Daily Tech Digest - July 21, 2021

Two-for-Tuesday vulnerabilities send Windows and Linux users scrambling

The world woke up on Tuesday to two new vulnerabilities—one in Windows and the other in Linux—that allow hackers with a toehold in a vulnerable system to bypass OS security restrictions and access sensitive resources. As operating systems and applications become harder to hack, successful attacks typically require two or more vulnerabilities. One vulnerability allows the attacker access to low-privileged OS resources, where code can be executed or sensitive data can be read. A second vulnerability elevates that code execution or file access to OS resources reserved for password storage or other sensitive operations. The value of so-called local privilege escalation vulnerabilities, accordingly, has increased in recent years. The Windows vulnerability came to light by accident on Monday when a researcher observed what he believed was a coding regression in a beta version of the upcoming Windows 11. The researcher found that the contents of the security account manager—the database that stores user accounts and security descriptors for users on the local computer—could be read by users with limited system privileges.

Establishing the right analytics-based maintenance strategy

Although predictive maintenance is often held up as a prime example of the value that IoT and advanced analytics can generate, in fact, any predictions in the real world are imperfect. Our research shows that some organizations, even with highly qualified AA teams, are unlikely to realize the desired impact. The AA algorithm employed may fail to predict a breakdown, giving a false negative, and in other cases can predict an event that would not have happened, giving a false positive. Although much effort is often put into minimizing false negatives, it is often the false positives that make predictive maintenance less viable. Make no mistake, predictive maintenance can be very valuable. In situations with very high cost or safety issues associated with a breakdown, such as the midair failure of a jet turbine, operators need the closest estimate possible of when a breakdown might occur. In addition, in cases in which failures are highly predictable and well-understood—and the chance of a false positive is therefore minimal or very low-cost—predictive maintenance is well worth the expense.

Politicization and stigmatization won’t solve cyber security concerns: Chinese Mission to the EU and embassies

Slamming the EU and NATO's allegations, spokesperson of the Chinese Mission to the EU said that the statements were not based on facts, but speculation and groundless accusations. He added that China has always been a firm defender of cyber security and has cracked down on cyber attacks launched within China or using Chinese cyber facilities. "For years, certain countries in the West have abused their technological advantages for massive and indiscriminate eavesdropping across the world, even on its close allies. At the same time, they have boasted themselves as the guardians of cyber security. They push around their allies to form small circles and repeatedly smear and attack other countries on cyber security issues," the Mission said. Such practices fully expose the West's hypocrisy, it added. The Mission said it will follow closely NATO's attempts to break its geographical constraints under the guise of cyber security to make false accusations against China. Over the years, China has been a major victim of cyber attacks. 

Old Agile vs New Agile

Agile 2 is new in that it aggregates the ideas of these new thinkers, and integrates these ideas into a cohesive system of thought, while adding missing pieces. Agile 2 interprets these many writings and translates them into a common and holistically integrated shared narrative. But what is that narrative? Agile 2 is complex because humans are complex. It is not a set of bumper sticker maxims asserted without supporting explanation and rationale. Agile 2 is nuanced and broad, and is published with the thought that went into it. But I will summarize it, to give you a sense. Agile 2 is defined by its Values and Principles. Most of those principles could be summarized as described here. Basically, Agile 2 says that extremes don’t usually work well, and that judgment is called for when applying any practice. It also emphasizes the critical importance of having the right kinds of leadership for each situation. Note that “kinds of leadership” is plural. Agile 2 favors emergent leadership and autonomy, but it views those as aspirations rather than assumptions, and includes the theory that senior leaders need to be intentional about the kinds of leadership needed within their organization ...

Google advances ‘invisible’ cloud security with intrusion detection, analytics and more

Google’s new Cloud IDS offering epitomizes that vision. Announced in preview today, Cloud IDS is said to be a cloud-native, managed intrusion detection system that enterprises can deploy in just a few clicks in order to protect themselves against malware, spyware, command-and-control attacks and other network-based threats, Potti said. Google worked closely with Palo Alto Networks Inc. to develop Cloud IDS. The system incorporates that company’s advanced threat detection technologies to detect malicious network activity with very low false positives. It’s essentially a managed version of Palo Alto’s threat detection services, available in Google Cloud, where scaling, availability and updates are all automated. Google Cloud IDS stands out for its flexibility, the company says. It can easily be integrated with third-party security information and event management and security orchestration, automation and response platforms, enabling users to both investigate and automatically respond to any alerts, Potti said. 

Advanced Technology Outcomes: Humans Vs. Machine Or Human With Machine?

There is no doubt that we humans have always benefited from machines and also that we have the power to turn them off when required. But now the situation has turned around. The increasing issue is the vital role played by machines both as a single unit and collectively as infrastructures. This means humans no longer have the option to shut the machines off. In the health sector as well machines are evolving at a faster rate. Surgery is becoming robotized and medical diagnostics has become dependent on machines. Even there are automated machines that are manufacturing drugs. Therefore, pulling the plug off will result in terrible consequences for thousands of people worldwide. Besides all this, we are making use of machines as an extension of ourselves and applying them as stronger, faster, and cheaper hands. And, because of this, we still win over the machines but it is on us to make accurate decisions for the upcoming future. We are continuously getting engaged with machines. We use smartphones to show routes, to reach a destination, to look for recipes, even we use smartphones to check our health and the list is increasing rapidly.

Bringing Your Factory to the Edge in 2021

Is your factory living in the dark ages? Are you constantly checking manual reports to see your production scores? Do you wish that you could check your factory health on your smart device from anywhere in the world? If so, you could benefit from taking your factory to the edge. ... Reading information directly from our fieldbus-connected devices works great for a retrofit if you are an end user and not a programmable logic controller (PLC) programmer, or if you do not have access to the controller in the system because the integrator did not provide source codes. You can use a number of protocol converters and commercially available edge connection devices to take your machine-level data to an edge platform with some basic education online. For a large number of users, this option will get their factory “talking” to them for minimal human or equipment capital. It will require only protocol conversion and an edge connector (which we will discuss in a moment) and the cloud setup of choice, which can be outsourced.

MosaicLoader Malware Delivers Facebook Stealers, RATs

Once installed on a machine, the malware creates a complex chain of processes, according to Bitdefender. Its hallmark, researchers said, is a unique obfuscation technique that shuffles small code chunks around resulting in an intricate, mosaic-like structure – hence the name. The first stage of the execution flow is the installation of a dropper, which mimics legitimate software: Most of the first-stage droppers that researchers analyzed have icons and “version information” that mirror those used for legitimate applications. In some cases, the dropper pretends to be a NVIDIA process, for instance. The dropper makes contact with the C2 (the URL of the C2 is hardcoded as a string), then downloads a .ZIP file into the %TEMP% folder that contains two files required for the second stage: appsetup.exe, and prun.exe. These are extracted to an innocuous-sounding “PublicGaming,” folder in the C: directory, while the dropper also launches several instances of Powershell to add exclusions from Windows Defender for the folder and the specific file names.

The biggest remote communication challenges within organisations

Zooming back out to an organisational level, recent events have pushed leadership teams to fully embrace digital transformation. For many organisations, making remote work plausible meant pulling together capabilities from a range of technology providers into something of a patchwork of solutions, that didn’t necessarily behave well together but was necessary given the organisational shock felt initially. Recognising that remote working is going to be a significant and constant part of our working landscape, it is now time to think about how to make this tech stack work more effectively. In many cases, this will involve consolidation, ideally onto a single CRM platform, where the sharing of customer and prospect data between marketing, sales and customer service teams is seamless, and where the platform supports growth, instead of creating friction points. ... The effects of COVID-19 disrupted the working landscape profoundly last year, meaning that UK organisations have had to rethink their working strategies. It is vital that business leaders constantly keep in touch with their employees and support them when these changes are taking place. 

Image encryption technique could keep photos safe on popular cloud photo services

Now researchers have created a way for mobile users to enjoy popular cloud photo services while protecting their photos. The system, dubbed Easy Secure Photos (ESP), encrypts photos uploaded to cloud services so that attackers – or the cloud services themselves – cannot decipher them. At the same time, users can visually browse and display these images as if they weren’t encrypted. “Even if your account is hacked, attackers can’t get your photos because they are encrypted,” said Jason Nieh, professor of computer science and co-director of the Software Systems Laboratory. ESP employs an image encryption algorithm whose resulting files can be compressed and still get recognized as images, albeit ones that look like black and white static to anyone except authorized users. In addition, ESP works for both lossy and lossless image formats such as JPEG and PNG, and is efficient enough for use on mobile devices. Encrypting each image results in three black-and-white files, each one encoding details about the original image’s red, green, or blue data.

Quote for the day:

"Leaders can choose to grow and change, but generally the most powerful predictor of future performance is past behavior. Evaluate them realistically." -- Lee Ellis

No comments:

Post a Comment