Build Data Factories, Not Data Warehouses
Organizations today can capture, store and query a remarkable breadth of data
relevant to their business. They can democratize access to this data so that
analyses, processes or products can depend on it. Data teams operate complex
data factories to service the data needs of their organization. But they are
often unable to control the quality of data produced. Data teams risk losing
trust and becoming sidelined if they do not catch and address data quality
issues before downstream users. Data leaders must take responsibility for data
quality by defining and enforcing quality control standards. They need tools and
processes that test data in ways that scale, both with the data itself and the
people involved in producing and consuming it. These are complex challenges, but
a tremendous amount of innovation is happening in the data community to address
them. I look forward to a future where our data factories are transparent, fast,
inexpensive, and produce data of outstanding quality!
Joint Law Enforcement Operation Dismantles RaidForums
The agencies involved in this case, dubbed Operation Tourniquet, include the US
Justice Department’s Criminal Division and Office of International Affairs, the
U.S. Secret Service’s Criminal Investigative Division, the FBI, the Criminal
Division’s Computer Crime and Intellectual Property Section, the Joint
Cybercrime Action Taskforce (Europol), the National Crime Agency (U.K.), the
Swedish Police Authority, the Romanian National Police, the Portugal Judicial
Police, the Internal Revenue Service Criminal Investigation and the Federal
Criminal Police Office (Germany). “The takedown of this online market for the
resale of hacked or stolen data disrupts one of the major ways cybercriminals
profit from the large-scale theft of sensitive personal and financial
information,” says assistant attorney general Kenneth A. Polite, Jr. of the
Justice Department’s criminal division. “This is another example of how working
with our international law enforcement partners has resulted in the shutdown of
a criminal marketplace and the arrest of its administrator.”10 examples of the metaverse for business and IT leaders
Early adopters want to figure out how to operate in the emerging digital world,
some for fear of falling behind or missing out altogether, said Nicolas Avila,
the CTO for North America at professional services firm Globant. What companies
are calling "metaverse" varies wildly. Currently, no extended reality platform
enables users' avatars to live, work and shop in what many are calling the next
version of the internet. And it's unclear how and whether extended reality
projects will converge and integrate to become that vision. The developing
metaverse is also fraught with potential problems, from its associated
greenhouse gas emissions to legal challenges. ... One promising business-focused
metaverse use case centers extended reality's promise of helping workers do
their job better, particularly through the use of AR. The fully realized
metaverse should be able to stream information in ways that make workers more
efficient and productive, Nguyen said. ... A worker could look at a traffic
light that was reported broken, get details on that complaint and update its
repaired status immediately.Tarrask malware uses scheduled tasks for defense evasion
Microsoft observed HAFNIUM from August 2021 to February 2022, target those in the telecommunication, internet service provider and data services sector, expanding on targeted sectors observed from their earlier operations conducted in Spring 2021. Further investigation reveals forensic artifacts of the usage of Impacket tooling for lateral movement and execution and the discovery of a defense evasion malware called Tarrask that creates “hidden” scheduled tasks, and subsequent actions to remove the task attributes, to conceal the scheduled tasks from traditional means of identification. The blog outlines the simplicity of the malware technique Tarrask uses, while highlighting that scheduled task abuse is a very common method of persistence and defense evasion—and an enticing one, at that. In this post, we will demonstrate how threat actors create scheduled tasks, how they cover their tracks, how the malware’s evasion techniques are used to maintain and ensure persistence on systems, and how to protect against this tactic.Quantum computing ecosystem expands in all directions
The quantum ecosystem is growing in all directions from academic to corporate
boardrooms and producing new hardware, software and partnerships. Denis
Mandich, CTO of quantum entropy startup Qrypt, said that the race to make
qubits at scale is a winner-take-all competition. ... Quantum Brilliance
is planning a joint research and development hub with La Trobe University and
RMIT University to develop high-performance, scalable diamond-based quantum
microprocessors. The Research Hub for Diamond Quantum Materials will develop
fabrication techniques. Dr. Marcus Doherty is the co-founder and chief
scientific officer of Quantum Brilliance, the head of the Diamond Quantum
Science and Technology Laboratory at the Australian National University and
the leader of the Australian Army’s quantum technology roadmap. Professor
Chris Pakes, acting deputy vice chancellor for research and industry
engagement at La Trobe University, said the partnership will use both
universities’ expertise in diamond growth, surface imaging and engineering,
and combine it with Quantum Brilliance’s industry experience and manufacturing
capabilities.Deep Learning Poised to ‘Blow Up’ Famed Fluid Equations
While this demonstration provided compelling evidence of a singularity, without a proof it was impossible to know for sure that it was one. Before Hou and Luo’s work, many simulations proposed potential singularities, but most of them disappeared when tested later on a more powerful computer. “You think there is one,” said Vladimir Sverak, a mathematician at the University of Minnesota. “Then you put it on a bigger computer with much better resolution, and somehow what seemed like a good singularity scenario just turns out to not really be the case.” That’s because these solutions can be finicky. They’re vulnerable to small, seemingly trivial errors that can accumulate with each time step in a simulation. “It’s a subtle art to try to do a good simulation on a computer of the Euler equation,” said Charlie Fefferman, a mathematician at Princeton University. “The equation is so sensitive to tiny, tiny errors in the 38th decimal place of the solution.” Still, Hou and Luo’s approximate solution for a singularity has held up against every test thrown at it so far, and it has inspired a great deal of related work, including full proofs of blowup for weaker versions of the problem.The role of infrastructure as code in edge datacentre computing
Managing datacentre computing located at the edge of the corporate network is
becoming as important as the management of centralised IT systems. There has
always been a need to manage branch office IT and remote server rooms
efficiently, because they are generally less resourced in terms of IT
administrators on site, compared with the central IT function. There is now a
groundswell of activity around managing the configuration of IT systems in the
same way that source code is managed by software development teams. Scott
McAllister, developer advocate at PagerDuty, says: “As IT infrastructure has
progressively decoupled from physical machines we can touch, managing and
provisioning that infrastructure has moved to software services in the cloud.
Those services are built with robust user interfaces for manual configuration.
However, handling those configurations at scale is tedious and can lead to
system fragility.” Once hailed as the future of infrastructure management and
now the de-facto best practice, infrastructure as code (IaC) is a process that
automates the provisioning and management of compute resources with
machine-readable templates.Fight Cloud Jacking by Slashing Complexity
SaaS applications are consumed and delivered through the cloud by the
enterprise as software. The cloud providers take application and
infrastructure security responsibility, yet the responsibility of access and
data security resides with enterprise security teams. IaaS and PaaS are
business-critical applications that are built and hosted by the enterprise,
and the responsibility of the infrastructure, application logic, data and
access security is managed by enterprise security teams. These environments
are growing and changing quickly for enterprises. For the CISO, this means
that the enterprise’s cloud environment on Tuesday might be very different
than what it was on Monday. That’s problematic. Managing access credentials
for these diverse and fast-changing environments is complicated, inconsistent,
and hard. It’s worse for the CISO as these are the credentials that the
cybercriminals want to cloud jack and use for commercial gains.Zero-Trust Security for Developer Workstations
Despite their legacy baggage, virtual desktop infrastructure (VDI) and desktop
as a service (DaaS) solutions address the above security risks. Such a
migration protects against physical code exfiltration via lost or stolen
laptops, since physical security of hard drives is delegated to your cloud
provider’s data center. Additionally, most clouds implement encryption at
rest, which secures persisted data against rare breaches. Citrix and VMWare
are classic VDI/DaaS providers, while some cloud providers are introducing
semi-managed first-party solutions like AWS Workspaces. Once workstations are
in the cloud, it’s relatively easy to reduce digital risks via image
management and network controls. Administrators can preinstall developer tools
into their images, which reduces the need for developers to securely assess or
install third-party applications. Meanwhile, the cloud infrastructure services
that are hosting the VDI sessions will be subject to any network policy
customizations, so administrators can filter out unwanted or unexpected
outbound traffic.4 ways to create a culture of collaboration
IT professionals have long been communicating and collaborating across
distributed teams, driven by a need to quickly respond to production outages,
urgent client requests, or to source and recruit the best talent, regardless
of location. We’ve standardized a set of tools that allow us to collaborate
globally. When the COVID crisis hit, we were well-positioned to rapidly extend
these capabilities to all parts of the company. Recently, as the
return-to-work initiatives began, we have outfitted many of our conference
facilities with equipment to help overcome the hybrid workforce challenges.
Throughout these workforce shifts, we have remained focused on an important
strategic priority: to be the easiest company to do business with. To create
that seamless experience, every member of our team needs to fully understand
our customers’ businesses, the specific problems we are solving for them, and
how they and our employees will engage with and experience the technology
solutions we’re building.Quote for the day:
"A lot of people have gone farther than they thought they could because someone else thought they could." -- Zig Zigle
No comments:
Post a Comment