Daily Tech Digest - August 10, 2023

AMD's Zen architecture: The fundamentals of these Zen 4 CPUs

While the computing industry, CPU enthusiasts, and even AMD itself expected the road to performance leadership to be long, it was actually quite short. Zen 2, the successor to Zen, launched in 2019 and shocked pretty much everyone by blowing Intel out of the water. AMD racked up a massive lead in multi-threaded performance in pretty much every segment, had significantly better power efficiency in virtually every workload, and even surpassed Intel in single-threaded performance, which AMD hadn't been able to do for over a decade. From here, the road just got easier for AMD. The server market was (and still is) the most important area for AMD to make progress in, and by the time Zen 3 came out in 2020, AMD controlled 7% of the market, up from nearly 0% before Zen came out. This was made all the easier thanks to how Intel absolutely screwed up its plans to launch powerful 10nm CPUs, leaving AMD to face off against outdated and practically obsolete 14nm chips, which are some of the worst Intel has ever made.

Embracing the ‘Pedagogy of Error’ in Cybersecurity Education

The lesson I am always reminded of is that “we must abandon certainties in order to build from the challenge of uncertainty.” The deeper we delve into global instabilities and their challenges, the better perspectives and questions we can ask ourselves. It would be very sad to know that everything has been solved. Therefore, when we challenge current knowledge and explore different alternatives, we are opening up the possibility of seeing beyond what is known and, therefore, introducing something different. ... The academy must maintain and motivate curiosity, expectations, challenges and adventures that arise when uncertainty manifests itself from the inevitability of failure. In this sense, motivate the pedagogy of “error.” That is, understanding the “error” as part of the process and not as a result is what makes it possible to create cybersecurity and IT professionals open to constantly learn, to let themselves be questioned in their previous knowledge and to maintain a proactive stance in the face of adversaries’ challenges.

The dark side of the cloud: How cloud is becoming prey to sophisticated forms of cyber attack

As businesses increasingly adopt cloud-based solutions, cyber criminals—who are constantly looking for new vulnerabilities to exploit—are finding it easier to engineer data breaches, explains Rajesh Garg, EVP, Chief Digital Officer & Head of Applications & Cybersecurity at data centre service provider Yotta Data Services. Around 98 per cent of organisations globally now utilise some form of cloud-based tech, while many have adopted multi-cloud deployments from multiple cloud service providers. The massive adoption of the cloud environment has also given rise to Shadow IT, where employees or departments use hardware or software from external sources without the knowledge of the IT or security group of the organisation. This creates a vacuum, where the responsibility of managing security within organisations is not clearly defined. “Cloud infrastructure is inherently complex; that increases manifold with the addition of hybrid and multiple-cloud models,” says Atul Gupta

Google Cloud launches Chronicle CyberShield to help government agencies tackle threats

A primary component of Chronicle CyberShield is establishing a modern government security operations center (SOC), comprising a network of interconnected SOCs to scale and aggregate security threats, Google Cloud said in a press release. Chronicle CyberShield enables governments to leverage cyber threat intelligence from Google and Mandiant, now part of Google Cloud, to build a scalable and centralized threat intelligence and analysis capability, according to the firm. This is integrated operationally into the government SOC to identify suspicious indicators and enrich the context for known vulnerabilities. The solution also allows governments to build a coordinated monitoring capability with Chronicle SIEM to simplify threat detection, investigation, and hunting with the intelligence, speed, and scale of Google. By implementing Chronicle across a network of SOCs, attack patterns and correlated threat activity across multiple entities are available for investigation and analysis. 

International implications of hack-for-hire services

A lack of consequences for hackers that contract themselves out to foreign clients has only encouraged the hack-for-hire industry in India. US prosecutors indicted Sumit Gupta, the Director of Indian hacking firm BellTroX in 2015 for hacking on behalf of two American lawyers, yet the Indian government never took action against him. After he failed to be convicted in 2015, BellTroX went on to commit the Dark Basin hacks in 2020. BellTroX also surfaced as part of a criminal case against an Israeli private detective who hired Indian hacking firms on behalf of unnamed clients in Israel, Europe, and the US. The private detective pleaded guilty in 2022, but the hackers in India have yet to face any legal consequences. BellTroX also surfaced as part of a criminal case against an Israeli private detective who hired Indian hacking firms on behalf of unnamed clients in Israel, Europe, and the US. This lack of enforcement is not because India does not have the legal infrastructure to prosecute cybercrimes; the Information Technology Act of 2000, and its subsequent amendments in 2008 

Windows Defender-Pretender Attack Dismantles Flagship Microsoft EDR

In studying the Windows Defender update process, Bar and Attias discovered that signature updates are typically contained in a single executable file called the Microsoft Protection Antimalware Front End (MPAM-FE[.]exe). The MPAM file in turn contained two executables and four additional Virtual Device Metadata (VDM) files with malware signatures in compressed — but not encrypted — form. The VDM files worked in tandem to push signature updates to Defender. The researchers discovered that two of the VDM files were large sized "Base" files that contained some 2.5 million malware signatures, while the other two were smaller-sized, but more complex, "Delta" files. They determined the Base file was the main file that Defender checked for malware signatures during the update process, while the smaller Delta file defined the changes that needed to be made to the Base file. Initially, Bar and Attias attempted to see if they could hijack the Defender update process by replacing one of the executables in the MPAM file with a file of their own. 

Securing The Future: Embracing Cloud-Centric Cybersecurity Strategies

Upskilling an entire cybersecurity organization is a significant undertaking that requires planning, time, funding and—most importantly—leadership buy-in. CISOs won't be able to snap their fingers and transform their teams into the cloud-literate leaders of tomorrow. After all, it could take up to six months of training just to have an intelligent-sounding conversation about the cloud—least of all, be productive. Fortunately, much of the educational infrastructure necessary for upskilling workforces is available. Cloud service providers AWS, Microsoft Azure and Google Cloud each have a portfolio of cloud computing certifications. Platforms such as A Cloud Guru and Cloud Academy offer multi-cloud training. Security-focused cloud training and certifications are available from organizations such as the SANS Institute, (ISC)2 and the Cloud Security Alliance. ... These senior leaders are generally no longer "hands on keyboard" professionals. They lead programs, set priorities and assign goals. Of course, they need to be conversant with the technology their organization uses. 

Northern Ireland Police at Risk After Serious Data Breach

"This is the most serious breach I have ever seen, due to the potential it could lead to the death or injury of those whose data has been disclosed," said Brian Honan, who heads Dublin-based cybersecurity firm BH Consulting. Exposed information could be abused not only by criminals, including for revenge, but also by republican paramilitaries who continue to target police officers and employees. The most recent attack occurred in February, when off-duty senior detective John Caldwell was shot in a sports complex in Omagh. He survived with "life-changing" injuries, said the chairman of Northern Ireland's Police Federation. Authorities arrested 11 people and charged three with being members of a proscribed terrorist group - in this case, the New IRA, a splinter of the Provisional Irish Republican Army that rejects a final 1997 terrorism cease-fire that helped lead to the 1998 Good Friday Agreement. The PSNI says it is working to "to identify any security issues" posed by the breach as quickly as possible, and it has notified the Information Commissioner's Office.

Ethics as a process of reflection and deliberation

You can integrate ethics into your projects by organising a process of ethical reflection and deliberation. You can organise a three-step process for that:Put the issues or risks on the table – things that you are concerned about, things that might go wrong. Organise conversations to look at those issues or risks from different angles – you can do this in your project team, but also with people from outside your organisation. Make decisions, preferably in an iterative manner – you take measures, try them out, evaluate outcomes, and adjust accordingly. A key benefit of such a process is that you can be accountable; you have looked at issues, discussed them with various people, and have taken measures. Practically, you can organise such a process in a relatively lightweight manner, e.g., a two-hour workshop with your project team. Or you can integrate ethical reflection and deliberation in your project, e.g., as a recurring agenda item in your monthly project meetings, and involve various outside experts on a regular basis.

6 legal ‘gotchas’ that could sink your CIO career

You might be thinking that your company will defend you for liability, and you might be right if your company has liability coverage for its officers, and you are an officer. But does your company have liability insurance for its executives? It’s standard for most Fortune 500 companies to have liability insurance for their executives, but a substantial number of private and not-for-profit companies are facing challenges in rising premiums and may not have liability protection. If you’re interviewing for a CIO job, it’s prudent to find out whether the company you’re interviewing with offers liability protection and indemnification insurance for its executives. ... When CIOs are sued or fired, it’s often because of a significant cybersecurity breach. The reason for this is because CIOs are ultimately responsible for safeguarding corporate information. When a breach occurs, it is always perceived as being on the CIO’s watch, and the repercussions can be severe. 

Quote for the day:

"We learn by example and by direct experience because there are real limits to the adequacy of verbal instruction." -- Malcolm Gladwell

No comments:

Post a Comment