We can think of the copy as a digital clone or twin, but it would not be you. It would be a mental copy of you, including all of your memories up to the moment your brain was scanned. But from that time on, the copy would generate its own memories inside whatever simulated world it was installed in. It might interact with other simulated people, learning new things and having new experiences. Or maybe it would interact with the physical world through robotic interfaces. At the same time, the biological you would be generating new memories and skills and knowledge. In other words, your biological mind and your digital copy would immediately begin to diverge. They would be identical for one instant and then grow apart. Your skills and abilities would diverge. Your knowledge and understanding would diverge. Your personality and objectives would diverge. After a few years, there would be significant differences. And yet, both versions would “feel like the real you.” This is a critical point – the copy would have the same feelings of individuality that you have.
The hope is that as an open standard, it will be adopted and used with existing security standards and processes. Then, as developers and users incorporate OCSF into their products and processes, security data normalization will become simpler and less burdensome. This, in turn, will enable security teams to do better at analyzing attack data, identifying threats, and defending their organizations from cyberattacks. Ultimately, John Graham-Cumming, Cloudflare’s CTO, said in a statement, “Every business deserves a simple, straightforward way to analyze and understand the security landscape — and that starts with their data. By participating in the OCSF, we hope to help the entire security industry focus on doing the work that matters instead of wasting countless hours and resources on formatting data.” I hope this is true. I hate wasting time. And time is one thing we never have enough of when we’re dealing with a security problem. If OSCF can succeed in its aims, it will be a major step forward in dealing with large-scale security problems.
Entrepreneurs are a special breed of overthinkers. We're constantly making decisions, so we have to think fast on our feet. But we also must take the time to weigh our options out properly. And so we think up all possible scenarios: the good, the bad and the ugly. This used to be one of my biggest hurdles when starting. What if this client falls through? What if users aren't satisfied with our product? What if we can't attract enough attention and be sustainable? What will I do? My mind was my biggest enemy. Consequently, after a long night of tossing and turning, I'd wake up unmotivated to start the day. Here's the thing I've learned since: energy thrives on confidence. And confidence only comes when you believe in your abilities. As co-authors Linda Bloom, L.C.S.W., and Charlie Bloom, M.S.W.. write in Psychology Today, "Self-trust is not trusting yourself to know all the answers, nor is it believing that you will always do the right things," they explain. "It's having the conviction that you will be kind and respectful to yourself regardless of the outcome of your efforts."
"If you have access to the virtual machine, you have full access inside the network, but more importantly, you can sniff all the traffic going through, including decrypted VPN traffic," Baines says. "So, it is a really great place for an attacker to chill out and pivot, but probably just sniff for credentials or monitor the traffic flowing into the network." Baines discovered the issue when he was investigating the Cisco ASDM to get "a level set on how the GUI (graphical user interface) works" and pull apart the protocol, he says. A component installed on administrators' systems, known as the ASDM launcher, could be used by attackers to deliver malicious code in Java class files or through the ASDM Web portal. As a result, attackers could create a malicious ASDM package to compromise the administrator's system through installers, malicious Web pages, and malicious Java components. The ASDM vulnerabilities discovered by Rapid7 include a known vulnerability (CVE-2021-1585) that allows an unauthenticated remote code execution (RCE) attack, which Cisco claimed was patched in a recent update, but Baines discovered it remained.
Is computer vision about to reinvent itself, again? Ryad Benosman, professor of ophthalmology at the University of Pittsburgh and an adjunct professor at the CMU Robotics Institute, believes that it is. As one of the founding fathers of event-based vision technologies, Benosman expects that neuromorphic vision — computer vision based on event-based cameras — will be the next direction computer vision will take. “Computer vision has been reinvented many, many times,” Benosman said. “I’ve seen it reinvented twice at least, from scratch, from zero.” Benosman cited the shift in the 1990s from image processing with a bit of photogrammetry to a geometry-based approach and then to today’s rapid advance toward machine learning. Despite those changes, modern computer-vision technologies are still predominantly based on image sensors — cameras that produce an image similar to what the human eye sees. According to Benosman, until the image-sensing paradigm is no longer useful, it holds back innovation in alternative technologies. The development of high-performance processors, such as GPUs, delay the need to look for alternative solutions and thus have prolonged this effect.
Go has been compared to scripting languages like Python in its ability to satisfy many common programming needs. Some of this functionality is built into the language itself, such as “goroutines” for concurrency and threadlike behavior, while additional capabilities are available in Go standard library packages, like Go’s http package. Like Python, Go provides automatic memory management capabilities including garbage collection. Unlike scripting languages such as Python, Go code compiles to a fast-running native binary. And unlike C or C++, Go compiles extremely fast—fast enough to make working with Go feel more like working with a scripting language than a compiled language. Further, the Go build system is less complex than those of other compiled languages. It takes few steps and little bookkeeping to build and run a Go project. ... Go binaries run more slowly than their C counterparts, but the difference in speed is negligible for most applications. Go performance is as good as C for the vast majority of work, and generally much faster than other languages known for speed of development.
Protecting individuals' privacy is something all of us — including elected officials — should be very concerned about, Mestrovich said. "I would expect, going forward, there will be either executive orders or legislation passed to ensure that the civil liberties and the rights that we all expect to data privacy and privacy of our own activities are kept sacrosanct," he added. As a CISO himself, ransomware is top of mind. "Ransomware is a huge threat to just our economic viability," Mestrovich told us, citing a Cybersecurity Ventures forecast that global cybercrime costs to grow by 15 percent per year over the next five years, reaching $10.5 trillion annually by 2025. "Clearly, the cyber criminals have monetized the theft of data or depriving an organization use of its data," Mestrovich said. "Until we can do something to prevent the economic gain that they have from the theft of data or the denial of an organization's access to his data. This is only going to increase"
The Director of the NCSC Richard Browne said that in the past these groups typically focussed on larger organisations. However they have now shifted focus to smaller entities. “We have been dealing with the threat of ransomware for some time; however, we have seen a noticeable change in the tactics of criminal ransomware groups, whereby rather than largely focussing on Governments, critical infrastructure and big business, they are increasingly targeting smaller businesses. “This is a trend that has been observed globally, and Ireland is no exception with several businesses becoming victims of these groups in the past number of weeks,” he said. Richard Browne said the letter sent to IBEC by the NCSC and GNCCB has outlined guidance for small companies and how they can deal with the attack. “Whilst we appreciate that many business owners are understandably nervous of the threat ransomware poses, there are some straightforward security measures that can be put in place to ensure that an organisations data and systems remain secure,” he added.
AI applications can analyze weather and soil conditions, water usage, and risk of diseases to help farmers reduce the risk of crop failures by providing valuable insights like the right time to sow seeds, right crop/seed choices. Detecting plant diseases, weeds, and pests beforehand can reduce the use of chemicals like herbicides and pesticides and bring cost savings. Many companies have started using robots that can eliminate 80% of the volume of the substances generally sprayed on the crops and bring down the expenditure on herbicides by 90% Further, the use of AI in harvesting, picking, and vacuum apparatus can quickly identify the location of the harvestable produce and help determine the proper fruits. The Strawberry Harvest is a classic example. ... With satellite imagery and weather data, AI applications can analyze the market trends, like which crops are in demand and which are more profitable. This helps the farmers to increase their revenue by guiding them about future price patterns, demand level, type of crop to sow for maximum benefit, pesticide usage, etc.
The vulnerabilities are so numerous now and cloud native applications have larger attack surfaces with no way to mitigate vulnerabilities using traditional means, Tiperneni explained. “It’s no longer sufficient to throw out a report that tells you about all the vulnerabilities in your system,” Tiperneni said. “Because that report is not actionable. People operating the services are discovering that the amount of time and effort it takes to remediate all these vulnerabilities is incredible, right? So they’re looking for some level of prioritization in terms of where to start.” And the onus is on the user to mitigate the problem, Tiperneni said. Those customers have to think about the blast radius of the vulnerability and its context in the system. The second part: How to manage the attack surface. In this world of cloud native applications, customers are discovering very quickly, that trying to protect every single thing, when everything has access to everything else, is an almost impossible task, Tiperneni said.
Quote for the day:
"The Leadership Seduction of storytelling invites self-pity, exaggerates one's importance, and encourages inaction." -- Catherine Robinson-Walker