Daily Tech Digest - December 03, 2020

The Service Factory of the Future

The service factory of the future will break the compromise between personalization and industrialization by leveraging standard service bits: small elements of service, such as a chatbot or an online shopping cart. Service bits will increasingly consist of “microservices”—digitized service offerings or processes—that are accessed through APIs and either created in-house or procured from ecosystem partners. Bits can also be automated or manual service activities based on legacy IT systems. By flexibly combining service bits, the service factory of the future will be able to create hyperpersonalized offerings and packages tailored to an individual’s needs, preferences, and habits on the basis of a wide range of customer data. Migration to the service factory of the future requires transformative change in five critical dimensions: customer experience, service delivery, digital technology, people and organization, and digital ecosystems. ... The service factory of the future will enable providers to be predictive, preventive, and proactive. It will anticipate customers’ needs and approach them with solutions and hyperpersonalized experiences. More important, it will develop capabilities to prevent service lapses from occurring in the first place.

FBI: BEC Scams Are Using Email Auto-Forwarding

The first was detected in August when fraudsters used the email forwarding feature in the compromised accounts of a U.S.-based medical company. The attackers then posed as an international vendor and tricked the victim to make a fraudulent payment of $175,000, according to the alert. Because the targeted organization did not sync its webmail with its desktop application, it was not able to detect the malicious activity, the FBI notes. In a second case in August, the FBI found fraudsters created three forwarding rules within a compromised email account. "The first rule auto-forwarded any email with the search terms 'bank,' 'payment,' 'invoice,' 'wire,' or 'check' to cybercriminals' email accounts," the alert notes. "The other two rules were based on the sender's domain and again forwarded to the same email addresses." Chris Morales, head of security analytics at security firm Vectra AI, says that in addition to reaping fraudulent payments, fraudsters can use email-forwarding to plant malware or malicious links in documents to circumvent prevention controls or to steal data and hold it for ransom. In in a keynote presentation at Group-IB's CyberCrimeCon 2020 virtual conference in November, Craig Jones, director of cybercrime at Interpol, noted that BEC scammers are among the threat actors that are retooling their attacks to take advantage of the COVID-19 pandemic.

Robots Can Now Have Tunable Flexibility & Improved Performance

Generally, the mechanics of obliging inflexibility variances can be massive with ostensible territory, while curved origami can minimalistically uphold an extended stiffness scale with on-demand flexibility. The structures shrouded in Jiang and team’s research consolidate the collapsing energy at the origami wrinkles with the bending of the panel, tuned by switching among numerous curved creases between two points. Curved origami empowers a single robot to achieve a variety of movements. A pneumatic, swimming robot created by the team can achieve a scope of nine distinct movements, including quick, medium, slow, straight and rotational developments, by essentially changing which creases are utilized. The team’s exploration centered around joining the folding energy at origami creases with the board bending, which is tuned by moving along various creases between two points. With curved origami, a single robot is equipped for undertaking different movements. For instance, the team built up a swimming robot that had nine unique movements, for example, quick, slow, medium, straight, and rotational. To achieve any of these, the creases simply should be changed.

Migrating a Monolith towards Microservices with the Strangler Fig Pattern

One of the few benefits of the Zope framework is the fragile nature of the software has forced us to work in small increments, and ship in frequent small releases. Having unreleased code laying around for more than a few hours has led to incidents around deployment, like accidental releases or code being overwritten. So the philosophy has been "write it and ship it immediately". Things like feature toggles and atomic releases were second nature. Therefore, when we designed the wrapper and the new service architectures, feature toggles were baked in from the start (if a little crude in the first cuts). Therefore, from the early days of the project code was being pushed to live within hours of being committed. Moving to a framework like Flask enabled "proper" CI pipelines, which can perform actual checks on the code. Whilst a deployment into production is manually initiated, all other environment builds and deployment are initiated by a commit into a branch. The aim is to keep the release cadence the same as it has been with Zope. Changes are small, with multiple small deployments a day rather than massive "releases". We then use feature toggles to enable functionality in production.

Misconfigured Docker Servers Under Attack by Xanthe Malware

“Once all possible keys have been found, the script proceeds with finding known hosts, TCP ports and usernames used to connect to those hosts,” said researchers. “Finally, a loop is entered which iterates over the combination of all known usernames, hosts, keys and ports in an attempt to connect, authenticate on the remote host and launch the command lines to download and execute the main module on the remote system.” Misconfigured Docker servers are another way that Xanthe spreads. Researchers said that Docker installations can be easily misconfigured and the Docker daemon exposed to external networks with a minimal level of security. Various past campaigns have been spotted taking advantage of such misconfigured Docker installations; for instance, in September, the TeamTNT cybercrime gang was spotted attacking Docker and Kubernetes cloud instances by abusing a legitimate cloud-monitoring tool called Weave Scope. In April, an organized, self-propagating cryptomining campaign was found targeting misconfigured open Docker Daemon API ports; and in October 2019, more than 2,000 unsecured Docker Engine (Community Edition) hosts were found to be infected by a cyptojacking worm dubbed Graboid.

Finding rogue devices in your network using Nmap

Just knowing what ports are open is not enough, as many times, these services may be listening on non-standard ports. You will also want to know what software and version are behind the port from a security perspective. Thanks to Nmap's Service and Version Detection capabilities, it is possible to perform a complete network inventory and host and device discovery, checking every single port per device or host and determining what software is behind each. Nmap connects to and interrogates each open port, using detection probes that the software may understand. By doing this, Nmap can provide a detailed assessment of what is out there rather than just meaningless open ports. ... Rogue DHCP servers are just like regular DHCP servers, but they are not managed by the IT or network staff. These rogue servers usually appear when users knowingly or unknowingly connect a router to the network. Another possibility is a compromised IoT device such as mobile phones, printers, cameras, tablets, smartwatches, or something worse, such as a compromised IT application or resource. Rogue DHCP servers are frustrating, especially if you are trying to deploy a fleet of servers using PXE, as PXE depends heavily on DHCP. 

Digital transformation, innovation and growth is accelerated by automation

Automation is a key digital transformation trend for 2021 and beyond. Here are some key findings regarding the importance of process automation. According to Salesforce, 81% of IT organizations will automate more tasks to allow team members to focus on innovation over the next 12-18 months. McKinsey notes that 57% of organizations say they are at least piloting automation of processes in one or more business units or functions. And 31% of IT decision makers say that automation is a key business initiative tied to digital transformation, per MuleSoft. Integration continues to be a challenge for process automation. Sixty percent of line of business users agree that an inability to connect systems, applications, and data hinders automation initiatives. The future of automation is declarative programming. "In 2021, we'll see more and more systems be intent-based, and see a new programming model take hold: a declarative one. In this model, we declare an intent - a desired goal or end state - and the software systems connected via APIs in an application network autonomously figure out how to simply make it so," said Uri Sarid, CTO, MuleSoft. McKinsey estimates that automation could raise productivity in the global economy by up to 1.4% annually. 

Why microlearning is the key to cybersecurity education

Most organizations are used to relatively “static” training. For example: fire safety is fairly simple – everyone knows where the closest exit is and how to escape the building. Worker safety training is also very stagnant: wear a yellow safety vest and a hard hat, make sure to have steel toed shoes on a job site, etc. The core messages for most trainings don’t evolve and change. That’s not the case with cybersecurity education and training: attacks are ever-changing, they differ based on the targeted demographic, current affairs, and the environment we are living in. Cybersecurity education must be closely tied to the value and mission of an organization. It must also be adaptable and evolve with the changing times. Microlearning and gamification are new ways to help encourage and promote consistent cybersecurity learning. This is especially important because of the changing demographics: there are currently more millennials in the workforce than baby boomers, but the training methods have not altered dramatically in the last 30 years. Today’s employee is younger, more tech-savvy and socially connected. Modern training needs to acknowledge and utilize that.

Cut IT Waste Before IT Jobs

While it is impossible to fully correlate the impact of ITAM on job retention, we can illustrate the opportunity with some simple sums. Starting with Gartner’s latest Worldwide IT Spending Forecast, the total spend next year on Data Center Systems, Enterprise Software, and Devices (the three areas of IT spend that ITAM can address) will be $1.35 trillion. If ITAM can reduce this spending by just 5% (which we have already said is a very conservative estimate for the industry), that alone equates to over $67.7 billion of potential savings from ITAM alone. If just some of these savings were applied toward talent retention, they could protect hundreds of thousands of jobs around the world. Before IT departments slash critical projects or lay off staff, we urge them to look at their IT spend first to see where savings could be made. Remember that cutting IT jobs doesn’t just reduce the bottom line, it means the removal of talent, careers and institutional knowledge -- in comparison to IT waste, which is removing unused or unwanted resources with no impact whatsoever on delivery of services. What’s more, with many IT purchases having been rushed through during the March/April period to support home working, there is a high likelihood of “bloatware” across organizations that could yield higher than average savings than you would typically expect in an ITAM project.

Covid-19 vaccine supply chain attacked by unknown nation state

The X-Force team said its analysis pointed to a “calculated operation” starting in September, spanning six countries and targeting organisations associated with international vaccine alliance Gavi’s Cold Chain Equipment Optimisation Platform (CCEOP). It was unable to precisely attribute the campaign, but said that both precision targeting of key executives at relevant organisations bore the “potential hallmarks of nation-state tradecraft”. IBM senior strategic cyber threat analyst Claire Zaboeva wrote: “While attribution is currently unknown, the precision targeting and nature of the specific targeted organisations potentially point to nation-state activity. “Without a clear path to a cash-out, cyber criminals are unlikely to devote the time and resources required to execute such a calculated operation with so many interlinked and globally distributed targets. Likewise, insight into the transport of a vaccine may present a hot black-market commodity. ...” According to IBM X-Force, the attacker has been impersonating an executive at Haier Biomedical, a cold chain specialist, to target organisations including the European Commission’s Directorate General for Taxation and Customs Union, and companies in the energy, manufacturing, website creation and software and internet security sectors.

Quote for the day:

"Every great leader can take you back to a defining moment when they decided to lead." -- John Paul Warren

No comments:

Post a Comment