Understanding collective defense as a route to better cybersecurity
Organizations invoking collective defense to protect their IT and data assets
will usually focus on sharing threat intelligence and coordinating threat
response actions to counter malicious threat actors. Success depends on
defining and implementing a collaborative cybersecurity strategy where
organizations, both internally and externally, work together across industries
to defend against targeted cyber threats. ... Putting this into practice
requires organizations to commit to coordinating their cybersecurity
strategies to identify, mitigate and recover from threats and breaches. This
should begin with a process that defines the stakeholders who will participate
in the collective defense initiative. These can include anything from private
companies and government agencies to non-profits and Information Sharing and
Analysis Centers (ISACs), among others. The approach will only work if it is
based on mutual trust, so there is an important role for the use of mechanisms
such as non-disclosure agreements, clearly defined roles and responsibilities
and a commitment to operational transparency.
Meaningful Ways to Reward Your IT Team and Its Achievements
With technology rapidly advancing, it's more important than ever to invest in
personalized IT team skill development and employee well-being programs, which
are a win-win for employees and the companies they work for, says Carrie
Rasmussen, CIO at human resources software provider Dayforce, in an email
interview. ... Synchronize rewards to project workflows, Felker recommends. If
it's a particularly difficult time for the team -- tight deadlines, major
changes, and other pressing issues -- he suggests scheduling rewards prior to
the work's completion to boost motivation. "Having the team get a boost
mid-stream on a project is likely to create an additional reservoir of mental
energy they can draw from as the project continues," Felker says. ... It's
also important to celebrate success whenever possible and to acknowledge that
the outcome was the direct result of great teamwork. "Five minutes of
recognition from the CEO in a company update or other forum motivates not only
the IT team but the rest of the organization to strive for recognition,"
Nguyen says. He also advises promoting significant team achievements on
LinkedIn and other major social platforms. "This will aid recruiting and
retention efforts."
Deepfake research is growing and so is investment in companies that fight it
Manipulating human likeness, such as creating deepfake images, video and audio
of people, has become the most common tactic for misusing generative AI, a new
study from Google reveals. The most common reason to misuse the technology is
to influence public opinion – including swaying political opinion – but it is
also finding its way in scams, frauds or other means of generating profit. ...
Impersonations of celebrities or public figures, for instance, are often used
in investment scams while AI-generated media can also be generated to bypass
identity verification and conduct blackmail, sextortion and phishing scams. As
the primary data is media reports, the researchers warn that the perception of
AI-generated misuse may be skewed to the ones that attract headlines. But
despite concerns that sophisticated or state-sponsored actors will use
generative AI, many of the cases of misuse were found to rely on popular tools
that require minimal technical skills. ... With the threat of deepfakes
becoming widespread, some companies are coming up with novel solutions that
protect images online.
Building Finance Apps: Best Practices and Unique Challenges
By making compliance a central focus from day one of the development process,
you maximize your ability to meet compliance needs, while also avoiding the
inefficient process of retrofitting compliance features into the app later.
For example, implementing transaction reporting after the rest of the app has
been built is likely to be a much heavier lift than designing the app from the
start to support that feature. ... The tech stack (meaning the set of
frameworks and tools you use to build and run your app) can have major
implications for how easy it is to build the app, how secure and reliable it
is, and how well it integrates with other systems or platforms. For that
reason, you'll want to consider your stack carefully, and avoid the temptation
to go with whichever frameworks or tools you know best or like the most. ...
Given the plethora of finance apps available today, it can be tempting to want
to build fancy interfaces or extravagant features in a bid to set your app
apart. In general, however, it's better to adopt a minimalist approach. Build
the features your users actually want — no more, no less. Otherwise, you waste
time and development resources, while also potentially exposing your app to
more security risks.
OVHcloud blames record-breaking DDoS attack on MikroTik botnet
Earlier this year, OVHcloud had to mitigate a massive packet rate attack that
reached 840 Mpps, surpassing the previous record holder, an 809 Mpps DDoS
attack targeting a European bank, which Akamai mitigated in June 2020. ...
OVHcloud says many of the high packet rate attacks it recorded, including the
record-breaking attack from April, originate from compromised MirkoTik Cloud
Core Router (CCR) devices designed for high-performance networking. The firm
identified, specifically, compromised models CCR1036-8G-2S+ and
CCR1072-1G-8S+, which are used as small—to medium-sized network cores. Many of
these devices exposed their interface online, running outdated firmware and
making them susceptible to attacks leveraging exploits for known
vulnerabilities. The cloud firm hypothesizes that attackers might use
MikroTik's RouterOS's "Bandwidth Test" feature, designed for network
throughput stress testing, to generate high packet rates. OVHcloud found
nearly 100,000 Mikrotik devices that are reachable/exploitable over the
internet, making up for many potential targets for DDoS actors.
Set Goals and Measure Progress for Effective AI Deployment
Combining human expertise and AI capabilities to augment decision-making is an
essential tenet in responsible AI principles. The current age of AI adoption
should be considered a “coming together of humans and technology.” Humans will
continue to be the custodians and stewards of data, which ties into Key Factor
2 about the need for high-quality data, as humans can help curate the relevant
data sets to train an LLM. This is critical, and the “human-in-the-loop” facet
should be embedded in all AI implementations to avoid completely autonomous
implementations. Apart from data curation, this allows humans to take more
meaningful actions when equipped with relevant insights, thus achieving better
business outcomes. ... Addressing bias, privacy, and transparency in AI
development and deployment is the pivotal metric in measuring its success.
Like any technology, laying out guardrails and rules of engagement are core to
this factor. Enterprises such as Accenture implement measures to detect and
prevent bias in their AI recruitment tools, helping to ensure fair hiring
practices.
Site Reliability Engineering State of the Union for 2024
Automation remains at the core of SRE, with tools for container orchestration
and infrastructure management playing a critical role. The adoption of
containerization technologies such as Docker and Kubernetes has facilitated
more efficient deployment and scaling of applications. In 2024, we can expect
further advancements in automation tools that streamline the orchestration of
complex microservices architectures, thereby reducing the operational burden
on SRE teams. Infrastructure automation and orchestration are pivotal in the
realm of SRE, enabling teams to manage complex systems with enhanced
efficiency and reliability. The evolution of these technologies, particularly
with the advent of containerization and microservices, has significantly
transformed how applications are deployed, managed and scaled. ... With the
increasing prevalence of cyberthreats and the tightening of regulatory
requirements, security and compliance have become integral aspects of SRE.
Automated tools for compliance monitoring and enforcement will become
indispensable, enabling organizations to adhere to industry standards while
minimizing the risk of data breaches and other security incidents.
5 Steps to Refocus Your Digital Transformation Strategy for Strategic Advancement
A strategy built around customer value provides measurable outcomes and drives
deeper engagement and loyalty. The digital landscape is riddled with risks and
opportunities due to rapid technological advancements, especially in
data-centric AI. Businesses must stay agile, continually evaluating the risks
and rewards of new technologies while maintaining a sharp focus on how these
enhancements serve their customer base. ... Organizations with a customer
advisory board should leverage it to gain insights directly from those who use
their services or products. Engaging customers from the early stages of
planning ensures that their feedback and needs directly influence the
transformation strategy, leading to more accurate and beneficial
implementations. ... One significant mistake IT leaders make is prioritizing
technology over customer needs. While technology is a crucial enabler, it
should not dictate the strategy. Instead, it should support and enhance the
strategy’s core aim — serving the customer. IT leaders must ensure that
digital initiatives align with broader business objectives and directly
contribute to customer satisfaction and business efficiency.
OpenSSH Vulnerability “regreSSHion” Grants RCE Access Without User Interaction, Most Dangerous Bug in Two Decades
The good news about the OpenSSH vulnerability is that exploitation attempts
have not yet been spotted in the wild. Successfully taking advantage of the
exploit required about 10,000 tries to win a race condition using 100
concurrent connections under the researcher’s test conditions, or about six to
eight hours to RCE due to obfuscation of ASLR glibc’s address. The attack will
thus likely be limited to those wielding botnets when it is uncovered by
threat actors. Given the large amount of simultaneous connections needed to
induce the race condition, the RCE is also very open to being detected and
blocked by firewalls and networking monitoring tools. Qualys’ immediate advice
for mitigation also includes updating network-based access controls and
segmenting networks where possible. ... “While there is currently no proof of
concept demonstrating this vulnerability, and it has only been shown to be
exploitable under controlled lab conditions, it is plausible that a public
exploit for this vulnerability could emerge in the near future. Hence it’s
strongly advised to patch this vulnerability before this becomes the case”.
New paper: AI agents that matter
So are AI agents all hype? It’s too early to tell. We think there are research
challenges to be solved before we can expect agents such as the ones above to
work well enough to be widely adopted. The only way to find out is through
more research, so we do think research on AI agents is worthwhile. One major
research challenge is reliability — LLMs are already capable enough to do many
tasks that people want an assistant to handle, but not reliable enough that
they can be successful products. To appreciate why, think of a flight-booking
agent that needs to make dozens of calls to LLMs. If each of those went wrong
independently with a probability of, say, just 2%, the overall system would be
so unreliable as to be completely useless (this partly explains some of the
product failures we’ve seen). ... Right now, however, research is itself
contributing to hype and overoptimism because evaluation practices are not
rigorous enough, much like the early days of machine learning research before
the common task method took hold. That brings us to our paper.
Quote for the day:
"You can’t fall if you don’t climb.
But there’s no joy in living your whole life on the ground." --
Unknown
