to create a Universal Data Plane API, based on concepts from Klein's earlier blog post The Universal Data Plane API. This proposal extends the xDS API that has been defined and implemented by Envoy and is supported in other proxies such as MOSN. A control plane "supervises the work," and takes all the individual instances of the data plane — a set of isolated stateless sidecar proxies—and turns them into a distributed system.
In the face of COVID-19, there are countless stories from customers who are using Teams to connect and thrive in inspiring ways. A professor at University of Bologna in Italy shared on Twitter how the school moved 90 percent of courses online to Teams within four days, which is definitely a first in the university’s 900-plus year history. Doctors at St. Luke’s University Health Network in Pennsylvania will use Teams for videoconferencing with patients, especially those who are most vulnerable to coronavirus, as a way to protect both patients and healthcare providers. And the City of Osaka in Japan is using Teams to conduct orientations and trainings for hundreds of new incoming employees in April. Stories like these are playing out in countries the world over. We believe that this sudden, globe-spanning move to remote work will be a turning point in how we work and learn. Already, we are seeing how solutions that enable remote work and learning across chat, video, and file collaboration have become central to the way we work.
Robotic process automation (RPA) is a form of business process optimization that automates tasks using software robots, or digital workers. RPA can play a major role in automating repetitive and manual data-related tasks, freeing up employees for higher-value work. During mergers and acquisitions, employees have new systems and processes to adjust to, within a limited time frame and staff may not have learned the skills required to complete these tasks efficiently. RPA can help to ease this process by using artificial intelligence workers to help with data entry, data mapping, data extraction and moving data into multiple systems, which is critical for systems consolidation after a merger or acquisition. ... While custom point-to-point integration can help companies reach a short-term goal, it drastically complicates matters in the long run when integrating multiple companies’ subsystems and data centers. Fortunately, there are a variety of off-the-shelf alternatives that can create connectivity across a company’s entire business ecosystem, without needing complex custom code.
Why are security ratings so bad? For starters, the data is terrible. The quality of security ratings is contingent on the quality of the underlying data and the science with which this data is interpreted. Unfortunately, the cybersecurity ratings industry has nowhere close to the depth and breadth of data of other ratings sectors. Security ratings companies do not have accurate network maps, and ratings are regularly deflated due to misattribution or improper understanding of network configurations. Security ratings companies typically use incomplete third-party data and do not communicate caveats or error estimates to their customers. By the time you read them, security ratings are already out of date, because the data is not quickly refreshed and refresh timestamps aren't clearly communicated. Another challenge is that ratings aren't scientific or statistically relevant. Given those problems, vendors committed to a ratings product have no choice but to hack their way to a partial solution.
The AI component of Ransomware does some clever stuff like conceal the conditions needed to unlock the files as well as deploy untraceable malicious applications, but it doesn’t stop here. Just like businesses use AI for language learning, so too can the malware be trained to recognise types of content and be on the lookout for specific words as well as listen to voice prompts. Face recognition log in is popular now too so of course, the smart malware can be trained to recognise images. Cybercriminals are also using advanced image APIs for face recognition on webcams, and security cameras. Hackers get a lot of personal information or data from the dark corners of the Internet, aka ‘dark web’. For example, where you shop online or do your personal banking data can be stolen, and it often ends up on the dark web where it is traded to hackers who can use it in their malware. Open source tools are also the target of hackers where they can be used to compromise website, servers and cloud infrastructure. So with the influx of smart hacking, what can we do to protect data and devices, so we’re not a victim of a malicious cyber attack?
Quote for the day:
"If You only have a hammer everything looks like a nail." -- Abraham Maslow