The arrival of our truly physical-digital existence has forced identity protection to the forefront of our minds and amplified the need to understand how, through technology, our identities and behavior can be used to equalize and authenticate our access to all of life’s experiences. Second, there’s been an exceptional rise in all types fraud, including synthetic. Tackling this will require an intelligent, coordinated defense against cybercriminals employing new and more sophisticated techniques. Not unlike a police database that tracks criminals in different states, there’s a need for platforms where companies can anonymously share data signatures about bad actors with one another so that fraudulent activity becomes much easier to detect. According to the Aite Group, 72% of financial services firms surveyed believe synthetic identity fraud is a much more pressing issue than identity theft, and the majority plan to make substantive changes in the next two years. With collaboration driving that change, we have seen some cases of increasing synthetic fraud detection by more than 100% and the ability to catch overall forged documents by 8% in certain platforms.
In the GitOps workflow, the system’s desired configuration is maintained in a source file stored in the git repository with the code itself. The engineer will make changes to the configuration files representing the desired state instead of making changes directly to the system via CLI. Reviewing and approving of such changes can be done through standard processes such as — pull requests, code reviews, and merges to the master branch. When the changes are approved and later merged to the master branch, an operator software process is accountable for switching the system’s current state to the desired state based on the configuration stored in the newly updated source file. In a typical GitOps implementation, manual changes are not allowed, and all changes to the configuration should be done to files put in Git. In a severe case, authority to change the system is given just to the operator software process. In a GitOps model, the infrastructure and operations engineers’ role changes from implementing the infrastructure modifications and application deployments to developing and supporting the automation of GitOps and assisting teams in reviewing and approving changes via Git.
The most straightforward method for solving the optimization task is a random search for the appropriate block combinations. But a better choice is meta-heuristic optimization algorithms: swarm and evolutionary (genetic) algorithms. But in the case of evolutionary algorithms, one should keep in mind that they should have specially designed crossover, mutation, and selection operators. Such special operators are important for processing the individuals described by a DAG, they also give a possibility to take multiple objective functions into account and include additional procedures to create stable pipelines and avoid overcomplication. The crossover operators can be implemented using subtree crossover schemes. In this case, two parent individuals are chosen and exchange random parts of their graphs. But this is not the only possible way of implementation, there may be more semantically complex variants (e.g., one-point crossover). Implementation of the mutation operators may include random change of a model (or computational block) in a random node of the graph, removal of a random node, or random addition of a subtree.
Storage device manufacturer Western Digital warns that two of its network-attached storage devices - the WD My Book Live and WD My Book Live Duo - are vulnerable to being remotely wiped by attackers and now urges users to immediately disconnect them from the internet. ... The underlying flaw in the newly targeted WD devices is designated CVE-2018-18472 and was first publicly disclosed in June 2019. "Western Digital WD My Book Live (all versions) has a root remote command execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. It can be triggered by anyone who knows the IP address of the affected device," the U.S. National Vulnerability Database noted at the time. Now, it says, the vulnerability is being reviewed in light of the new attacks. "We are reviewing log files which we have received from affected customers to further characterize the attack and the mechanism of access," Western Digital says. "The log files we have reviewed show that the attackers directly connected to the affected My Book Live devices from a variety of IP addresses in different countries.
On the consumer front, a technology currently being planned for inclusion in the forthcoming 3GPP Release 17 document called NR Light (or Lite), looks very promising. Essentially functioning as a more robust, 5G network-tied replacement for Bluetooth, NR Light is designed to enable the low latency, high security, and cloud-powered applications of a cellular connection, without the high-power requirements for a full-blown 5G modem. Practically speaking, this means we could see things like AR headsets, that are tethered to a 5G connected smartphone, use NR Light for their cloud connectivity, while being much more power-friendly and battery efficient. Look for more on NR Light in these and other applications that require very low power in 2022. At the opposite end of the spectrum, some carriers are starting the process of “refarming” the radio spectrum they’re currently using to deliver 2G and 3G traffic. In other words, they’re going to shut those networks down in order to reuse those frequencies to deliver more 5G service. The problem is, much of the existing IoT applications are using those older networks, because they’re very well-suited to the lower data rates used by most IoT devices.
Organizations across the globe have experienced crippling cyberattacks over the past year that have significantly impacted the global supply chain. Due to the growing number of threats, 61% of respondents said that improving security measures continues to be the dominant priority. Cybersecurity systems topped the list of what IT professionals plan to invest in for 2022, with 53% of respondents planning to budget for email security tools such as phishing prevention, and 33% of respondents investing in ransomware protection. Cloud technologies were also top of mind this year, with 54% saying their IaaS cloud spending will increase and 36% anticipating growth in spending on SaaS applications. Cloud migration was also a high priority for respondents in 2021, which accounted for migrations across PaaS, IaaS and SaaS software. IT professionals also want to increase their productivity through automation, which ranked second in top technologies for investment. Almost half of respondents stated that they will allocate funds for this in 2021.
Quote for the day:
"The quality of a leader is reflected in the standards they set for themselves." -- Ray Kroc