August 10, 2023
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
While the computing industry, CPU enthusiasts, and even AMD itself expected the road to performance leadership to be long, it was actually quite short. Zen 2, the successor to Zen, launched in 2019 and shocked pretty much everyone by blowing Intel out of the water. AMD racked up a massive lead in multi-threaded performance in pretty much every segment, had significantly better power efficiency in virtually every workload, and even surpassed Intel in single-threaded performance, which AMD hadn't been able to do for over a decade. From here, the road just got easier for AMD. The server market was (and still is) the most important area for AMD to make progress in, and by the time Zen 3 came out in 2020, AMD controlled 7% of the market, up from nearly 0% before Zen came out. This was made all the easier thanks to how Intel absolutely screwed up its plans to launch powerful 10nm CPUs, leaving AMD to face off against outdated and practically obsolete 14nm chips, which are some of the worst Intel has ever made.
The lesson I am always reminded of is that “we must abandon certainties in order to build from the challenge of uncertainty.” The deeper we delve into global instabilities and their challenges, the better perspectives and questions we can ask ourselves. It would be very sad to know that everything has been solved. Therefore, when we challenge current knowledge and explore different alternatives, we are opening up the possibility of seeing beyond what is known and, therefore, introducing something different. ... The academy must maintain and motivate curiosity, expectations, challenges and adventures that arise when uncertainty manifests itself from the inevitability of failure. In this sense, motivate the pedagogy of “error.” That is, understanding the “error” as part of the process and not as a result is what makes it possible to create cybersecurity and IT professionals open to constantly learn, to let themselves be questioned in their previous knowledge and to maintain a proactive stance in the face of adversaries’ challenges.
As businesses increasingly adopt cloud-based solutions, cyber criminals—who are constantly looking for new vulnerabilities to exploit—are finding it easier to engineer data breaches, explains Rajesh Garg, EVP, Chief Digital Officer & Head of Applications & Cybersecurity at data centre service provider Yotta Data Services. Around 98 per cent of organisations globally now utilise some form of cloud-based tech, while many have adopted multi-cloud deployments from multiple cloud service providers. The massive adoption of the cloud environment has also given rise to Shadow IT, where employees or departments use hardware or software from external sources without the knowledge of the IT or security group of the organisation. This creates a vacuum, where the responsibility of managing security within organisations is not clearly defined. “Cloud infrastructure is inherently complex; that increases manifold with the addition of hybrid and multiple-cloud models,” says Atul Gupta
领英推荐
A primary component of Chronicle CyberShield is establishing a modern government security operations center (SOC), comprising a network of interconnected SOCs to scale and aggregate security threats, Google Cloud said in a press release. Chronicle CyberShield enables governments to leverage cyber threat intelligence from Google and Mandiant, now part of Google Cloud, to build a scalable and centralized threat intelligence and analysis capability, according to the firm. This is integrated operationally into the government SOC to identify suspicious indicators and enrich the context for known vulnerabilities. The solution also allows governments to build a coordinated monitoring capability with Chronicle SIEM to simplify threat detection, investigation, and hunting with the intelligence, speed, and scale of Google. By implementing Chronicle across a network of SOCs, attack patterns and correlated threat activity across multiple entities are available for investigation and analysis.?
A lack of consequences for hackers that contract themselves out to foreign clients has only encouraged the hack-for-hire industry in India. US prosecutors indicted Sumit Gupta, the Director of Indian hacking firm BellTroX in 2015 for hacking on behalf of two American lawyers, yet the Indian government never took action against him. After he failed to be convicted in 2015, BellTroX went on to commit the Dark Basin hacks in 2020. BellTroX also surfaced as part of a criminal case against an Israeli private detective who hired Indian hacking firms on behalf of unnamed clients in Israel, Europe, and the US. The private detective pleaded guilty in 2022, but the hackers in India have yet to face any legal consequences. BellTroX also surfaced as part of a criminal case against an Israeli private detective who hired Indian hacking firms on behalf of unnamed clients in Israel, Europe, and the US. This lack of enforcement is not because India does not have the legal infrastructure to prosecute cybercrimes; the Information Technology Act of 2000, and its subsequent amendments in 2008?
Windows Defender-Pretender Attack Dismantles Flagship Microsoft EDRIn studying the Windows Defender update process, Bar and Attias discovered that signature updates are typically contained in a single executable file called the Microsoft Protection Antimalware Front End (MPAM-FE[.]exe). The MPAM file in turn contained two executables and four additional Virtual Device Metadata (VDM) files with malware signatures in compressed — but not encrypted — form. The VDM files worked in tandem to push signature updates to Defender. The researchers discovered that two of the VDM files were large sized "Base" files that contained some 2.5 million malware signatures, while the other two were smaller-sized, but more complex, "Delta" files. They determined the Base file was the main file that Defender checked for malware signatures during the update process, while the smaller Delta file defined the changes that needed to be made to the Base file. Initially, Bar and Attias attempted to see if they could hijack the Defender update process by replacing one of the executables in the MPAM file with a file of their own.?
Realtor Associate @ Next Trend Realty LLC | HAR REALTOR, IRS Tax Preparer
1 年Thanks for posting.