One of the more important coding disciplines in object-oriented programming and SOA is code refactoring. The techniques allow developers to restructure code as they better understand usage considerations, performance factors, or technical debt issues. Refactoring is a key technique for transforming monolithic applications into microservices. Refactoring strategies include separating the presentation layer, extracting business services, and refactoring databases. Robin Yeman, strategic advisory board member at Project and Team, has spent most of her career working on large-scale government and defense systems. Robin concedes, “The largest technology barriers to utilizing agile in building or updating complex legacy systems are the many dependencies in the software architecture, forcing multiple handoffs between teams and delays in delivery.” Robin suggests that refactoring should focus on reducing dependencies. She recommends, “Refactoring the software architecture of large legacy systems to utilize cloud-native applications and microservices reduces dependencies between the systems and the teams supporting them.”
Even though Secure Boot stands in the way of executing untrusted UEFI binaries from the ESP, over the last few years we have been witness to various UEFI firmware vulnerabilities affecting thousands of devices that allow disabling or bypassing Secure Boot. This shows that securing UEFI firmware is a challenging task and that the way various vendors apply security policies and use UEFI services is not always ideal. Previously, we have reported multiple malicious EFI samples in the form of simple, single-purpose UEFI applications without extensive functionality. These observations, along with the concurrent discovery of the ESPecter and FinFisher bootkits, both fully functional UEFI bootkits, show that threat actors are not relying only on UEFI firmware implants when it comes to pre-OS persistence, but also are trying to take advantage of disabled Secure Boot to execute their own ESP implants. We were not able to attribute ESPecter to any known threat actor, but the Chinese debug messages in the associated user-mode client component leads us to believe with a low confidence that an unknown Chinese-speaking threat actor is behind ESPecter.
Strategic plans are important to achieving your vision, but they can't be set in stone either. The pandemic was an unforeseen situation that took all companies in the world by surprise. Consequently, it is important to be ready to turn, change course quickly, and try to affect the entire organization as little as possible. ... People are inherently social creatures. It should come as no surprise then that we long to feel connected to the people we spend most of our time with. So how can we, as business leaders, help these connections occur between employees? Gregg Lederman is a bestselling author focused on employee interaction. After a long investigation he discovered 3 things that people need at work to feel completely fulfilled: The Need for Recognition: People have a need to be recognized for the skill and perspective they bring and for the challenges they have accomplished; The need for respect: People want to be respected for who they are as individuals and professionals and how they contribute to the team; The need for relationships: People want satisfying relationships with the people they work with.
“This malware family uses PowerShell tools to exploit various vulnerabilities in Windows,” according to the firm. “But what makes it especially interesting is its evasive technique. WatchGuard found that AMSI.Disable.A wields code capable of disabling the Antimalware Scan Interface (AMSI) in PowerShell, allowing it to bypass script security checks with its malware payload undetected.” ... In just the first six months of 2021, malware detections originating from scripting engines like PowerShell had already reached 80 percent of last year’s total script-initiated attack volume. At its current rate, 2021 fileless malware detections are on track to double in volume year over year. “Malicious PowerShell scripts have been known to hide in the memory of the computer and already use legitimate tools, binaries and libraries that come installed on most Windows systems,” explained the report. “That is why attackers have increased their use of this technique, called living off the land (LotL) attacks. Using these methods, a vaporworm might make its script invisible to many antivirus systems that don’t inspect the scripts or systems’ memory.”
As a measurement standard, mean times are a legacy paradigm brought over from call centers many eons ago. Over the years, cybersecurity leaders adopted similar metrics because IT departments were familiar with them. In today's reality, mean times don't map directly to the type of work we do in cybersecurity, and we can't entirely generalize them to be meaningful indicators across the attack lifecycle. While these averages might convey speed relative to specific parts of the attack lifecycle, they don't provide any actionable information other than potentially telling you to hurry up. In the best-case scenario, MTTX becomes a vanity metric that looks great on an executive dashboard but provides little actual business intelligence. ... The fastest MTTX is not worth anything if it measures the creation of an inaccurate alert. We want mean time metrics to tell us about actual alerts, or true positives and not be skewed by bad data. So, you might be thinking, "how does an untuned MTTX tell you about the quality of work your security provider does, or how safe it makes your systems?"
In a real marketplace, even if the property is intellectual property (such as a patent or copyright, whose form can be entirely digital), there will likewise need to be a contractual transfer of the rights to that intellectual property to a new party, with the transfer again having the full endorsement and power of law behind it. For instance, if in making an intellectual property purchase, I acquire the copyright to a picture, even a digital picture, the real market that operates in our society ensures that the transfer is subject to its laws and strictures. Through my purchase, I will own the picture in a real sense and can take legal action against anyone who tries to infringe on my copyright (such as by posting it on a blog without my permission). By contrast, the concept of owning an NFT on a blockchain is specific to the blockchain with no legal force in the society at large. Suppose I snap a digital photo. Because I’m the one who snapped the photo, US law agrees that I own the copyright to it.
In its own right, WebAssembly brings new capabilities and additional security features to modern development environments — both in the browser and with cloud native. However, modern cloud native developers are confronted with new challenges, such as CPU diversity, multiple operating environments, security, distributed application architecture, and scalability, that transcend deployments into a single public cloud provider. To understand the modern distributed computing environment, one must consider the rising diversity inside the public cloud, where we see new ARM CPUs challenging the historical dominance of the x86 chipsets, competing on both cost and performance. Traditional enterprise systems typically compile software to a specific development environment including a CPU and an operating system, such as Linux-32 bit, MacOS-ARM64, or Windows-64bit. Looking past the public cloud towards the edge, we find an even more diverse range of execution environments on an assorted set of CPU architectures.
A significant difference from commonly employed asymmetric encryption is that during the initial handshake to set up communication, no vulnerable data are exchanged. Should the sender key communication be intercepted by a hacker, they still cannot pretend to be the originator of the communication to the receiver. The encryption itself is achieved by randomly generating keys and interweaving them with portions of unencrypted data to be transmitted, applied to single bytes of data rather than long byte collections. During the initial handshake, private keys are generated from or found in the form of login credentials, credit card information, biometric data, or other personal credential information or pre-shared private keys. The private keys are used to start the handshake and are never actually transmitted. Randomly generated data in the form of challenge codes, counter challenge codes and session keys are exchanged during the handshake. This allows for the client and server to ascertain that the communicator, at the other end, are who they say they are.
Quote for the day:
"Leaders who won't own failures become failures." -- Orrin Woodward