7 machine identity management best practices
When keys and certificates are static, it makes them ripe targets for theft and
reuse, says Anusha Iyer, co-founder and CTO at Corsha, a cybersecurity vendor.
"In fact, credential stuffing attacks have largely shifted from human username
and passwords to API credentials, which are essentially proxies for machine
identity today," she says. As API ecosystems are seeing immense growth, this
problem is only becoming more challenging. Improper management of machine
identities can lead to security vulnerabilities, agrees Prasanna Parthasarathy,
senior solutions manager at the Cybersecurity Center of Excellence at Capgemini
Americas. In the worst case, attackers can wipe out entire areas in the IT
environment all at once, he says. "Attackers can use known API calls with a real
certificate to gain access to process controls, transactions, or critical
infrastructure – with devastating results." To guard against this, companies
should have strict authorization of the source machines, cloud connections,
application servers, handheld devices, and API interactions, Parthasarathy says.
Most importantly, trusted certificates should not be static, he says.
Kalix: Build Serverless Cloud-Native Business-Crtical Applications with No Databases
Kalix aims to provide a simple developer experience for modelling and building
stateful and stateless cloud-native, along with a NoOps experience, including a
unified way to do system design, deployment, and operations. In addition, it
provides a Reactive Runtime that delivers ultra-low latency with high resilience
by continuously optimizing data access, placement, locality, and replication.
When using currently available Functions-as-a-Service (FaaS) offerings,
application developers need to learn and manage many different SDKs and APIs to
build a single application. Each component brings its own feature set,
semantics, guarantees, and limitations. In contrast, Kalix provides a unifying
application layer that pulls together the necessary pieces. These include
databases, message brokers, caches, service meshes, API gateways, blob storages,
CDN networks, CI/CD products, etc. Kalix exposes them into one single unified
programming model, abstracting the implementation details from its users. By
bringing all of these components into a single package, developers don't have to
set up and tune databases, maintain and provision servers, and configure
clusters, as the Kalix platform handles this.
Snake Keylogger Spreads Through Malicious PDFs
The campaign—discovered by researchers at HP Wolf Security—aims to dupe victims
with an attached PDF file purporting to have information about a remittance
payment, according to
a blog post
published Friday. Instead, it loads the info-stealing malware, using some tricky
evasion tactics to avoid detection. “While Office formats remain popular, this
campaign shows how attackers are also using weaponized PDF documents to infect
systems,” HP Wolf Security researcher Patrick Schlapfer wrote in the post, which
opined in the headline that “PDF Malware Is Not Yet Dead.” Indeed, attackers
using malicious email campaigns have preferred to package malware in Microsoft
Office file formats, particularly Word and Excel, for the past decade, Schlapfer
said. In the first quarter of 2022 alone, nearly half (45 percent) of malware
stopped by HP Wolf Security used Office formats, according to researchers. “The
reasons are clear: users are familiar with these file types, the applications
used to open them are ubiquitous, and they are suited to social engineering
lures,” he wrote.
Paying the ransom is not a good recovery strategy
“One of the hallmarks of a strong Modern Data Protection strategy is a
commitment to a clear policy that the organization will never pay the ransom,
but do everything in its power to prevent, remediate and recover from attacks,”
added Allan. “Despite the pervasive and inevitable threat of ransomware, the
narrative that businesses are helpless in the face of it is not an accurate one.
Educate employees and ensure they practice impeccable digital hygiene; regularly
conduct rigorous tests of your data protection solutions and protocols; and
create detailed business continuity plans that prepare key stakeholders for
worst-case scenarios.” The “attack surface” for criminals is diverse.
Cyber-villains most often first gained access to production environments through
errant users clicking malicious links, visiting unsecure websites or engaging
with phishing emails — again exposing the avoidable nature of many incidents.
After having successfully gained access to the environment, there was very
little difference in the infection rates between data center servers, remote
office platforms and cloud-hosted servers.
Beneath the surface: Uncovering the shift in web skimming
Web skimming typically targets platforms like Magento, PrestaShop, and
WordPress, which are popular choices for online shops because of their ease of
use and portability with third-party plugins. Unfortunately, these platforms and
plugins come with vulnerabilities that the attackers have constantly attempted
to leverage. One notable web skimming campaign/group is Magecart, which gained
media coverage over the years for affecting thousands of websites, including
several popular brands. In one of the campaigns we’ve observed, attackers
obfuscated the skimming script by encoding it in PHP, which, in turn, was
embedded inside an image file—a likely attempt to leverage PHP calls when a
website’s index page is loaded. Recently, we’ve also seen compromised web
applications injected with malicious JavaScript masquerading as Google Analytics
and Meta Pixel (formerly Facebook Pixel) scripts. Some skimming scripts even had
anti-debugging mechanisms, in that they first checked if the browser’s developer
tools were open. Given the scale of web skimming campaigns and the impact they
have on organizations and their customers, a comprehensive security solution is
needed to detect and block this threat.
Next generation PIM: how AI can revolutionise product data
An ideal AI-powered PIM solution addresses a gamut of data management needs that
translate to benefits like analysing images and comparing them to product
descriptions; translating texts automatically; analysing and comparing data;
understanding the statistical rules; and correcting what doesn’t comply with
those rules. The use of AI in PIM also helps create a contextualised,
straightforward path for businesses to pursue by providing new insights accrued
from various products and customer data sets across channels. With the right
training, a neural network (deep learning) can be formed to sweep and analyse
through metadata pertaining to different data sets for the delivery of accurate
results across channels. Thus, it ultimately relieves organisations of
time-consuming, repetitive tasks in managing changes or errors in their product
data cycles. The role of PIM is constantly evolving; for example, in
experiential retail, the PIM system needs to be implemented with AI for human
context. Here, there is a change in both sides of the retailer-consumer dynamic,
through product information management solutions that are expected to be more
open network-oriented with AI.
IT Support for Edge Computing: Strategies to Make it Easier
IT vendors commonly assign account managers to major customer accounts for the
purpose of managing relationships. If an issue arises, this account manager
“point person” can summon the necessary resources and follow up to see that work
and/or support is completed to a satisfactory resolution. IT can profit from the
account manager approach with end users, especially if users have an abundance
of edge applications and networks. An assigned business analyst who coordinates
with tech support and others in IT can be the contact point person for an
end-user department whenever a persistent problem occurs. This account manager
can also periodically (at least quarterly) visit the user department and review
technology performance and IT support. End users are more apt to communicate and
cooperate with IT if they know they have someone to go to when they need to
escalate an issue. ... There is no area of IT that is more qualified to give
insights into how and where networks and systems are failing than technical
support. This is because technical support is out there every day hearing about
problems from end users, and then trouble-shooting the problems and deducing how
they are happening.
How to Run Your Product Department Like a Coach
A key part of this new way of working was something that was drilled into me as
an agile coach – keep teams together and give them time “to be teams”. Until
this point, teams had formed and disbanded for each project, however, I knew
that for us to move faster, the key would be high-performing teams and that
takes time. Instead, we would try to keep people together and if needed, change
their focus rather than disband them. This has easily been one of the most
successful parts of a new way of working I brought to accuRx. As part of this
focus, I worked closely with the CTO to establish clear leadership and
accountability within each team. We agreed that every team would have a PM/TL
(technical lead) pair, with both being held jointly accountable for the team
being healthy and effective at delivering at pace. This “leadership in pairs”
system has been crucial in allowing us to scale quickly whilst holding ourselves
to account. The final piece of the jigsaw was ensuring that I was able to
influence (or own) what our organisational structure would look like for Product
(and Engineering).
Managed cloud services: 4 things IT leaders should know
Managed cloud services still require some internal expertise if you want to
maximize your ROI – they should supercharge the IT team, not take its place. You
can certainly use cloud managed services to do more with less – the constant
marching order in today’s business world – and attain technological scale that
wouldn’t otherwise be possible. But you should still do so in the context of
your existing team and future hiring plans. “When developing a cloud-managed
service strategy, you need to consider that we are now combining what used to be
two separate sides of the house, infrastructure and application development,”
DeCurtis notes. DeCurtis notes that skills such infrastructure as code will be
essential for complex cloud services environments. If you’re already a mature
DevOps shop, then you’re ahead of the game. Other teams may have some learning
to do – and leadership may realize that people that can blend once-siloed job
functions can be tough to find – though not as impossible as it once seemed.
“Fortunately, these roles are becoming more readily available as organizations
continue to adopt cloud strategies,” DeCurtis.
IT risk management best practices for organisations
When we talk about risk, what we really mean is each organisation’s unique set
of vulnerabilities. These loopholes are monitored, generically and specifically,
by bad actors who would exploit them for financial or political gain, or
occasionally just for clout. The first step, then, is to understand centres of
risk within your organisation. These evolve with tech advances and behavioural
change, for example with the transition to hybrid working brought on by the
Covid-19 pandemic. “This has presented new challenges with expanded networks
beyond the traditional office environment: no physical barriers or access
controls, reduced VPN effectiveness, more endpoints and a greater attack surface
to monitor,” says Folliss. “Remote working distorts an IT security team’s
ability to manage and control the network and introduces new threats and
vulnerabilities – and thus new risk.” So your analysis can’t be a one-off,
rather a continuous, rigorous, and honest programme of testing and assessment
that gets to the heart of an organisation’s DNA, says Pascal Geenens, director
of threat intelligence at Radware.
Quote for the day:
"Confident and courageous leaders have
no problems pointing out their own weaknesses and ignorance." --
Thom S. Rainer
No comments:
Post a Comment