Showing posts with label cyber intelligence. Show all posts
Showing posts with label cyber intelligence. Show all posts

Daily Tech Digest - October 28, 2022

Why Phishing-Resistant MFA Is on US Government Fast Track

Many government agencies employ some type of MFA. But the Biden administration's guidelines call for all agencies to implement stronger security. While legacy MFA is more secure than using a username and password, it assumes that using a second device and adding a second factor improves security. It's not that simple Most legacy MFA uses a combination of a password and a "something you have" factor. That "something you have" comes into play when implementing the second factor - a one-time code presented by either a physical token, a text message, or an email sent to the user. But adding a secondary device or channel is, at best, much harder to secure and, at worst, impossible to secure. Phishing campaigns can often phish the additional codes or conduct a man-in-the-middle attack on the authentication sequences, as made clear by recent breaches of the companies Uber and Cisco. The biggest issue, however, is that most MFA solutions rely on shared secrets, like passwords, and provide no security context that ties back to the end user and their device.


AI's true goal may no longer be intelligence

To be sure, the question of genuine intelligence does still matter to a handful of thinkers. In the past month, ZDNET has interviewed two prominent scholars who are very much concerned with that question. Yann LeCun, chief AI scientist at Facebook owner Meta Properties, spoke at length with ZDNET about a paper he put out this summer as a kind of think piece on where AI needs to go. LeCun expressed concern that the dominant work of deep learning today, if it simply pursues its present course, will not achieve what he refers to as "true" intelligence, which includes things such as an ability for a computer system to plan a course of action using common sense. LeCun expresses an engineer's concern that without true intelligence, such programs will ultimately prove brittle, meaning, they could break before they ever do what we want them to do. ... The field of AI is undergoing a shift in attitude. It used to be the case that every achievement of an AI program, no matter how good, would be received with the skeptical remark, "Well, but that doesn't mean it's intelligent." 


Building the Future of TensorFlow

We see the growth of TensorFlow not just as an achievement to celebrate, but as an opportunity to go further and deliver more value for the machine learning community. Our goal is to provide the best machine learning platform on the planet. Software that will become a new superpower in the toolbox of every developer. Software that will turn machine learning from a niche craft into an industry as mature as web development. To achieve this, we listen to the needs of our users, anticipate new industry trends, iterate on our APIs, and work to make it increasingly easy for you to innovate at scale. In the same way that TensorFlow originally helped the rise of deep learning, we want to continue to facilitate the evolution of machine learning by giving you the platform that lets you push the boundaries of what's possible. Machine learning is evolving rapidly, and so is TensorFlow. Today, we're excited to announce we've started working on the next iteration of TensorFlow that will enable the next decade of machine learning development. We are building on TensorFlow's class-leading capabilities, and focusing on four pillars.


Europe Prepares to Rewrite the Rules of the Internet

Next week, a law takes effect that will change the internet forever—and make it much more difficult to be a tech giant. On November 1, the European Union’s Digital Markets Act comes into force, starting the clock on a process expected to force Amazon, Google, and Meta to make their platforms more open and interoperable in 2023. That could bring major changes to what people can do with their devices and apps, in a new reminder that Europe has regulated tech companies much more actively than the US. “We expect the consequences to be significant,” says Gerard de Graaf, a veteran EU official who helped pass the DMA early this year. Last month, he became director of a new EU office in San Francisco, established in part to explain the law’s consequences to big tech companies. De Graaf says they will be forced to break open their walled gardens. “If you have an iPhone, you should be able to download apps not just from the App Store [but] from other app stores or from the internet,” de Graaf says, in a conference room with emerald green accents at the Irish consulate in San Francisco where the EU’s office is initially located. 


Data analytics pipeline best practices: Data governance

It's not surprising that all-in-one pipeline automation has become a holy grail for some platform providers. Many enterprises share the same cloud providers, the same department-level SaaSes, and the same types of de facto-standard databases. The clear logic behind an all-in-one platform like Gathr, for example, is that companies will often need the same connectors or "operators," much of the same drag-and-drop machine learning process assembly, and the same sorts of choices between, ETL, ELT and ingestion capabilities. Unifying all this functionality could mean less work for data and analytics teams. But enterprises should remember that the compulsion to subscribe to yet another SaaS extends to these platforms. Engineers in one business unit might gravitate to a Gathr, while others might favor an Alteryx to map together sources a BI platform might need, or a super SaaS like OneSaaS that allows simplified mixing and matching within the OneSaaS environment.


Study Shows Cybersecurity Hype Complicates the Security Stack, Expands the Attack Surface

According to the cybersecurity hype report, confusing marketing strategies by vendors confused most security leaders. Subsequently, 91% of decision-makers found it difficult to select cybersecurity vendors due to unclear marketing about their specific offerings. Additionally, 49% of security leaders said their organization suffers from vendor sprawl, resulting in an increased attack surface. Consequently, 92% of organizations implement a defense-in-depth strategy and have to manage between 10 and 30 different security products. Defense-in-depth aims to create more technological layers to detect, prevent, contain, remediate, and recover from attacks. In a noisy marketplace filled with unsubstantiated claims, users cannot accurately predict the effectiveness of the hyped solutions, nor do they have the time to do so. ...  “Buyers are faced with a crowded and complex market, needing to continually layer new security products into their environment to achieve defense-in-depth, assess new and emerging AI technologies, and continually re-invest in SA&T.”


The Power of Independent Thinking in Leading

The first step in thinking for oneself is self-awareness. When you understand your values, motives, and aspirations, thinking becomes automatic. Knowing your strengths and weaknesses, you can selectively apply the knowledge you gained by reading or the wisdom of others. Thinking for oneself doesn’t mean you ignore all the knowledge you have gained on the subject. Instead, you question what your current knowledge tells you. Cultivate your thinking using mental models, which explain how things work. James Clear, the author of the best-seller, Atomic Habits, describes many mental models in his blog “Mental Models: Learn How to Think Better and Gain a Mental Edge.” One of these mental models is inversion. An example of the application of inversion is to assume your most crucial project has failed six months from now and ask yourself how it could have failed. Such an exercise gives you all the things you need to look out for and plan to mitigate them for the project’s success. Thinking and doing go hand in hand. Put your thinking into action. Take the learning and refine your knowledge.


Keeping the cloud secure with sovereignty in mind

Being able to secure your cloud service supply not only requires data controls, but also access to legal controls. As such, hyperscalers have started adapting how they deploy cloud services to give nation states assurance — essentially meaning that cloud services are deployed in partnership with a local organisation. This has given a rise to sovereign partnerships that license the hyperscaler technology, and are delivered by suppliers under the local legal framework. This pragmatic approach has slowly become more common in recent months, and helps overcome many of the risks associated with using cloud, particularly its assurance of service supply. Despite this, one of the biggest barriers to cloud is the current regulatory landscape surrounding how certain sectors need to control data sovereignty and how that data is securely processed. This often requires a long list of requirements that must be fulfilled to shift services onto the cloud, which is unique for each industry.


The Arguments for Open Source in Mainframes

The arguments for OSS on the mainframe are in many cases the same as for OSS on any other platform -- more accessible, often more secure, easier to develop. “These arguments are from the same development teams who push for OSS elsewhere in the environment,” says Mike Parkin, senior technical engineer at Vulcan Cyber. “The major differences are when the implementation is specific to the mainframe environment.” ... Parkin adds there has been a trend to use mainframe platforms for virtualization, essentially replacing a rack of commodity class servers with a single Big Iron machine that can do the job more efficiently and effectively. “Those are ideal use cases for open-source software at multiple levels, from the guest operating systems to the application layers,” he says. Boris Cipot, senior security engineer at Synopsys Software Integrity Group, a provider of integrated software solutions, agrees that open source can bring fresher and better integrations into today’s working processes and tools, and enable companies to focus on their work and not re-create existing software functionality.


Why We Need A Cyber Intelligence Revolution

Unfortunately, the challenges many organizations face include narrowing down which intelligence sources they’re pulling from, how many can be leveraged at a time, and how they’re integrated into firewalls and other security solutions. No one source of threat intelligence or existing security control can successfully cover the entirety of the threat landscape. It is critical for organizations to deploy threat intelligence from multiple sources, even those that traditionally would compete with one another. These can include commercial providers, open source intelligence data, government agencies and industry sources—all working together to provide organizations with visibility into the traffic affecting their networks. The data is in and the results are clear: What we don't know in the cybersecurity world can hurt us. Thankfully, there are steps your organization—regardless of size—can take to help ensure your network, users and data are protected.


Quote for the day:

"You may be good. You may even be better than everyone esle. But without a coach you will never be as good as you could be." -- Andy Stanley
Posted by at No comments:
Labels: , , , , , , , , , , , ,

Daily Tech Digest - September 14, 2019

Chinese APT Group 'Thrip' Powers Ahead

Chinese APT Group 'Thrip' Powers Ahead
Thrip continues to attack the same types of organizations as when Symantec researchers first discovered the group in June 2018. What caught the researchers' attention last year was the group's targeting of a satellite communications operator, infecting computers that included software designed to monitor and control satellites. ... The 12 attacks that Symantec attributes to Thrip since it was first detected have spanned targets in maritime communications, education and the media in addition to the military and satellite communications, researchers say. "Thrip seems to be leaning, like most other targeted attacking entities, toward usage of clean tools in-built into the operating system," Thakur says. "This is critical for Thrip as their targets over the past couple years have spanned satellite operators, defense contractors and militaries of countries. Maintaining presence on such sensitive networks requires the attackers to avoid reliance on custom, low-prevalence malicious files. In one sense, Thrip has evolved in their tools and procedures over the past year. Their targets continue to remain high-profile by anyone's standards."



Sandboxie becomes freeware, soon-to-be open source

“Sandboxie has never been a significant component of Sophos’ business, and we have been exploring options for its future for a while,” Seth Geftic, the Director of Product Marketing at Sophos, explained. “Frankly, the easiest and least costly decision for Sophos would have been to simply end of life Sandboxie. However, we love the technology too much to see it fade away. More importantly, we love the Sandboxie community too much to do that.” So, they decided to open-source it. They are still working on the details of making the transition but, in the meantime, they decided to make all premium features of Sandboxie free. To that end, they have released v5.31.4 of the software, which does not restrict any features. It can be downloaded here. The software supports Windows 7 through 10, all major browsers, Microsoft’s Office suite, PDF and multimedia files. Versions up to 5.22 support Windows XP.


Google: We've changed search rankings to reward 'original news reporting'


"This means readers interested in the latest news can find the story that started it all, and publishers can benefit from having their original reporting more widely seen," wrote Gingras. However, Google hasn't described how these changes will direct more search traffic to original stories. For example, whether original stories would stay longer in the Top Stories section at the top of search results. Gingras told the New York Times that the changes are intended to serve Google's interest in engaging its users. "We do everything here with Google Search and Google News to continue to earn and retain the trust of our users," he told the publication. The change also comes as 50 US state attorney generals mount an antitrust investigation into the company's advertising business.  For the time being, most publishers will have to just wait and observe how Google's changes impact them, since Google doesn't actually have a clear definition of original reporting when it comes to search rankings. That's somewhat understandable, given that even original stories are often built on top of earlier reports from other publications, while other reports can provide background and context that wasn't included in the breaking story.


Azure Data Lake Analytics and U-SQL

Even though big data and Hadoop technologies are more than a decade old now, big data and big data analytics are more relevant than ever. While the initial version of Hadoop was only able to handle batch workloads, now Hadoop ecosystem has tools for other use cases like structured data, streaming data, event processing, machine learning workloads and graph processing. While Hadoop ecosystem has a bunch of tools like Hive, Impala, Pig, Storm, and Mahout to provide the complete set of features, newer data analytics framework like Spark have an integrated approach to handle different types of workloads. Azure Data Lake Analytics, or ADLA, is one of the newer big data analytics engines. ADLA is Microsoft’s fully managed, on-demand analytics service on Azure cloud. Together with Azure Data Lake Storage and HDInsight, Azure Data Lake Analytics forms the complete cloud hosted data lake and analytics offering from Microsoft. Azure Data Lake Analytics introduces a new big data query and processing language called U-SQL.


The use of AI in robotics and hardware — what CTOs need to know

The use of AI in robotics and hardware: what CTOs need to know image
“In truth, the fears around humans losing their jobs to robots are, for the most part, unfounded. When one thinks about this, for every complex task resolved, there will always be another more difficult one set to appear, so the advancements made in robotics will leave humans free to focus on more pressing and important jobs. This, in turn, will naturally upskill the workforce and ensure it is better equipped to deal with future problems that arise.” While this is true to an extent, it is difficult to imagine a taxi or lorry driver being able to run the software of an autonomous fleet ahead of a wide-eyed tech graduate or tech professional. Where will the automation age leave those whose careers have been forged in manual intensive roles? Organisations will have to invest more time and effort into helping employees develop new skills — they can’t be left behind. “It is an economic shift that has be planned and take action progressively,” Espingardeiro agrees. “Yes, the ethical standards are crucial but most importantly it’s how we shape the foundations and how we put it into practice that will make the real difference.”


Artificial intelligence: The future IT help desk


Today, the average IT support ticket takes three calendar days to resolve. This process is painfully slow largely because it's managed by a long chain of people. Also, employees are very good at describing their problem — whether it's resetting a password, unlocking an account, getting a license for an application, or getting an answer to a simple question — but they don't always know what system to access to resolve the issue. We have IT help desk people that handle this type of diagnosis. But IT teams still spend far too much time working on highly repetitive tasks when they'd rather focus on more strategic parts of the business. ... On the backend, IT support has made some progress. It's at least looking better than it did 10 years ago. But not nearly enough has changed. The reason is that most IT ticketing and portal systems are unable to make the direct connection between what the employee needs and the mechanism to trigger the resolution. Current solutions focus on providing workflows to route and manage ticket queues, leaving the actual work of interpretation and understanding to IT service desk agents. It's also because the systems deployed today don't actually do the work to resolve the issue.


Cognitive computing is a game changer for HR

What can chatbots do for HR? … Free HR professionals’ time so they can focus on more value-added (and potentially meaningful) work by consolidating and simplifying a variety of HR tasks, such as open enrollment, PTO management, scheduling, time entry, and feedback processes. … Ease talent acquisition and lighten the load of recruiters and sourcers by fielding prospect and candidate questions and automating screening and interviewing processes. … Simplify onboarding new hires by guiding them through the necessary admin steps. … Drive a consumer-grade employee experience as part of a self-service digital gateway that gives employees access to all of their HR programs and services, from benefits to learning & development resources to internal mobility options and more. This type of digital workplace tool (Deloitte’s ConnectMe is an example) can also function as a digital assistant to complete requests and transactions, as well as a social platform for connecting with co-workers.


Why The Cybersecurity Skills Gap Won't Be Solved In The Classroom

uncaptioned
The world is desperate for cybersecurity talent, yet the sector limits entrants and clings to obsolete training methods. As the skills gap grows and organizations become increasingly vulnerable to ever-more complex threats, the need for a diverse pool of cybersecurity experts to learn in real time, rather than a classroom, strengthens. The way that cyber talent is taught – at university and during training – is no match for the evolving threat landscape. Static measurements of skills, such as certification and periodic training, cannot keep pace with new threats that even the savviest security teams are unfamiliar with. The barrage of 24-hour threat intelligence is increasingly disconnected from the skills of these security teams, meaning badly trained defenders are simplifying attackers’ jobs. In my time at GCHQ I learnt that the best cyber talent is creative and curious; they develop by breaking things and thinking on their feet, not sitting in classrooms and learning passively. Unfortunately, this jars with traditional training methods, which is one of the factors contributing to an unnecessary talent drain.


The True Cost of Data


Marketers are mesmerised by its potential and with no obvious limit to the number of data points you can collect on target customers for the purposes of advertising or sales conversion, it’s easy to see why. Data has always been useful, but in an analogue world it was expensive to gather. In a digital world, it is infinitely easier to collect, combine and then mine with AI. Google, Facebook and other social companies have become a dominant oligopoly by collecting data-by-stealth and thereby controlling global advertising and more with their data-based business model. The advent of GDPR has brought this oligopoly under a spotlight, but other organisations who have shared BigTech’s addiction to customer data are finding it a tough habit to control. This is particularly true for brands that have relied on collecting customer data to build profiles to personalise customer experiences, such as those in retail or the travel sector. Recent high profile fines however are a stark reminder that addictions come with risks attached. Google itself was the first to come under fire when they were fined EUROS 50 million by France’s data protection supervisory authority – CNIL – for lack of transparency, inadequate information, and lack of valid consent regarding personalisation of ads.


Cyber-Intelligence Firm NSO Group Tries to Boost Reputation

NSO's critics say the company still has a lot of work to do to clean up its reputation. Siena Anstis, a senior legal adviser with Citizen Lab, took to Twitter to call out several problems that NSO still has, including a lack of disclosure over who buys the company's tools and whether governments that use NSO's service have a history of human rights abuses."Citizen Labs and Amnesty [International] research shows spyware is abused and deployed against human rights defenders, civil society and journalists. NSO Group has made no commitment to refusing to sell to states with records of such abuses," Anstis wrote on Twitter. ... "While on the surface it appears a step forward, NSO has a track record of refusing to take responsibility," Ingleton says. "The firm has sold invasive digital surveillance to governments who have used these products to track, intimidate and silence activists, journalists and critics." NSO did not respond to a request for comment.


Quote for the day:


"People seldom improve when they have no other model but themselves." -- Oliver Goldsmith

Posted by at No comments:
Labels: , , , , , , , , , , ,
Subscribe to: Comments (Atom)