Daily Tech Digest - January 20, 2021

New Intel CPU-level threat detection capabilities target ransomware

Detecting ransomware programs has never been easy, and attackers have always found ways to evade security products. The sophisticated groups that use manual hacking and perform months-long reconnaissance and lateral movement inside corporate networks will know very well what malware detection software their victims are using and can test in advance to make sure their payload will not be detected. This is part of the reason why ransomware campaigns are so effective and devastating to organizations. Aside from signature-based detection, security products attempt to detect ransomware-like behavior by monitoring for unusual patterns in file activity. For example, the reading and writing of a large number of files in certain directories or with certain file types in rapid succession can indicate suspicious activity. Significant differences in the contents of overwritten files is another example since an encrypted file will look totally different than the original file. Attempts to delete Volume Shadow Copy Service (VSS) backups can also be indicative of ransomware. All these signals together can be used to detect ransomware, but attackers can still try to hide, for example, by slowing down file encryption and executing it in batches.

Streaming Data From Files Into Multi-Broker Kafka Clusters

Kafka Connect is a tool for streaming data between Apache Kafka and other external systems and the FileSource Connector is one of the connectors to stream data from files and FileSink connector to sink the data from the topic to another file. Similarly, numerous types of connector are available like Kafka Connect JDBC Source connector that imports data from any relational database with a JDBC driver into an Apache Kafka topic. Confluent.io developed numerous connectors for import and export data into Kafka from various sources like HDFS, Amazon S3, Google cloud storage, etc. Connectors belong to commercial as well as Confluent Community License. Please click here to know more about the Confluent Kafka connector. File Source connector to stream or export data into Kafka topic and File Sink connector to import or sink data from the Kafka topic to another file. The file that receives the data continuously from the topic can be considered as a consumer. These two connectors are part of the Open Source Apache Kafka ecosystem and do not require any separate installation.

Legacy security architectures threaten to disrupt remote working

Connecting users often came at the expense of other factors, such as security, performance and management. As most respondents (81%) expect to continue working from home (WFH), 2021 will see enterprises address those other areas, evolving their remote access architectures to protect the remote workforce without compromising on the user experience. Yet securing the remote workforce has proved challenging for IT professionals. Enforcing corporate security policies on remote users was the second most common security challenge (58% of respondents) while 57% indicated they lacked the time and resources to implement recognised security best practices. Boosting remote access performance was found to be the most popular use case for 2021, by 47% of respondents. SASE was also an increasing focus for enterprises in post-pandemic 2021, with as many as 91% of respondents expecting SASE to simplify management and security. Half of respondents (52%) said SASE would be very or extremely important to their businesses post-Covid-19 and 91% of respondents expected SASE to simplify management and security. Providing evidence of how SASE is benefiting organisations, Cato found that of those firms that had already adopted SASE, 86% experienced increased security, 70% indicated time savings in management and maintenance...

Companies turning to MSPs as attack vectors get more sophisticated

Security is not the only top driver. Finance leaders chose reduced costs (57%) as their top reason, noting that an MSP is less expensive than hiring talent internally. For e-commerce retailers, increased security (46%) and reduced costs (46%) tied for the top spot. “It’s never been more critical to have an encrypted backup and disaster recovery solution to ensure your business is always up and running. The increased threats to companies and MSPs have never been this severe, and it’s going to continue to get worse,” said Infrascale CEO Russell P. Reeder. “In this ever more challenging landscape, data protection and data recovery are top priorities for MSPs serving clients, especially as attack surfaces expand and attack vectors get more sophisticated,” he continued. The survey further revealed which MSP services are most prominent for each industry. Finance (53%), education (51%), and healthcare (53%) executives all noted that the top service they leverage most with their MSPs is data protection, while manufacturing executives specified a subset of that category, cybersecurity services (58%) — focusing on computer network environments as their top MSP service.

Why CIOs Must Set the Rules for No-Code, Low-Code, Full-Code

A no-code application uses point-and-click visual tools that users drag and drop in order to create an application. No knowledge of coding is needed. This is strictly point-and-click development on a visual user interface that gives access to data, basic logic and data display choices. Best fit: No-code development works when the data and queries the user needs are basic and the tool can integrate with the data sources that have predefined APIs. No-code tools are ideal for rapid turnaround applications that use and report basic information -- like, what are the sales numbers for our air conditioning products this month? The tools are used with transactional data, not with unstructured, big data. Low-code development tools have point-and-click, graphical user interfaces that are similar to those found in no-code tools, only low code also allows developers to add pieces of custom code that embellish functions not handled by the low-code platform. Best fit: For applications that must be integrated with other systems and databases, as well as delivering rapid time to market, low-code tools make excellent platforms. Low code also enables non-programming users to collaborate in developing apps with more technical IT programmers.

Tips for a Bulletproof War Room Strategy

In today's environment, especially in larger companies, employee skill sets are getting more technically diverse with stand-alone teams spanning cloud, network, development, automation, and more. As much as these teams may want to work in their own lane, there is no denying that their work directly affects other groups in the organization. When they send updates or find an exploit that threatens their system, it's not just their system that is impacted. It can produce massive consequences across all areas of the business. ... In combat, one of the biggest mistakes that could cause you to lose your position is indecision. In security, when a breach occurs, teams can't afford to disagree. War rooms are built to enable quick decision-making by empowering need-to-know decision-makers with the authority needed to respond rapidly. An effective war room brings together the right people and the right information so that the right decisions can be quickly made. ... In another, you can elevate that war room into an actual live incident or bring together a group of senior management to plan out the risk posture for the foreseeable future, whether that's the next quarter, the next year, or maybe for a large upcoming event where they want to plan for attack possibilities.

Microsoft Taking Additional Steps to Address Zerologon Flaw

Some security experts say Microsoft is taking the right step to ensure that customers' networks remain safe even if they haven't applied the patch. "Microsoft seems to expect that patching all devices out there will take a substantial amount of time, so it takes this backup approach to mitigate the risk for its customers," says Dirk Schrader, global vice president at security firm New Net Technologies. "The difficulty for those customers, given the pandemic situation of working from home, is to find and patch all vulnerable devices. It is time to scan and check all devices, monitor them for unwanted changes, to find and patch as quickly as possible." Jigar Shah, vice president of security firm Valtix, notes that Active Directory remains important to companies that rely on cloud platforms, such as Azure. So, they want to be assured that their infrastructure is secure even if that requires Microsoft to force the issue. "Active Directory domain controllers are still fundamental to enterprise apps in public clouds," Shah says. "And the battle is to continuously and automatically do virtual patching until software vendors roll out patches that can be deployed, something that often takes weeks and months..."

Study: Cloud transformation necessary for digital transformation

Cloud migration is a necessary step for digital transformation, which is proceeding faster than planned at many enterprises because of the COVID-19 pandemic, according to research from Cloud Industry Forum (CIF), a cloud computing organization based in the United Kingdom. The cloud is an important steppingstone for getting off legacy on-prem technologies and outfitting today's more flexible, remote workforce. Supporting a remote workforce requires a digital transformation, and to do that, companies need the cloud – public, private, or hybrid. CIF found that in many sectors, remaining productive during lockdown depended on their cloud-readiness. Migrating to the cloud has delivered results for more than 90% of organizations during the past year, according to the CIF research. In addition, 91% of decision makers said that cloud formed an important part of their digital transformation, with 40% saying the role of the cloud was crucial. COVID-19 has been a significant driver. A majority of organizations (69%) have sped up their as digital transformation plans in some way as a result of the pandemic, according to the research. "On the whole, organizations did a commendable job of adapting in the face of an unprecedented situation; it is safe to say that many have been pleasantly surprised at how successful the shift to remote working has been. 

Digital Transformation: How Leaders Can Stand Out

Enterprise CIOs are contending with the impact of COVID-19 on their IT priorities and tech spending. In order to prioritize what is indispensable, there should be a strong focus on embracing technology that puts the bottom line first. There’s a huge opportunity to streamline repetitive, time-consuming tasks across departments, from marketing to sales and customer service, freeing up time and shortening feedback loops. Traditional digital transformation initiatives often overlook the edges of the business where employees are stuck relying on manual processes, spreadsheet solutions and outdated legacy systems for business workflows. Organizations have to be able to solve for changes quickly, whenever they may come up, from anywhere in the business. Having digital tools in place that allow for automation and enhanced processes are crucial not only for saving time and money, but also for providing real-time insights and opportunities to change to quickly adapt to meet customer demands, employees and overall disruption. The shortage of software developer talent is well-documented, and IT departments are overwhelmed without the support they desperately need.

2021 Trends in Blockchain: Mainstream Adoption at Last

The most emergent Blockchain trend of the year is the motion towards solving its scalability issues via the cloud. There are plentiful cryptocurrency use cases in which the notion of scale—both horizontal and vertical, reflecting mounting numbers of users and data—induces considerable latency, almost derailing this technology’s value. A practical solution to this necessity stemming from blockchain’s decentralized consensus approach to transaction validation is employing serverless computing architecture to resolve the latency resulting from the conventional approach, in which “every machine is doing the same work,” Wagner revealed. “If one runs out of space, memory, compute, or network capacity, game over.” However, by relying on serverless architecture to spin up machines on demand, “that serverless implementation lets us recruit hundreds, thousands, even tens of thousands of machines for every individual node of a blockchain,” Wagner explained. This method enables organizations to devote whatever resources they need to validate transactions with these decentralized ledgers, dramatically reducing the latency and downtime otherwise inherent to scaling up.

Quote for the day:

"Make every detail perfect and limit the number of details to perfect." -- Jack Dorsey

No comments:

Post a Comment