Daily Tech Digest - July 31, 2022

Best practices for recovering a Microsoft network after an incident

Often a recovery process is different for different sized organizations. A small business might just want to be back functional as soon as possible while a medium-sized business might take the time to do a root cause analysis. According to the NIST document, “Identifying the root cause(s) of a cyber event is important to planning the best response, containment, and recovery actions. While knowing the full root cause is always desirable, adversaries are incentivized to hide their methods, so discovering the full root cause is not always achievable.” If you use Microsoft Defender for Business Server, Microsoft recommends proactive adjustments to your server to ensure that you can best prevent attacks, specifically that you use the same attack surface reduction rules recommendation for workstations. One example from the screen image below, you want to block all office applications from creating client processes. As you rebuild your network after an incident, remember these settings as you often redeploy servers with default settings. You might not have remembered or documented all your settings that you need to do to better protect your network.

How AI Is Transforming The Future Of The Finance Industry

Since the entire foundation of AI is learning from past data, it only seems sensible that AI would flourish in the financial services industry, where keeping books and records is a given for businesses. Consider the use of credit cards as an example. Today, we utilize credit scores to determine who is and is not eligible for credit cards. However, it is not always advantageous for businesses to divide people into “haves” and “have-nots.” Instead, information about a person’s loan repayment patterns, the number of loans that are still open, the number of credit cards that person has already, etc. can be used to tailor the interest rate on a card so that the financial institution issuing the card feels more comfortable with it. ... When it comes to security and fraud detection, AI is on top. It can leverage historical spending patterns across various transaction instruments to unexpected flag activity, such as using a foreign card shortly after it has been used elsewhere or an effort to withdraw money in an unusual amount for the account in the issue. The system has no qualms about learning, which is another excellent aspect of AI fraud detection. 

Meta faces new FTC lawsuit for VR company acquisition

On Wednesday, the FTC sued Meta in an attempt to block its acquisition of virtual reality technology company Within Unlimited and its VR fitness app Supernatural. The FTC in a press release said Meta's "virtual reality empire" already includes a virtual reality fitness app and alleged Meta is attempting to "buy its way to the top." "Meta already owns a best-selling virtual reality fitness app, and it had the capabilities to compete even more closely with Within's popular Supernatural app," John Newman, FTC Bureau of Competition deputy director, said in the release. "But Meta chose to buy market position instead of earning it on the merits. This is an illegal acquisition, and we will pursue all appropriate relief." According to Meta's statement in response to the lawsuit, the FTC's case is "based on ideology and speculation, not evidence." ... It's not the first time the FTC has accused Meta of buying out the competition. In an ongoing lawsuit against the company, the FTC alleged that Meta's previous Instagram and WhatsApp acquisitions served to kill what the company viewed as competition to its popular social media site Facebook.

Blockchain Applications That Make Sense Right Now

Using blockchain technology, users can create digital assets that are verifiable, scarce and portable – the core properties of a “token”. The owner of a blockchain-generated token can be sure they are the only owner of a limited quantity item. These are tokens that have genuine value as they solve the ownership challenge digital assets have had since day one. This is the core building block that is not possible in Web2’s centralized world. Yes, Fortnite can sell you virtual clothing, and a bank can show a deposit in your account, but those assets are at the behest of the central actors. Creators are similarly beholden to the platforms that distribute their products, and their popularity is governed by their algorithms and business interests of those centralized platforms. With blockchain, new types of assets can be created that hold value outside any centralized platform (even though those platforms may still be very relevant for creation, display and distribution). No centralized actor can unilaterally change the ownership of an asset ‘on-chain’, and rules are visible in public code. Ownership can be ascertained with certainty for all who examine it.

Yes, you are being watched, even if no one is looking for you

Whether or not you pass under the gaze of a surveillance camera or license plate reader, you are tracked by your mobile phone. GPS tells weather apps or maps your location, Wi-Fi uses your location, and cell-tower triangulation tracks your phone. Bluetooth can identify and track your smartphone, and not just for COVID-19 contact tracing, Apple’s “Find My” service, or to connect headphones. People volunteer their locations for ride-sharing or for games like Pokemon Go or Ingress, but apps can also collect and share location without your knowledge. Many late-model cars feature telematics that track locations–for example, OnStar or Bluelink. All this makes opting out impractical. The same thing is true online. Most websites feature ad trackers and third-party cookies, which are stored in your browser whenever you visit a site. They identify you when you visit other sites so advertisers can follow you around. Some websites also use key logging, which monitors what you type into a page before hitting submit. Similarly, session recording monitors mouse movements, clicks, scrolling and typing, even if you don’t click “submit.”

How remote work disrupted global supply chains

To make matters worse, many U.S.-based distributors and retailers decided to bulk up their inventories to hedge against shortages. The surge of e-commerce contributed to the disruptive spiral by making two-day shipping a necessity. In addition, the resulting shortage of warehouse space worsened bottlenecks by pushing supplies back to shipping docks and freight terminals. While remote work isn’t entirely to blame for the supply chain crisis, it clearly kicked off a sequence of events that took on a life of its own. Zoom, Google Docs, and Amazon undermined the assumption that history would repeat itself. When is it all going to end? Experts disagree. Most say things will probably improve for the rest of this year and return to something close to normal by the end of 2023. But even the Federal Reserve Bank of Cleveland recently admitted that the sources it relies upon for intelligence “are mostly based on hope rather than on concrete evidence.” In the meantime, the crisis has also cast the spotlight on the delicate interconnections that hold the world’s supply lines together and the effects that minor disruptions at the far end of the chain can have further upstream.

Network security depends on two foundations you probably don’t have

Any use of the network creates traffic and traffic patterns. Malware that’s probing for vulnerabilities is an application, and it also generates a traffic pattern. If AI/ML can monitor traffic patterns, it can pick out a malware probe from normal application access. Even if malware infects a user with the right to access a set of applications, it’s unlikely the malware would be able to duplicate the traffic pattern that user generated with legitimate access. Thus, AI/ML could detect a difference, and create an alert. That alert, like a journal alert on unauthorized connections, would then be followed up to validate the state of the user’s device security. The advantage of the AI/ML traffic pattern analysis is that it can be effective even when user identity is difficult to pin down, so explicit connection authorization is problematic. In fact, you can do traffic pattern analysis at any level from single users to the entire network. Think of it as involving a kind of source/destination-address-logging process; at a given point, have I seen packets from or to this address or this subnetwork before? If not, then a more detailed analysis may be in order, or even an alert.

Building resilience against emerging security threats

Threats such as malware and data breaches almost always rely on misconfigured systems to succeed. Perhaps a default password hasn’t been changed, a cloud storage instance has been set to public, or a dangerous port is accidentally left open to the internet. These are all errors that can be hard to spot in a complex data centre. It’s a time-consuming task that may not be a top priority amongst competing business goals, meaning the vulnerability remains unidentified. Configuration management tools help here by scanning the entire estate, from cloud storage to local servers, websites to network devices, and more, identifying misconfigurations. They are vendor agnostic and surface anomalies that might otherwise go unnoticed – until it is too late. Auditing the estate in this way gives CISOs the visibility and control they need to effectively monitor their estate and be proactive in remediating misconfigurations. Armed with this insight, the company’s risk is reduced and its resilience is enhanced. 

SQL Server 2022: Here’s what you need to know

If you’ve ever looked at the claims for blockchains and thought that an append-only database could do that without all the work of designing and maintaining a distributed system that likely doesn’t scale to high-throughput queries (or the environmental impact of blockchain mining), another feature that started out in Azure SQL and is now coming to SQL Server 2022 is just what you need. “Ledger brings the benefits of blockchains to relational databases by cryptographically linking the data and their changes in a blockchain structure to make the data tamper-evident and verifiable, making it easy to implement multi-party business process, such as supply chain systems, and can also streamline compliance audits,” Khan explained. For example, the quality of an ice cream manufacturer’s ice cream depends on both the ingredients that its suppliers send and the finished ice cream it delivers being shipped at the right temperature. If the refrigerated truck has a fault, the cream might curdle, or the ice cream might melt and then refreeze once it’s in the store freezer. By collecting sensor information from everyone in its supply chain, the ice cream manufacturer can track down where the problem is.

7 benefits of using design review in your agile architecture practices

For an enterprise to practice architecture in an agile environment, several architects and designers must support the project's agile value streams, which are the actions taken from conception to delivery and support that add value to a product or service. One organization may have a distinct team of architects producing solution designs and templates. Another might place the architect inside the agile squad in a dual senior engineer role. ... The things involved in a design review include:The designer is the person who wants to solve a problem. The documentation is the document at the center of attention. It contains information regarding all aspects of the problem and the proposed solution. The reviewer is the person who will review the documentation. The process includes the agreed-upon rules and interactions that define the designer's and reviewer's communications. It may stand alone or be part of a bigger process. For example, in a software development life cycle, it could precede development, or in an API specification, it could include evaluating changes. The review scope is the area the reviewer tries to cover when reviewing the documentation (technical or not).

Quote for the day:

"You've got to risk the terrible and pathetic, in order to get to the graceful and elegant."

No comments:

Post a Comment