Daily Tech Digest - January 08, 2023

The best robots and AI innovations at CES 2023

Advancements in autonomous driving haven't developed as quickly as some imagined they would. However, cars are incrementally becoming smarter and smarter, with autonomy seemingly just over the horizon. Case in point: Peugeot, Stellantis's French automobile brand, unveiled the Inception Concept car, an electric vehicle demonstrating what a car can be, once you do away with the steering wheel, get comfortable and let the vehicle get to know you a little. ... While autonomous cars are still in development, other market-ready autonomous mobility tools were on display on CES. The company Evar was at the conference with Parky, an autonomous EV recharging robot that brings a charging station to any parking spot. It's designed for building owners that want to make their parking spots more EV-friendly without adding electric capacity. ... The Withings U-Scan toilet bowl sensor attaches to the inside of your toilet's bowl. It includes a nutrition and metabolic urine tracker, checks pH, ketone, vitamin C levels, and more. A second tracker monitors women's luteinizing hormone for ovulation cycles. Each promise early detection of potential health issues.

Math Behind Software and Queueing Theory

Unsurprisingly, queueing theory is a branch of mathematics, focused on studying and describing queues (or, in more professional terms, lines). The whole theory is all about how lines are created, how they behave, and, most important, how and why they malfunction. It is one of these branches of mathematics which are useful in real life; e.g., it can be used in many branches of industry. ... Basically, we can treat most of the systems like a queue so users send requests, the request process, and the response return to the user, or when the system is too busy to process the request right away, the request waits until some arbitrary timeout is reached or it will be processed. The real problem is to correctly identify the class of the system we are working on. In most cases, it will be the variation of M/M/c or Mx/m/c. Unfortunately, it can result in our calculations not being very in line with real life. As long as we are taking care of long-term average system performance then M/M/c is an appropriate description and most of the inconsistencies should be kept in line with averaged results.

SpiderLightning: Making WebAssembly cloud applications portable

A key element of this extensibility is the WebAssembly Component Model. Defined by the WebAssembly working group as the Wasm equivalent of an OS process model, it’s the foundation for how WASI implements its interfaces. A key element of any low-level approach like this is an interface definition language, which provides a way to specify how interfaces interact with code. For Wasm, and especially for the Component Model, the standard IDL is wit, which gives us a concise and human-readable way of defining interfaces that are expanded into WebAssembly code. To use WASI to build distributed applications, we need a set of extensions that lets us abstract provider-specific services as interfaces. Instead of having to use separate APIs for S3 on AWS and Blob storage on Azure and the code to manage them, we could have a single storage component that would provide a common set of interfaces on all platforms, with the underlying WASI instance managing service-specific implementations.

Attackers create 130K fake accounts to abuse limited-time cloud computing resources

Researchers refer to the abuse of free offers as freejacking, and the creation of accounts that incur charges and then are never paid as "play and run." The latter is more difficult to pull off because most service providers require the user to register a valid credit card or payment method before giving them access to paid-for computing resources. However, even if usage is tracked and charged on a per-minute basis, the bill is usually issued after a longer period. This gives attackers a time window to abuse such services. ... "The infrastructure architecture employed by the actors uses CI/CD techniques, in which each individual software component of an operation is placed within a container," the researchers said. "This container operates within a modular architecture within the larger mining operation. CI/CD architectures provide highly modular operational environments, allowing some components of an operation to fail, be updated, or even be terminated and replaced, without affecting the larger environment." Not all the containers are used for cryptomining. 

How to Get the Best Cyber-Insurance Deal

The first step in obtaining affordable cyber insurance is finding a broker who is well-versed in coverage terms and has access to several different insurance markets, says Mark Dobrow, a vice president in the insurance brokerage division of Segal, a human resources and employee benefits consulting firm. “Market knowledge and experience is limited due to the relative newness of the product as compared to the long history of standard property coverages,” he explains. “The right broker can tailor the coverage to your needs and should know which markets are best for a particular situation.” ... The biggest mistake cyber-insurance applicants make, Aiello says, is paying poor attention to detail. “Businesses must ensure technology is being deployed in line with the insurance firm's conditions, otherwise insurers can attempt to get out of paying a claim if the technology was not ‘properly implemented’,” he warns. Unfortunately, the language used in cyber-insurance policies isn't always consistent between providers. 

Southwest Airlines: ‘Shameful’ Technical Debt Bites Back

It’s been an open secret within Southwest for some time … that the company desperately needed to modernize its scheduling systems. … This problem — relying on older or deficient software that needs updating — is known as incurring technical debt [and it] appears to be a key factor in why Southwest Airlines couldn’t return to business as usual the way other airlines did after last [month’s] major winter storm. When hiccups or weather events happen, the employees have to go through a burdensome, arduous process … because Southwest hadn’t sufficiently modernized its crew-scheduling systems. For example, if … their flight was canceled … employees have had to manually call in to let the company know where they are [sometimes] being left on hold on the phone for … hours just to let the company know their whereabouts. … Online forums are full of employee accounts of such misery. … This can easily cascade to a systemwide halt. … Such breakdowns resulting from technical debt are often triggered by external events, like weather. … So why didn’t Southwest simply update its software and systems?

Top 3 trends experts predict to hit software development in 2023

While hackers are typically associated with cyberattacks, many of them also have a “broad, practical skillset” that can make them useful for parts of software development. That’s according to Alex Rice, the co-founder and CTO of HackerOne, which connects businesses with penetration testers and cybersecurity researchers. Rice believes that both hackers and external code reviewers will become a more integrated part of the software development processes in 2023, as more organisations adopt security reviews into their development process. “As the value of DevSecOps (development, security and operations) increases, we’ll see the line between hackers and developers blurring as hackers with development expertise become a core element of the software development processes,” Rice said. “There’s a lot of value hackers can bring when it comes to catching security risks earlier rather than later.” Earlier this year, Irish start-up Noloco raised $1.4m in seed funding for its platform, which lets companies build internal tools, portals and apps without writing a line of code.

Blind Eagle APT Hunts Banking Victims in Colombia, Ecuador

Based on Trend Micro's report, the APT is traditionally known to leverage publicly available remote access tools and Trojans such as njRAT, imminent monitor, ProyectoRAT, Warzone RAT, Async RAT, Lime RAT, Remcos RAT and BitRAT. Over time, the APT switches from one RAT to another. Continuing that trend, Blind Eagle is now using a modified version of the QuasarRAT, Check Point researchers say. The attack begins with phishing emails containing a booby-trapped link that deploys a Trojan named Quasar RAT. The APT used a geo-filter server in one campaign that redirects requests made from outside of Ecuador and Colombia to the website of the Ecuadorian Internal Revenue Service, suggesting the APT's targeting focus. The campaign not only drops a RAT but also employs a more complex infection chain. It abuses the legitimate mshta.exe binary to execute VBScript embedded in an HTML file to ultimately download two Python scripts, which adds a new stage in the infection chain. The first of the two, ByAV2.py, is an in-memory loader that runs a Meterpreter payload in DLL format.

What is Cython? Python at the speed of C

Enter Cython. The Cython language is a superset of Python that compiles to C. This yields performance boosts that can range from a few percent to several orders of magnitude, depending on the task at hand. For work bound by Python’s native object types, the speedups won’t be large. But for numerical operations, or any operations not involving Python’s own internals, the gains can be massive. ... Note that Cython’s approach is incremental. That means a developer can begin with an existing Python application, and speed it up by making spot changes to the code, rather than rewriting the whole application. This approach dovetails with the nature of software performance issues generally. In most programs, the vast majority of CPU-intensive code is concentrated in a few hot spots—a version of the Pareto principle, also known as the “80/20” rule. Thus, most of the code in a Python application doesn’t need to be performance-optimized, just a few critical pieces. You can incrementally translate those hot spots into Cython to get the performance gains you need where it matters most. 

5 ways to improve security automation

One essential part of security automation that you'll likely want to tackle before anything else is monitoring. If you don't know where your issues are, you won't catch critical exposures in your environment and won't know what to prioritize for automation. The bottom line is to automate monitoring your environment, if you do nothing else. Even if you don't have the time or budget to automate remediation, you can at least target areas for manual fixes. There are many fantastic articles and products around this space (including How we designed observability for a hybrid cloud platform), from basic infrastructure monitoring to code scanning to network vulnerability scanning and more. Another thing to keep in mind is transition planning. You won't get all of this done at once, nor should you. As you figure out what areas to target first and focus your automation efforts accordingly, you will undoubtedly face challenges rolling out your new standards and processes to your environment. If you didn't set standards before, you'll be met with resistance from teams with their own priorities and commitments to the business that don't understand why you're trying to change things on them.

Quote for the day:

"Leaders are more powerful role models when they learn than when they teach." -- Rosabeth Moss Kantor

No comments:

Post a Comment