Most recent Questions of A2010-599 test are given at has many tributes of effective A2010-599 test takers. Utilizing these substantial, Latest, and 2022 refreshed A2010-599 boot camp is adequate to finish the test at absolute first endeavor or cashback. A few A2010-599 effective test-takers send us their experience and deceives that seller utilized in A2010-599 test.

Exam Code: A2010-599 Practice test 2022 by team
Assess: IBM Tivoli Storage Productivity Center V5.1 Implementation
IBM Implementation questions
Killexams : IBM Implementation questions - BingNews Search results Killexams : IBM Implementation questions - BingNews Killexams : Is OSGi the Solution for Mobile Java? The 2007 JavaOne conference reflected the fact that mobile computing—for both consumers and enterprise workers—is transitioning from early adoption to the mass market. But Java ME developers still face many obstacles that server-side or desktop Java developers never have to contend with. Those issues include:
  • fragmentation of the Java ME platform
  • the absence of mobile runtime environments that adequately leverage the capabilities of advanced "smartphone" devices
  • the difficulty of managing mobile applications and configurations once the device has left the building
  • the architectural chasm that separates common Java web development skills and APIs from the specialized rich client practices employed when developing for mobile devices.

Nokia, Sprint, and IBM teamed for a JavaOne session that outlined a solution to these problems through an service-oriented architecture based on OSGi. OSGi was originally developed for telematics applications where remote management, pluggability, and "hot" software and firmware updates (no restarts) were required. As mobile handsets increasingly are used as always-on application platforms, and particularly as carriers and developers start to grapple with how to bring some of the dynamism of loosely coupled component architectures to the currently static mobile Java environment, handsets become a vast new frontier for OSGi.

The specification for the standard under which this work is taking place is JSR 232: Mobile Operational Management. As Jon Bostrom, Chief Java Architect for Mobile Software at Nokia put it, the vision for this is based on the Web 2.0 principle of "innovation in assembly": to bring a open component model in which services built into the platform can be plugged together with others provided by developers in a flexible, but highly manageable manner. OSGi turns the device into an OS agnostic application server in your pocket. It enables new components to be delivered on the fly, manages their lifecycle and permissions, and provides a shared event bus as well as services like monitoring and logging. In fact, since OSGi includes a servlet container, OSGi bundles (pluggable components) don't necessarily have to be written as Java ME applications—they can be standard servlets living on the edge of the network.

From this broad vision different participants in the JSR 232 working group seem to be moving in somewhat different directions. For Nokia, for example, the idea is to create a "mobile innovation engine" that promotes mobile mashups. These will not just be mashups of web services that we're familiar with today. They could include components like alternative GUI rendering engines that enable easy ports from other platforms, for example. Mobile Java developers have long been constrained by the limited UI toolkit that CLDC/MIDP provides. On a device with JSR 232 they will have a much more powerful CDC/FP runtime and class libraries to work with, making AGUI and Swing GUIs a possibility, a well as the embedded versions of SWT and the Eclipse Rich Client Platform (eRCP). According to Bostrom there is no reason that engines like ActionScript/Flash, OpenLaszlo or Flex/Apollo could not be plugged in as well. Most importantly, the developer doesn't need to wait for the Java Community Process or device manufacturers to bring these components to the handset: once wrapped into an OSGi bundle they can be installed to the device over the air and registered as a service, much like an Eclipse plugin is installed via Update Manager. In fact, OSGi is the technology that makes this possible in Eclipse without having to restart the workbench after the installation. This should be a very exciting prospect for mobile developers.

For IBM, having a server in your pocket suggests an ever broader view: what IBM Distinguished Engineer Jim Colson called a "symmetric portal model." Here OSGi enables service layers that literally span everything from sensors, to smartphones, laptops and desktops and in each case these services are accessed via familiar technologies like JMS and servlets. That unified architecture has several advantages. Obviously, it opens up mobile devices to a very large group of developers with skills that are common in enterprise IT departments. It also addresses a problem that has hindered the use of standard web technologies on devices: the limited coverage and high latency of wireless networks. In IBM's OSGi-based Lotus Expeditor managed client software an application can be run client/server even in disconnected mode. IBM considers Lotus Expeditor to be an "open alternative to .NET" that spans Windows, Windows Mobile, Nokia S60 and Mac OS. Just like Nokia's mobile OSGi implementation, IBM's enables rich client apps using pluggable GUI libraries and encourages development by composition. But the business proposition is extending existing SOA technologies "beyond the data center to people, places and things."

OSGi opens the door to a more dynamic mobile Java environment, and Nokia's Asko Komsi states that this together with OSGi services like configuration, monitoring and conditional privileges "provide a lot of the features that I think we need to make CDC usable." But it also raises questions that will need to be resolved by the JCP in specifications such as JSR 249, Advanced Mobile Service Architecture. Komsi explains:

On a high level, JSR 249 has to find solutions for key features like the primary installation mechanism, the application model, and the packaging model—how to package those applications and middleware components so that you can send them to handsets. Additionally, JSR 249 needs to find a solution for managing the environment and the applications and services running on it. In the future you will also have powerful client environments that will allow you to run multiple applications. So we also need to define an application cooperation mechanism. These are features for which we have to find a solution in JSR 249. If we don't have them, then we're only half done, and we might be faced with fragmentation once again.

But Nokia is not waiting any longer to get OSGi into your mobile. They have teamed up with Sprint to develop a JSR 232 implementation they call the Titan platform that will be shipping very soon. Brandon Annan, Manager of Software Platforms for Sprint's 3G Customer Equipment group, predicted a "Golden Age of mobile Java technology" that would begin in the 4th quarter of this year with the launch of three or four Titan-enabled "PDAs" (presumably with EVDO radios). JSR 232 handsets will follow in mid-2008. Sprint's 4G product division is also "seriously considering" JSR 232 for the WiMax devices they will be releasing for that eagerly anticipated network rollout. Outside of Sprint the upcoming Nokia E90 handset will also be shipping to the European market with OSGi and eRCP on board. Whether this premium smartphone sees North American shores is not yet clear.

Mobile Java developers that can't wait til later this year can start deploying applications on CDC and OSGi today, but they need to choose devices with open operating systems like Windows Mobile and Linux. Brian Coughlin, the Senior Technology Strategist for Sprint's 4G group put together an OSGi mobile mashup demo on the Nokia N800 Internet Tablet, for example, a Linux device for which Nokia has suggested there will be a WiMax version. Developers can get a CDC Java runtime for the N800 and the other components, including an Equinox OSGi implementation and the mashup servlet bundle here.

Wed, 15 Jun 2022 12:00:00 -0500 en text/html
Killexams : Bronx Cannabis Forum Tackles Questions About Emerging Cannabis Market
TREMAINE WRIGHT, CHAIR of NYS Cannabis Control Board, speaks during a Bronx Cannabis Forum held on June 21, 2022, at Bronx Museum of the Arts, located on the Grand Concourse on the outskirts of the Concourse section of The Bronx.
Photo courtesy of BronxNet via YouTube

It has been more than a year since recreational marijuana use for adults has been legal in the State of New York. Signed into law on March 31, 2021 and known as MRTA or The Marihuana Regulation & Taxation Act [sic], it also created a new Office of Cannabis Management (OCM), governed by a Cannabis Control Board to regulate adult use, medical, and hemp cannabis. The exact terminology of the product can change depending on the market and other stakeholders, whether it includes production, medical and/or recreational use.

The Office of the Bronx Borough President helped organize a forum on June 21 with elected officials, community leaders, and State administrators to help the public understand exactly what is now legal, how cannabis will be produced and distributed, and the economic impact of MRTA. Held at the Bronx Museum of the Arts and livestreamed on BronxNet, it was a jam-packed session that left some of the in-person audience wanting even more information.

“We are here because of the passage of MRTA, the Marihuana Regulation and Taxation Act,” Bronx Borough President Vanessa L. Gibson told the audience.  “This law will truly set out the framework and the guidelines to regulate cannabis in the state of New York in a balanced manner that will protect both public health and public safety while promoting social equity and economic development.”

While the implications of MRTA are significant for those interested in cultivating the plant, processing it, distributing the finished product, and bringing it to market for an eager consumer base, there are a few facts about this that the public should know. Since March 2021, anyone 21 years and older can possess up to three ounces of cannabis for personal use, including having up to five pounds of cannabis in the home. Smoking cannabis is legal almost anywhere cigarette smoking is allowed, and law enforcement officers are not allowed stop and search cannabis smokers, because they smell it. There are exceptions, as previously reported, when it comes to driving while under the influence, etc.

The cannabis panel consisted of State Sen. Jamaal Bailey (S.D. 36), Tremaine Wright, chairwoman of NYS Cannabis Control Board, Kevin Kim, commissioner of NYC Department of Small Business Services (SBS), Patricia Zube-Wilson, director of government affairs in the State’s Office of Alcoholism and Substance Abuse Services, Eli Northrop, an attorney with the Bronx Defenders, Coss Marte, co-founder of Con Body, a fitness program developed while he was in solitary confinement, and Desmon Lewis, co-founder of the Bronx Community Foundation, which supports and invests in community power to eradicate inequity and build sustainable futures for all Bronxites.

Social equity and economic development are critical issues in a county that consistently ranks as the poorest in New York State.  The population estimates released by the U.S. Census Bureau in July 2021 show a borough where 56.4 percent of the population is Hispanic or Latino and 24.4 percent of the borough lives in poverty. Those figures explain, at least in part, why any discussion of opportunities to create a profitable business will draw meaningful attention.

One group that is closely watching these developments in the aftermath of cannabis legalization is the Latino Cannabis Association. Sandra Jáquez is vice president of the trade organization whose members seek licenses from the State to become early entrepreneurs for the new adult-use cannabis industry.

The group has sought the support of both political and business leaders. “We work together to ensure that people of color are well represented in the adult-use cannabis industry,” she said. “You can count on us and our communities in helping our people, in Albany, working with our legislators and regulators, as well as wherever it is needed to uplift this cause.”

A report in The New York Times from June revealed just how lucrative the City expects the legal cannabis industry to be. “In New York, Mayor Eric Adams has proposed that the City invest $4.8 million next year in the local cannabis industry, which is expected to generate nearly $1.3 billion in the first year of legal sales” The Times reported.

From a historical perspective, it was noted during the forum that whenever popular, legal industries started and began to grow in the United States, people of color were traditionally excluded from exploiting such opportunities, while other non-people of color benefited.

From the development of various means of transportation like the railroad, maritime shipping, and aviation, to media, including newspapers, radio, television, movies, and video production, people of color have had to play a game of catch-up to avail of even meager opportunities to enter such industries, if at all.

MRTA aims to reverse that trend as this new industry is created from the ground up. The hope is that those who have been disproportionately affected and most harmed by what many consider to be a failed war and drugs and a biased policy of enforcement when it comes to marijuana use, can instead actively participate in the industry and reap the expected profits from the legalization of cannabis.

Wright is tasked with making sure the nascent industry provides such an equitable path to entry. “Our State’s law is really designed for equity and inclusion and diversity [and] is anti-monopolistic,” she said.

“It is designed so that we have access points for individuals to get involved. It is designed so we are reinvesting in our communities that have been harmed. It is specifically designed so that we can take advantage of this opportunity that is rare. It comes, like, once every hundred years, where a new industry is legalized in our State, and we have an opportunity to create all the pathways in, and to support not just industry, but the education and the research and the learning, and also the reinvestment… that has not happened previously.”

The panel regularly described the cannabis industry as burgeoning. Even if he did not use the “once every hundred years” comparison, Bailey enthusiastically urged the audience to think seriously about investing in the cannabis market as a way to move up the socio-economic ladder.

ATTENDEES LISTEN AS panelists speak during a Bronx Cannabis Forum held on June 21, 2022, at Bronx Museum of the Arts, located on the Grand Concourse on the outskirts of the Concourse section of The Bronx.
Screenshot courtesy of BronxNet via YouTube

“Social equity is more than just about one thing; eventually, everything connects, which is why it’s important for us to get in on the ground floor of this emerging market,” the senator said. “Just like my pops and maybe your pops… they said, ‘Somebody told me to invest in this company called Apple,’ and ‘Somebody told me to invest in this thing called IBM.’ We’re telling you now, we got to get in on the ground floor.”

Meanwhile, the OCM means business when it comes to enforcement also. On July 7, it publicly identified 52 illicit cannabis stores that were sent cease and desist letters, directing them to stop all illicit cannabis sales in the State. Officials said, “These stores falsely depict their operations as legal cannabis dispensaries, but they are not licensed by New York State and are selling untested products that put public health at risk.”

They notified the operators that their failure to cease operations could permanently bar them from receiving any cannabis licenses in New York State.

Additionally, OCM officials said the agency had also received referrals of additional illicit storefront operations that were under review. Meanwhile, if the named storefronts don’t cease operations, they will be referred to the Cannabis Control Board for permanent barring from receiving any cannabis licenses in New York State.

“There are no businesses currently licensed to sell adult-use cannabis in New York State.” said Wright. “You need a license to sell cannabis in New York. Licensed sales and a regulated market are the only way New York’s customers will be assured that the cannabis products they are purchasing have been tested and tracked from seed to sale.”

Regulated adult-use cannabis businesses will be required, in addition to being licensed by the Cannabis Control Board, to comply with all state and local laws, including providing clear and verifiable information to consumers regarding the products they are consuming, checking the identification of consumers to ensure sales are not being made to young people, and collecting and depositing tax revenue to support New York State’s schools and help revitalize communities.

No adult-use retail licenses have been issued in New York State to date.  Currently, the only legal means of procuring, safe, tested cannabis products is through the medical cannabis program, where becoming a patient requires getting certified from a medical provider.

In addition, illicit cannabis storefronts do not contribute to the New York state cannabis revenue fund, which is designed to invest revenue from cannabis sales back into communities.

The said revenue will cover the administration of the program and the implementation of the law and will be split to support the State Lottery Fund for general public-school support, secondly, the community grants reinvestment fund which supports job training and placement, reentry services for justice-involved New Yorkers, system navigation services, youth-serving programs, financial literacy services and finally, the drug treatment and public education fund.

OCM officials said they remain focused on improving public health outcomes for cannabis patients and consumers and are hard at work developing regulations for the broader adult-use program, including expansive testing requirements to avoid adverse reactions to cannabis products. Unregulated vaping products, including cartridges labeled as containing THC, have been cited by the CDC for being responsible for thousands of cases of acute respiratory distress syndrome across the country.

KEVIN KIM, COMMISSIONER of NYC Department of Small Business Services (SBS) addresses the crowd during the Bronx Cannabis Forum held on June 21, 2022, at Bronx Museum of the Arts, located on the Grand Concourse on the outskirts of the Concourse section of The Bronx.
Screenshot courtesy of BronxNet via YouTube

OCM officials are strongly encouraging New Yorkers not to visit these operations and to be aware that products being offered for sale are not safe for human consumption.

Government Officials said that a total of 66 cease and desist letters were sent out because in some instances the associated LLC had an address for service on file with NYS Department of State or a separate address was found for owner.

Wright concluded, “Sale of untested products put lives at risk. I implore these illegal store operators, and any other stores pretending to be legal operations, to stop selling cannabis products immediately. Selling any item or taking a donation, and then “gifting” a customer a bag of untested cannabis does indeed count as a sale under New York’s Cannabis Law.”

The entire forum can be watched on BronxNet:

*Síle Moloney contributed to this story.


Editor’s Note: An earlier version of this story made reference to Derrick Lewis being a panelist at the event. In fact, the panelist was Desmon Lewis, Derrick’s twin brother. We apologize for this error. 

Thu, 14 Jul 2022 11:59:00 -0500 en-US text/html
Killexams : Third-Party Banking Software Market Projected to Show Strong Growth : NetSuite, Deltek, Microsoft, IBM

This press release was orginally distributed by SBWire

New Jersey, USA — (SBWIRE) — 07/08/2022 — The Latest published a market study on Worldwide Third-Party Banking Software Market provides an overview of the current market dynamics in the Worldwide Third-Party Banking Software space, as well as what our survey respondents— all outsourcing decision-makers— predict the market will look like in 2027. The study breaks the market by revenue and volume (wherever applicable) and price history to estimate the size and trend analysis and identify gaps and opportunities. Some of the players that are in coverage of the study are Microsoft Corporation (United States), IBM Corporation (United States), Oracle Corporation (United States), SAP (Germany), Tata Consultancy Services Limited (India), Infosys Limited (India), Capgemini (France), Accenture (Ireland), NetSuite (United States), Deltek (United States).

Get Free Exclusive PDF trial Copy of This Research @

Scope of the Report of Third-Party Banking Software
Banking software has been observing the growth in cloud-based techniques usage which in turn is expected to enhance the overall industry in the future. Banking software caters to the need of managing processes that deals with money. Over the decades, monetary transactions and bookkeeping were carried using conventional manual processes. Increased transaction amount on account of rising account holders has resulted in computerized accounting which is expected to establish as a primary market driver over the forecast period.

The titled segments and sub-section of the market are illuminated below:
by Type (Core Banking Software, Multi-Channel Banking Software, BI Software, Private Wealth Management Software), Application (Risk Management, Information Security, Business Intelligence, Training and Consulting Solutions)

Market Drivers:
Increase productivity and operational efficiency of the banking industry

Market Trends:
The growing demand for standardized activities in the banking sector increased the adoption of customer-centric core banking propels the growth of the market

increasing implementation of online banking and mobile banking by customers which shows the high level of inclination towards accessing their account details and perform financial actions by using their laptops, smartphones, tablets and emerging trends su

Region Included are: North America, Europe, Asia Pacific, Oceania, South America, Middle East & Africa

Country Level Break-Up: United States, Canada, Mexico, Brazil, Argentina, Colombia, Chile, South Africa, Nigeria, Tunisia, Morocco, Germany, United Kingdom (UK), the Netherlands, Spain, Italy, Belgium, Austria, Turkey, Russia, France, Poland, Israel, United Arab Emirates, Qatar, Saudi Arabia, China, Japan, Taiwan, South Korea, Singapore, India, Australia and New Zealand etc.

Have Any Questions Regarding Global Third-Party Banking Software Market Report, Ask Our [email protected]

Strategic Points Covered in Table of Content of Global Third-Party Banking Software Market:
Chapter 1: Introduction, market driving force product Objective of Study and Research Scope the Third-Party Banking Software market
Chapter 2: Exclusive Summary – the basic information of the Third-Party Banking Software Market.
Chapter 3: Displaying the Market Dynamics- Drivers, Trends and Challenges & Opportunities of the Third-Party Banking Software
Chapter 4: Presenting the Third-Party Banking Software Market Factor Analysis, Porters Five Forces, Supply/Value Chain, PESTEL analysis, Market Entropy, Patent/Trademark Analysis.
Chapter 5: Displaying the by Type, End User and Region/Country 2015-2020
Chapter 6: Evaluating the leading manufacturers of the Third-Party Banking Software market which consists of its Competitive Landscape, Peer Group Analysis, BCG Matrix & Company Profile
Chapter 7: To evaluate the market by segments, by countries and by Manufacturers/Company with revenue share and sales by key countries in these various regions (2021-2027)
Chapter 8 & 9: Displaying the Appendix, Methodology and Data Source

finally, Third-Party Banking Software Market is a valuable source of guidance for individuals and companies.

Read Detailed Index of full Research Study at @

Thanks for memorizing this article; you can also get individual chapter wise section or region wise report version like North America, Middle East, Africa, Europe or LATAM, Southeast Asia.

For more information on this press release visit:

Fri, 08 Jul 2022 01:31:00 -0500 ReleaseWire en-US text/html
Killexams : Army beefs up training rations for SAP roll-out

The Department of Defence is ramping up investment in training army personnel in SAP software over the next 18 months, as hundreds of its business processes are consolidated on the German giant’s technology in the largest government enterprise resource planning project in Australian history.

Defence is currently in the middle of the Enterprise Resource Planning (ERP) rollout, a decade-long project to move around 500 separate Defence ICT applications into one SAP S/4HANA system at an expected cost of up to $2 billion.

The program was recommended in 2015 with the intent of enabling better governance, faster processing and lower maintenance and support costs and will align the ERP system with Defence’s parallel effort to manage data as a strategic warfighting asset through its $500 million One Defence program.

Defence has purchased training credits worth $500,000 from SAP. Image: Ryan Fletcher / Shutterstock

SAP was approved by the government in 2017 and has already received large contracts for the project though the whole-of-government agreement the company holds.

The Department of Defence bought $500,000 worth of training credits through the SAP Preferred Card system, a way of prepaying for SAP training delivered in various in-person and virtual formats.

The Army’s SAP training credits were purchased in late May by the Digital Transformation Agency (DTA) for Defence through the SAP Whole of Government Arrangement. A DTA spokesperson said it would be for Defence to determine how the training credits are used but the contract is reported as “Army Pcard”.

A spokesperson for the DTA said the Preferred Card credits contract had been established through the SAP whole of government arrangement following a value for money assessment.

“This arrangement was established as a limited tender,” the spokesperson told InnovationAus.

“Non Corporate Commonwealth Entities are mandated to use this arrangement when a decision has been made to purchase a SAP product or service.”

The current SAP whole of government arrangement from an initial $42 million to more than $315 million over four years, and has been extended to September this year.

An audit of the first tranche of the Defence ERP last year found largely fit-for-purpose planning, governance, monitoring and reporting arrangements to support implementation.

But the audit raised serious questions about procurement decisions after it found contractors had been present and involved in decisions at Defence’s ERP meetings which resulted in the contractors’ companies receiving lucrative contract amendments.

The decision to use SAP for the ERP system was not examined in the tranche one audit. SAP was Defence’s preferred option because of an alignment with a critical application and Defence business processes like finance and logistics.

Defence is also using the German company’s SAP Activate program methodology to implement the ERP program, while IBM is acting as the systems integrator under a $112 million contract.

The initial SAP ERP system capability began rolling out in early 2021 but is not expected to be complete for several more years.

This article has been updated to clarify the existing SAP whole of government arrangement is ongoing until at least September this year. A new arrangement has not yet been announced.

Do you know more? Contact James Riley via Email.

Mon, 04 Jul 2022 08:52:00 -0500 en-AU text/html
Killexams : Bot Services Market Growing at a CAGR 33.2% | Key Player Microsoft, IBM, Google, Oracle, AWS
Bot Services Market Growing at a CAGR 33.2% | Key Player Microsoft, IBM, Google, Oracle, AWS

“Microsoft (US), IBM (US), Google (US), Oracle (US), AWS (US), Meta (US), Artificial Solutions (Sweden), eGain (US), Baidu (China), Inbenta (US), Alvaria (US), SAP (Germany), Creative Virtual (UK), Gupshup (US), Rasa (US), Pandorabots (US), Botego (US), Chatfuel (US), Pypestream (US), Avaamo (US), Webio (Ireland), ServisBOT (US).”

Bot Services Market by Service Type (Platform & Framework), Mode of Channel (Social Media, Website), Interaction Type, Business Function (Sales & Marketing, IT, HR), Vertical (BFSI, Retail & eCommerce) and Region – Global Forecast to 2027

The Bot Services Market size to grow from USD 1.6 billion in 2022 to USD 6.7 billion by 2027, at a Compound Annual Growth Rate (CAGR) of 33.2% during the forecast period. Various factors such as rise in the need for 24X7 customer support at a lower operational cost, integration of chatbots with social media to augment marketing strategy, and innovations in AI and ML technologies for chatbots resulting in better customer experience are expected to drive the adoption of bot services.

Download PDF Brochure:

According to Microsoft, Azure Bot Service provides an integrated development environment for bot building. Its integration with Power Virtual Agents, a fully hosted low-code platform, enables developers of all technical abilities to build conversational AI bots without the need for any further coding. The integration of Azure Bot Service and Power Virtual Agents enables a multidisciplinary team with a range of expertise and abilities to build bots inside a single software as a service (SaaS) solution.

Healthcare and Life Sciences vertical to witness the highest CAGR during the forecast period

The segmentation of the bot services market by vertical includes BFSI, retail & eCommerce, healthcare & life sciences, media & entertainment, travel & hospitality, IT & telecom, government, and others (automotive, utilities, education and real estate). The healthcare industry is developing rapidly due to many major technological advancements to enhance the overall patients experience. Hospitals and other health institutions are increasingly adopting bot services to Improve the overall experience of patients, doctors, and other staff. Additionally, bot services can enhance patient experience and build patient loyalty, while improving organizational efficiency. Moreover, bots, also known as virtual health assistants, notify patients about their medication plan, address concerns, deliver diagnosis reports, educate them regarding certain diseases, motivate them to exercise, and personalize user experience.

Some major players in the bot services market include Microsoft (US), IBM (US), Google (US), Oracle (US), AWS (US), Meta (US), Artificial Solutions (Sweden), eGain (US), Baidu (China), Inbenta (US), Alvaria (US), SAP (Germany), (Netherlands), Creative Virtual (UK), (US), [24] (US), Gupshup (US), Rasa (US), Pandorabots (US), Botego (US), Chatfuel (US), Pypestream (US), Avaamo (US), Webio (Ireland), ServisBOT (US), (India), Cognigy (Germany), Enterprise Bot (Switzerland), Engati (US), and Haptik (US). These players have adopted various organic and inorganic growth strategies, such as new product launches, partnerships and collaborations, and mergers and acquisitions, to expand their presence in the global bot services market.

Request trial Pages:

Artificial Solutions (Sweden) is a leading specialist in Conversational AI solutions and services. The solution offered by the company enables communication with applications, websites, and devices in everyday, human-like natural language via voice, text, touch, or gesture inputs. Artificial Solutions’ conversational AI technology makes it easy to build, implement, and manage a wide range of natural language applications, such as virtual assistants, conversational bots, and speech-based conversational UIs for smart devices. Artificial Solutions offers bot services and solutions to various industries, such as financial services, retail, automotive, telecom, energy and utilities, travel and leisure, and entertainment. Artificial Solutions has won several awards, such as the 2019 Stevie Awards for Sales and Customer Service, the 2018 Speech Industry Awards, and the 2018 AICONICS: Best Intelligent Assistant Innovation. The company’s major customers include AT&T, Shell, Vodafone, TIAA, Volkswagen Group, Deutsche Post, Widiba, Telenor Group, Accenture, KPMG, Cognizant, Wipro, and Publicis Sapient. It has development centers in Barcelona, Hamburg, London, and Stockholm and offices across Europe, Asia Pacific, and South America.

In the bot services market, it provides Teneo, a platform that enables business users and developers to collaborate to create intelligent conversational AI applications. These applications operate across 35 languages, multiple platforms, and channels in record time.

eGain (US) is a leading cloud customer engagement hub software supplier. eGain products have been used to Improve customer experience, streamline service processes, and increase revenue across the online, social media, and phone channels for over a decade. eGain helps hundreds of the worlds leading organizations turn their disjointed sales and customer service operations into unified customer engagement hubs (CEHs). In North America, Europe, the Middle East, Africa, and Asia Pacific, eGain Corporation develops, licenses, implements, and supports customer service infrastructure software solutions. It offers a unified cloud software platform to automate, augment, and orchestrate consumer interactions. It also provides subscription services, which deliver users access to its software via a cloud-based platform, as well as professional services, including consultation, implementation, and training. The company caters to the financial services, telecommunications, retail, government, healthcare, and utilities industries.

In the bot services market, the company offers AI Chatbot Virtual Assistant software which improves customer engagement. The VA acts as a guide, helping customers navigate the website and taking them to the relevant places on a page. The virtual assistant provides answers to any queries, even helping in making shopping decisions.

Baidu (China) provides internet search services. It is divided into two segments: Baidu Core and iQIYI. The Baidu app helps customers to access search, feed, and other services through their mobile devices. Baidu Search helps users to access the companys search and other services. Baidu Feed gives users a customized timeline based on their demographics and interests. The company provides products, including Baidu Knows, an online community where users can ask questions to other users; Baidu Wiki; Baidu Healthcare Wiki; Baidu Wenku; Baidu Scholar; Baidu Experience; Baidu Post; Baidu Maps, a voice-enabled mobile app that provides travel-related services; Baidu Drive; Baijiahao; and DuerOS, a smart assistant platform. The company also provides online marketing services such as pay for performance, an auction-based service that enables customers to bid for priority placement of paid sponsored links and reach users searching for information about their products or services. Other marketing services offered by the company are display-based marketing services and other online marketing services based on performance criteria other than cost per click. The company offers a mobile ecosystem, which includes Baidu A, a portfolio of applications. Further, the company provides iQIYI, an online entertainment service, including original and licensed content; video content and membership; and online advertising services.

In the bot services market, Baidu offers Baidu Bot, a search bot software used by Baidu, which collects documents from the web to build a searchable index for the Baidu search engine.

Media Contact
Company Name: MarketsandMarkets™ Research Private Ltd.
Contact Person: Mr. Aashish Mehra
Email: Send Email
Phone: 18886006441
Address:630 Dundee Road Suite 430
City: Northbrook
State: IL 60062
Country: United States

Wed, 13 Jul 2022 10:01:00 -0500 GetNews en-US text/html
Killexams : IoT and industrial AI: Mining intelligence from industrial things
  • By Renee Bassett
  • Cover Story
IoT and industrial AI: Mining intelligence from industrial things
Here’s how to understand what industrial AI can do, how IoT feeds it, and how to start a pilot project of your own
By Renee Bassett

There is nothing "artificial" about the intelligence that can be gleaned from the detailed monitoring of machines, processes, and the people who interact with them. Ever since the time and motion studies of the efficiency experts of the early 1900s, industrial engineers have been turning real-time data into information and decisions that could Improve productivity, efficiency, and profits. With the fourth industrial revolution upon us now, artificial intelligence (AI) technology is ready to go to work in ways that are not always obvious.

According to a Gartner Group forecast, The Business Value of Artificial Intelligence Worldwide, 2017-2025, AI and Internet of Things (IoT) "already work together in our daily lives without us even noticing. Think Google Maps, Netflix, Siri, and Alexa, for example. Organizations across industries are waking up to the potential. By 2022, more than 80 percent of enterprise IoT projects will have an AI component-up from less than 10 percent today" (2018).

The takeaway is clear, says data analytics software provider SAS: "If you're deploying IoT, deploy AI with it. If you're developing AI, think about the gains you can make by combining it with IoT. Either one has value alone, but they offer their greatest power when combined. IoT provides the massive amount of data that AI needs for learning. AI transforms that data into meaningful, real-time insight on which IoT devices can act."

AI and machine learning

Artificial intelligence uses a variety of statistical and computational techniques and encompasses a number of terms. Machine learning (ML), a subset of AI, identifies patterns and anomalies in data from smart sensors and devices without being explicitly programmed where to look. Over time, ML algorithms "learn" how to deliver more accurate results.

Because of this learning, "ML outperforms traditional business intelligence tools and makes operational predictions many times faster and more accurately than systems based on rules, thresholds, or schedules," according to SAS. "AI separates signal from noise, giving rise to advanced IoT devices that can learn from their interactions with users, service providers, and other devices in the ecosystem."

"The challenge is that people have not developed the level of trust in artificial intelligence and machine learning that they have in other technologies that automate tasks," says Oliver Schabenberger, COO and CTO of SAS. "People sometimes confuse automation with autonomy, he adds. But have no fear: "AI does not eliminate the need for humans, it just enables them to do their work more effectively," he says.

AI, around since the 1950s, is becoming a mainstream application as a result of the explosion in IoT data volume, high-speed connectivity, and high-performance computing.
Source: SAS

Defining AI applications

Industrial AI can range from low-intelligence applications like automation to higher-end intelligence capable of decision making. It can also be controlled centrally or distributed across multiple machines. According to Gartner vice president and analyst Jorge Lopez, AI applications can be broken down into five levels of sophistication:

Reactors follow simple rules but can respond to changing circumstances within limits (such as basic drones).

  • Categorizers recognize types of things and can take simple actions to deal with them within a controlled environment (warehouse robots).
  • Responders serve the needs of others by figuring out questions and situations (driverless cars, personal assistants).
  • Learners gather information from multiple sources to solve complex problems (IBM Watson, wholly automated military drones).
  • Creators initiate a paradigm shift, such as inventing a new business model. They are not merely tools that people use; they have the potential to engineer actions harmful to humans. They will change humans' relationship to technology as well as people's roles within society and the economy, says Gartner. Therefore, "AI creator applications require profound thought before development."

These five artificial intelligence models have three types of organization, says Gartner: standalone, federation, or swarm. A standalone AI system is an individual entity that acts by itself to solve problems. The enterprise exercises centralized control over it by overseeing the entity as it performs.

In a federation structure, says Gartner, multiple versions of an entity work in the same way but on different problems (e.g., robo-advisors, personal assistants). The enterprise can exercise central control or deliver more autonomy to the entities. In a swarm structure, multiple entities work together on the same problem (e.g., Intel light show drones, Perdix drones). Control over execution is left to the machines entirely or requires only light human management.

Early AI adopters like retail and banking firms have reaped the benefits of AI, but it is not too late for fast followers, according to Petuum. AI has caught the attention of industrial innovators and naysayers alike.
Source: McKinsey & Company

More than automation

The most common place to start with AI is with automation, but experts say it is a mistake to stop there. The more powerful use of AI is to aid human decision making and interactions. Because AI can classify information and make predictions faster and at higher volumes than humans can accomplish on their own, those terabytes of data being produced by industrial IoT devices are being transformed into powerful tools today.

In a recent blog post for industrial AI startup Petuum, author Atif Aziz says, "Some industry leaders are zooming past the basics: digitization, cloud infrastructure, monitoring and dashboards. They are putting newly acquired data to good use through AI-driven advanced analytics (e.g., uncovering patterns through system of systems) and automating complex processes. Some early adopters are implementing as many as 100 digital transformation initiatives simultaneously or using AI to automate their core production processes across 30 or more plants," Aziz says.

On the other end of the spectrum, "some folks still need to understand how AI can provide real value and balance the ROI with their limited resources," says Aziz. "The breakneck speed of advancement in the Industrial AI/ML space over the last three years affords a unique advantage for these newcomers. They can skip many of the expensive intermediate steps (e.g., significant investments in data aggregation infrastructure, dashboards, and monitoring centers) and gain the same AI benefits as the savvier early adopters."

Aziz says most industrial AI initiatives fall into three categories. AI for assets includes equipment automation, equipment stabilization, and equipment health. AI for processes includes yield maximization through efficiency gains, automation and stabilization across multiple assets or spanning multiple flows, and quality improvement. AI for operational excellence and/or business agility includes energy cost optimization, predictive maintenance, logistics and scheduling, research and development, and more.

AI for assets

IBM Watson IoT helps organizations make smarter decisions about asset management by combining IoT data with cognitive insights driven by AI. IBM's Maximo enterprise asset management (EAM) system uses Watson IoT technology to make better decisions about critical physical assets in industrial plants-whether they are discrete machines, complex functional asset systems, or human assets.

One Maximo user, Ivan de Lorenzo, is outage planning manager for Cheniere Energy, a Houston-based liquefied natural gas producer. He says that, with the software, "we have better information on assets and maintenance activity, and more sophisticated tools and mechanisms for managing it all. The result is greater operational control and accountability, especially when it comes to planning and scheduling."

AI-based asset life-cycle and maintenance management solutions like Maximo use real-time data collection, diagnostic, and analysis tools to extend an asset's usable life cycle. Use of the software also improves overall maintenance best practices; meets increasingly complex health, safety, and environmental requirements; and controls operational risk by embedding risk management into everyday business processes.

IBM says EAM also helps "control the brain drain among employees facing retirement by [putting] into place proven workflows and enforced best practices that capture the knowledge and critical skills of long-time employees." Such a system also helps a reduced workforce to work more efficiently and cost effectively "by using the captured intellectual experience of skilled workers in a format easily dispersed in a wide range of languages."

AI for processes

AI systems are being used to Improve whole processes as well as industrial assets. In an MIT Technology Review Insights publication produced in conjunction with IBM, Raytheon senior principal systems engineer Chris Finlay describes the benefits of replacing document-based information exchange with an AI-compatible digital platform to support engineering and design. "Once you start to capture things digitally, you can start to exploit machine learning or AI algorithms," he says. "You can start to reduce development costs because you can automate tasks that you were doing by hand."

Joe Schmid, director of worldwide sales for IBM Watson Internet of Things, says, "In the engineering process, you define what you want to do, design it, build it, test it, and prove that you've done it. The key is integrating those steps. But integrating is hard."

Customers that Schmid has worked with are often good at one part of the process, such as design, but they do not integrate design into the life cycle. "When they need to change goals or specs, it's all in people's heads," he says. "That doesn't work anymore with the complex systems we have today. One engineer can't have an entire system in their head. That's when errors pop up."

The goal of AI for engineering processes is to create an integrated "system of systems," a closed loop that runs from the requirements phase of product development to real-time monitoring of how consumers are using the product, and then deploy AI systems to analyze the data and leverage that knowledge to Improve the product, says Dibbe Edwards, vice president of IBM Watson IoT connected products offerings.

In another example, global building materials company Cemex is on an industry 4.0 journey toward enhanced standardized operations using AI. The ultimate goals are increased efficiencies, reduced fuel and energy consumption, better quality, reduced costs, and improved decision making. The company announced in March that it had installed "AI-based autopilots" for its rotary kiln and clinker cooler systems that will "autosteer" its cement plants and enable autonomous, operator-supervised plant operations.

Cemex used OSIsoft PI systems to power Petuum Industrial AI Autopilot products. The two work with plant control systems to provide precise real-time forecasts for significant process variables, prescriptions for critical control variables, and a supervised autosteer function aligned with business objectives while staying within applicable static and dynamic constraints. The PI systems fuel real-time predictive and prescriptive recommendations.

Rodrigo Quintero, operations digital technologies manager for Cemex, says, "Petuum Industrial AI Autopilot helped us achieve something we didn't think was possible at this time: yield improvements and energy savings up to 7 percent, which is game changing for our industry. Additionally, this is a giant step in digital transformation toward safe, highly standardized operations, that will help us strengthen our high-quality products portfolio while also ensuring we meet our operational and sustainability goals, and minimize costs."

The Autopilot products can ingest data from a variety of sources, including unstructured, images, structured, time series, customer relationship management (CRM) data, enterprise resource planning (ERP) data, and others. The Petuum platform provides sophisticated data processing, data cleansing, and machine/deep learning pipelines to implement advanced AI that is sensitive to linear, temporal, long range, and nonlinear data patterns in a range of industrial use cases.

AI for operational excellence

Staying ahead of maintenance and production challenges to keep precision metals rolling out of its plants on time is a high priority for Ulbrich Stainless Steel & Specialty Metals. That is why the global company chose SAS Analytics for IoT to gain access to the latest suite of AI, machine learning, and streaming analytics available to analyze the data from plant sensors.

Jay Cei, COO at Ulbrich, says, "Collecting machine and sensor data from our factories and integrating that with ERP system data will help us understand the intricate relationships between equipment, people, suppliers, and customers.

Learning what their IoT data means is critical for understanding how the company can become more productive and efficient in the future, Cei says. DJ Penix, president of SAS implementation partner Pinnacle Solutions, says, "Streaming analytics will not only help Ulbrich understand what is happening now with their machines. It will also enable them to predict future events, such as when a machine needs maintenance before it breaks down."

The software provides a simplified way for any user to prepare stationary and streaming IoT data for analysis without specialized skills, says Penex. Whether a data scientist, business manager, or someone in between, they can use SAS Analytics for IoT to quickly select, launch, transform, and operationalize IoT data, he says.

Jason Mann, vice president of IoT at SAS, says companies can no longer afford to ignore the hidden signals in their IoT data. "To thrive, organizations need a solution that addresses data complexity and automates timely and accurate decision making," he adds.

Tips for AI pilot projects

According to a recent Gartner survey, 37 percent of organizations are still looking to define their AI strategies, while 35 percent are struggling to identify suitable use cases. Once you have developed a solid understanding of AI and its potential applications, it is time to make a case for a pilot. Here are some tips from Gartner for making the pilot project a success.

  1. Be realistic about a timeline. Once you have approval from executives, it can be tempting to think a pilot project will follow quickly. In fact, according to results from Gartner's 2017 Annual Enterprise Survey, 58 percent of respondents in companies currently piloting AI projects say it took two or more years to reach the piloting phase, and only 28 percent of respondents reported getting past the planning stage in the first year.
  2. Aim for fairly soft outcomes, such as improvements to processes, customer satisfaction, products, or financial benchmarking. Gartner Research Circle respondents urged others not to fall into the trap of seeking only immediate monetary gains. Aim initially for less-quantifiable benefits from which financial gains would eventually arise.
  3. Focus on worker augmentation, not worker replacement. AI's potential to reduce staff head count attracts the attention of senior business executives as a potential cost-saving initiative. A more informed expectation, however, is for applications that help and Improve human endeavors, as AI promises benefits far beyond automation. Organizations that embrace this perspective are more likely to find workers eager to embrace AI.
  4. Plan for the transfer of knowledge from external service providers and vendors to enterprise information technology and business workers. External service providers can play a key role in planning and delivering AI-powered software, and knowledge transfer is crucial. AI requires new skills and a new way of thinking about problems. These include technical knowledge in specific AI technologies, data science, maintaining quality data, problem domain expertise, and skills to monitor, maintain, and govern the environment.
  5. Choose AI solutions that offer tracking and revealing AI decisions, ideally using action audit trails and features that visualize or explain results. To that end, Gartner predicts that by 2022, enterprise AI projects with built-in transparency will be twice as likely to receive funding from CIOs.
  6. Start small; do not worry about immediate return on investment. Digital transformation should begin with small experiments that are purely for learning, says Gartner. Use the time to pilot projects that employ a variety of technologies to assess which make the most sense for the business.

Reader Feedback

We want to hear from you! Please send us your comments and questions about this course to

Wed, 20 Apr 2022 23:43:00 -0500 en text/html
Killexams : Long Read on the state of quantum computing in China The authors of this article, Josie-Marie Perkuhn, Tania Becker, Nancy Wilms and Sven Pabis, are a group of scientists from various German universities who are collaborating on the online magazine “chinnotopia – Future designed by China”, which provides an introduction to highly diverse aspects of Chinese innovation culture. This in-depth description of quantum computing offers us some insight into a development that could change the world from the ground up.

The development of quantum computers is currently taking centre stage in science and politics worldwide, as well as being a matter of general public interest. Global players in the field of research are mostly to be found in the USA, China and Europe. Because they haven’t yet standardised the development and implementation of industry norms at this stage of research, there will not be one single universal quantum computer, but instead multiple approaches based on different technologies and application fields will emerge simultaneously. It is not yet possible to predict when we will reach the point of having a viable quantum computer. The quantum leap has not happened yet.[jom1]  Robustness and stability are essential requirements to ensure that a quantum computer is suitable for as wide a range of applications as possible. The potential is huge, however there is a lack of stable hardware and reliable software, plus the fact that the algorithms to allow precision use of the quantum computer still need to be written.          

The current state of research and the special features of quantum computers

A quantum computer works by applying the principles of quantum mechanics microelectronically to solve complex mathematical problems based on the ambivalence of quantum physics. These problems are either not solvable for today’s most powerful supercomputers – for instance the Japanese Fugaku, which has almost half a million teraflops of processing power – or they would need an inordinately long time to do so. Quantum computers can also find solutions that have so far remained inaccessible to us despite the high power of classic computers, and this will be the start of a new dimension of digitalisation. Processing power increases exponentially with the number of qubits.

What are Qubits?

Qubit is the common abbreviation for quantum bit, the fundamental information unit of a quantum computer. Classic computers are based on the bit, which can assume just two states (0 or 1). A qubit, which can be made from an atom or photon for instance, can assume not just 0 and 1, but simultaneously every state that is a vector of the number 1, in other words a superposition.

The development of quantum computers has been happening for some time in tech labs in the USA. The major corporations based there, like Microsoft, Amazon, Google, Apple, Meta (Facebook), IBM and Intel, are supporting various projects with the objective of creating a quantum computer that functions flawlessly. The research race is in full swing: private businesses – but also many academic establishments such as the Massachusetts Institute of Technology (MIT) – are currently developing increasingly powerful computers, which are already able to tap into huge potential on a scale of hundreds of qubits. Numerous start-ups amply funded with venture capital are working on the quantum technology challenge too. At the end of 2021 the new “Eagle” quantum chip was heralded by IBM as the first quantum processor in the world with a total of 127 qubits. This would make the IBM quantum computer an important milestone on the pathway towards the practical application of quantum technology. The fact is, its processing power exceeds that of classic supercomputers by a factor of a million. IBM is already planning “System Two” as an infrastructure for new and more powerful processors, with around 300 qubits. The Forschungszentrum Jülich (Jülich Research Centre; FZJ) offers an example of European approaches to quantum computing. They created a new-generation quantum computer as a pioneering project here, entitled Jupsi (Juelich Pioneer for Spin Interference). The scientists are already discussing the technical potential of building a quantum computer with several million qubits. Visions of a future that will be shaped by such powerful computers lie beyond the bounds of our imagination.

The People’s Republic of China and human capital

The USA’s advantage over China has been shrinking recently. This is apparent from the thriving presence of the Chinese internet industry. The “Big Three”, Baidu, Alibaba and Tencent (BAT), have increasingly been investing in research relating to quantum technology of this nature, and are constantly on the look-out for innovative minds. Alongside these and other large-scale business investors, fully or partially state-funded institutions are also working hard to recruit the right kind of talent within the home market, as well as overseas in the Western world. For instance spin-offs of Chinese think-tanks, innovation hubs, accelerators and incubators are becoming established. In this respect a clearly defined focus and rigorous implementation policy are emerging as one of China’s comparative strengths:
The “High-Level Talent Recruitment Program”, also known as the “Thousand Talents Plan” (Qianren jihua 千人计划), started back in late 2008 against the backdrop of the global financial crisis. The idea was to recruit leading international experts systematically, and at the same time exert influence overseas to encourage the top Chinese scientists educated at Western elite universities to return to their home country. These measures imposed by the government and the favourable proposals of being able to find good jobs in their native country seem to be successful: plenty of tech talents, especially in the fields of artificial intelligence, machine learning, software development and quantum computing, are coming to China. This trend cannot be overlooked: according to the Chinese Returnees from Overseas Study, over 70 per cent of Chinese undergraduates and researchers who had relocated overseas are now returning. In line with the proverbial government directive “Picking flowers in foreign lands to make honey in China” (Yiguo caihua, Zhonghua niangmi 异国采花,中华酿蜜), China’s government specifically encourages the acquisition of intellectual property for the purpose of strategic advantage. The expertise of the returnees helps China. And that befits a strategy designed to achieve global superiority in the application and creation of artificial intelligence (AI), in which quantum technology is a key element.

Political strategy

In China quantum technologies have been a focus of political strategies for a long time. This is also clear from the rigorous government planning: in the current 14th five-year plan (2021–2025) they announce “major breakthroughs”. These are supposed to emerge in technology sectors such as quantum information technology, artificial intelligence, semiconductors and space travel. It is hoped that significant development advances will be achieved in quantum technologies as a result of this systematic brain gain, as well as numerous national innovation projects, training labs and state funding – and that this will put the Chinese tech industry on course to become a world market leader. The intention is to achieve this goal through a concerted strategy involving the state and the economic sector – something difficult to imagine in the West – which would mean providing private and state-operated research institutions with optimum financial, research and marketing conditions.

How can this goal be achieved? China primarily invests in evidence-based research approaches, scientific publications and strategic patents. While European patent registrations in the quantum technology sector are lagging behind, figures from the US and China are high: a working paper published in 2019 demonstrated that the USA and China hold half of all quantum technology patents registered. This success can be attributed to funding: in the USA it’s primarily the tech mega-corporations that spend money on an aggressive patent policy, whereas in China the state is the main funding provider and these funds mostly benefit research at state institutions and universities. Huge sums are spent on commercialisation of quantum technologies in the field of quantum communication, as well as the development of Quantum Key Distribution (QKD, a quantum cryptography process) and cold-atom interferometry (used in applications such as quantum sensor technology and metrology). Another particular focus of Chinese activities is the military practicability of quantum mechanics processes, which are being closely linked with civil research. Although there is no transparency with regard to the precise numbers, rumours are circulating of an eleven-figure sum in euros, in addition to the ongoing government funding.

A research centre is being built in Hefei, capital of the Chinese Anhui Province, at a cost of 10 billion euros, which will be a national laboratory for quantum communication technologies. The city of Jinan in Eastern China also wants to build a quantum valley, with the aim of starting up projects worth billions by 2025.

But it isn’t just state funding, a lot of money is also being channelled into quantum technology research by the Chinese online giants. For instance Alibaba has announced that the company will be investing a proportion of its planned research and development budget, a sum of around 13 billion euros, in the development of quantum computing.

Quantum Key Distribution, quantum cryptography and the QNet

Quantum Key Distribution (QKD) is the best-known process in quantum cryptography. The application of quantum-based cryptography makes it possible to transmit unhackable messages. At the moment the roll-out of terrestrial QKD networks in China is the most advanced in the world. China already operates a quantum cable 2000 kilometres long between the cities of Shanghai, Hefei, Jinan and Beijing. As quantum states have a maximum transmission length of around 100 kilometres through fibre-optic cables, messages have to be decrypted and re-encrypted at 32 trusted nodes and relayed to the next point. It was the discovery of quantum repeaters that made the quantum net (QNet) possible in the first place. The attractiveness of intrinsically secure quantum encryption makes its potential interesting not only to the military and governments, but also for a number of commercial applications. Virtual doctor’s appointments and even secret project meetings are already taking place on the QNet.

The QNet would be able to provide three applications that have not existed so far on the conventional internet: unhackable communication, secure quantum computing in the Cloud and traceless searching on the net. In the next few years China and the USA plan to develop large networks for quantum cryptography, which could become the start of a general QNet. Such ambitious infrastructure projects already include the planning of quantum-ready terrestrial fibre-optics, submarine cables – and in particular communication satellites. 

Quantum satellites and quantum computers

In August 2016, China launched the quantum-based satellite “Micius”. The satellite, which was named after Mozi 墨子, a philosopher from the Warring States period (480–221 BC), was the starting point for the first successful transmission of a quantum key and the encrypted communication based on it. The project leader, Chinese physicist Pan Jianwei 潘建伟, conducted a quantum-encrypted video chat with his former doctoral supervisor, Anton Zeilinger, who was in Vienna at the time. The distance between the two quantum physicists was around 8,000 kilometres. So they were successful in carrying out a key exchange via satellite between China and Austria, thereby creating a secure communication channel. The satellite acted as a trusted node here. The video conference encrypted in this way using QKD was then held over a standard internet connection. China plans to establish a blanket QNet by 2030.

Pan Jianwei is the leading quantum scientist in the country. He is referred to as “China’s Einstein” and ranks amongst the Chinese scientists who have been educated overseas. Pan completed his PhD in Vienna under Anton Zeilinger, one of the most highly reputed quantum scientists in the world. Pan founded a research group in Heidelberg and then returned to China, where he is now known as the “father of quantum”. He is so highly regarded that his laboratory at the University of Science and Technology of China (USTC) in the city of Hefei is visited from time to time by President Xi Jinping. Pan’s goal is to establish a long-distance, high-speed quantum communication system that will be compatible with classic communication technology and is up to ten billion times faster than Sycamore, Google’s quantum computer built in 2019.

In May 2021 Pan Jianwei’s research team developed a programmable superconducting quantum processor with 62 qubits and called it Zu Chongzhi 祖沖之 after a well-known 5th century Chinese mathematician and astronomer. The system's core objective is to synchronously increase the number of integrated qubits and Improve the performance of superconducting qubits, so as to achieve exponential acceleration in the processing speed of specific problems, and finally apply it in practice.

Research on quantum computers is proceeding full steam ahead: a few months after the initial Zu Chongzhi version, a follow-up with 66 qubits was launched by Pan Jianwei’s team in cooperation with the Shanghai Institute of Technical Physics (Chinese Academy of Sciences). The additional four qubits can achieve an improvement to the processing power in terms of both quality and quantity. This means that the Zu Chongzhi 2.0 is ten million times faster than the fastest regular supercomputer and a million times more powerful than the superconducting quantum computer Sycamore made by Google. But another Chinese quantum computer, Nine Chapter 2, deserves a mention here as well: launched at the end of 2021, it is a product of the research team from Hefei, Shanghai and Wuxi. Its processing speed is tailored to handle specific problems and is one hundred quadrillion (1017) times faster than the regular supercomputer. So after the USA this makes China the second country in the world to achieve quantum primacy.

Quantum primacy: a foundation for the future

Since quantum technology is a basis technology, the speed of the future technical revolution is very heavily dependent on competence in this area. The European industry is already painfully aware of this in the context of the current dependence on imported hi-tech from Asia, for example computer chips, pharmaceutical chemicals and pre-products used in the manufacture of other hi-tech goods (for example batteries).  The technological superiority over the conventional production processes used up to now is also critical for the future political sovereignty of Europe. Although this is now a subject of discussion in politics and the media, the acquisition of the necessary technical skills has still not progressed very far. It’s also questionable whether the European consumers are prepared to pay the unavoidably higher prices – for example for mobile devices, network technology, automotive and entertainment electronics. It’s certainly true to say that Europe has missed the boat with the digitalisation trend.

The global mega-corporations nowadays consist exclusively of technology and internet-based business models. They left the “old industry” giants like big oil, big steel and aerospace behind long ago. The stock market values of these tech heavyweights are now higher than the gross domestic product of the major industrial countries. The statistics alone show the huge financial power of this new quantum technology, which until now has mainly been developed by internet giants. Thanks to a clever policy of promoting the home-grown mega-corporations, China can easily keep up with the big boys here. Europe on the other hand is outclassed. Even though China’s Communist Party is now taking extreme action against some corporations like Alibaba and Didi, the People’s Republic still hasn’t worked out a concept to stop monopolies forming in the internet industry. Europe’s dependency is on the USA in terms of the e-commerce economy – but on China for the production of high-end technological goods that define our present and our future. If Europe hopes to be a part of the immense value creation scheme involving these products and services for consumers and industry, there is no alternative but to step up efforts in the European quantum technology sector. The only way for Europe to survive as an influencer of technology perspectives in this key field is through prudent liberation from China’s domination.

The development and possible applications of quantum technology are still in the early stages. The reason its potential seems so magical is because in this science of elementary particles the boundaries of time and space become blurred. The opportunities for disruptive innovations that are opening up in view of the rapidly occurring changes in this field lie outside the confines of empirical forecasts. Due to the fundamental nature of quantum mechanical effects, all areas of life will be affected by radical innovation – similar to the way things happened after the introduction of digitalisation and the internet. Complicated processes in particular are then subject to algorithmic processing. These include medical histories, preparation of legal submissions, design solutions in technology and architecture, control and direction functions in logistics and public transport, and finally planning, calculation and implementation of political and military strategies. No cultural traditions, social categories or professional groups will escape the potential disruptions.

But to enable the ambivalent magic surrounding this new beginning, huge efforts will be required in terms of technology and science. Even the possibility of fully unhackable quantum cryptography and a quantum net based on this assumes technological capabilities that only a few nations and societies possess: a cutting-edge science and research community, a high-end electronics industry and engineering developed to an equally advanced level. The step from lab-based research to the robust practical application of quantum entanglement can only be performed with immense financial commitment and transfer of knowledge. Compared with the development of standard computers, we’re currently at a level approximately equivalent to 1975. Development of a fully error-corrected and universally usable quantum computer remains a great challenge in the immediate future.

The global quantum technology race is getting harder each day and the uncertainty about the future of society is becoming increasingly important. In this context many questions remain open: what is this enormous computing power used for? Will the speed of research cause our lives to look totally different in the near future? Where will development take us in the field of quantum computing? Will the divide between the leading nations in this area and the rest of the world widen even more?
So the winner of the race for the Great Leap into the age of quantum computing is still open; however one thing’s certain – the new technologies have the potential to change the future of the world we live in massively.

Further Reading

Kagermann, H./Süssenguth, F./Körner, J./Liepold, A. (2020): Innovationspotenziale der Quantentechnologien der zweiten Generation / The Innovation Potential of Second-generation Quantum Technologies; (acatech IMPULS), Munich. 
Mainzer, Klaus (2020): Quantencomputer. Von der Quantenwelt zur Künstlichen Intelligenz (Quantum computers. From the quantum world to artificial intelligence); Springer Nature, Berlin.
Meier Christian J. (2021): Eine kurze Geschichte vom Quantencomputer (A short history of quantum computers); (TELEPOLIS), Heidelberg 2021.
Patel N.V. (2020): China: Überholmanöver bei der Quantenkryptographie (China: an overtaking manoeuvre in quantum cryptography), in: Technology Review. The magazine for innovation. 
Zhang Q./Xu F./ Li L.`/Liu N.L. (2019): Quantum Information Research in China, in: Quantum Science and Technology 4, 40503.

Sat, 04 Jun 2022 01:14:00 -0500 en text/html
Killexams : DHS puts the kibosh on saying ‘pilot’ as it deals with new congressional reporting requirements

There is a new unwritten rule at the Department of Homeland Security these days: Don’t use the word pilot or demonstration program in public or in official documents.

Seems a little odd?

Calling something a pilot in government is like shaking someone’s hand when you first meet them. It’s a well-worn and appreciated custom.

But at DHS these days, the words are verboten thanks to a little noticed provision in the Department of Homeland Security’s...


There is a new unwritten rule at the Department of Homeland Security these days: Don’t use the word pilot or demonstration program in public or in official documents.

Seems a little odd?

Calling something a pilot in government is like shaking someone’s hand when you first meet them. It’s a well-worn and appreciated custom.

But at DHS these days, the words are verboten thanks to a little noticed provision in the Department of Homeland Security’s section of the fiscal 2022 omnibus spending bill.

Yes, Congress included in new language that requires DHS to submit a report on any pilot or demonstration program that “uses more than 5 full-time equivalents or costs in excess of $1 million.”

That requirement has caused a lot of consternation across DHS during fiscal 2022, according to multiple sources.

“This caught a lot of folks by surprise. It wasn’t seen until mostly after the fact that this was going to be problematic for the department after memorizing it,” said Chris Cummiskey, the former acting undersecretary for management at DHS and currently CEO of Cummiskey Strategic Solutions. “This is going potentially stifle the innovation that you often get with pilots to test out different approaches. It will apply limitations on advancing the pilots without approval from appropriators and that will make it difficult to operate these programs.”

To be clear, lawmakers aren’t forbidding any pilots or demonstration programs, but they do want a lot more data from DHS than they had been getting.

“Congress doesn’t know if there are a lot of programs. It had become apparent to some members of Congress over time DHS was doing things that were pilot in nature and they would ask questions like what are the metrics or goals or time frames, how many personnel are involved and at what point will it go from a pilot to regular operations,” said a source familiar with the provision, who requested anonymity to speak about the House Appropriations Committee’s thinking. “Very consistently, Congress would not get the responses and that there didn’t seem to be a lot of forethought or a lot of documented language about the pilots.”

So House appropriators added a host of new requirements for DHS to address in their reports that are due 30 days before the pilot or demonstration program begins, including:

  • Objectives that are well-defined and measurable;
  • An assessment methodology that details — the type and source of assessment data; the methods for and frequency of collecting such data; and how such data will be analyzed;
  • An implementation plan, including milestones, a cost estimate, and schedule, including an end date; and
  • A signed interagency agreement or memorandum of agreement for any pilot or demonstration program involving the participation of more than one Department of Homeland Security component or that of an entity not part of such department.

The source said DHS shouldn’t have been surprised by the provision. Lawmakers included similar language in the 2021 appropriations bill, but it ended up being only in the statement language versus being statutory in 2022.

“The department ignored it in 2021. Now it could’ve been a new administration coming in late and not having access to transition stuff when they should’ve and it stopped them from hitting the ground running. But lawmakers also wanted to make a point that this was something they wanted DHS to do,” the source said. “There were a lot of conversations in 2021 about the statement and lawmakers didn’t get a lot of feedback from DHS about the 2022 language. They seemed to say they could execute on the request.”

Multiple requests to DHS for comments about the provision and its impact were not returned.

Senate Appropriations Committee spokesman said the provision originated in the House.

“Its purpose is to provide oversight of ‘pop-up’ pilot programs at DHS, which typically did not track performance and impacts but largely acted as a justification for expanding the pilot itself,” the spokesman said.

Threshold for pilots is low

Cummiskey and other former DHS executives say the data call and putting together the reports shouldn’t be a huge lift for agency leaders.

Rafael Borras, the former DHS undersecretary for management and now president and CEO of the Homeland Security and Defense Business Council, said Congress created a low threshold for reporting and it will cover quite a large number of programs. But, at the same time, he said it shouldn’t too difficult to pull that information together.

“If you own the pilot or demonstration program, you should have that information available. The bigger question is why does Congress want the information and how will they use it,” Borras said. “Congress may not look at 100 reports, but they will look at the one or two and that may create some challenges for DHS.”

Cummiskey estimated it could be as many 40 different pilot or demonstration programs across the entire agency.

Troy Edgar, the former CFO for DHS and now a partner for federal finance and supply chain transformation with IBM Consulting, said another concern is how these requirements will slow down pilot work, which, in turn, can slow down departmental transformation and modernization.

He said the five full-time equivalents and $1 million thresholds seem low for an agency with a budget of over $82 billion.

Provision not about stopping innovation

Borras added that his big concern is adding this to the dozens, or even, hundreds, of other reporting requirements DHS already has to deal with.

“The department must uncover what is root of this and then address the root problems Congress is worried about,” he said. “If it is because they are not transparent and open enough, the DHS must deal with that. A simple report from the undersecretary for management doesn’t get at the root issue.”

The source said lawmakers want DHS to be innovative and to transform, but have the discipline and rigor associated with spending millions of dollars.

“It’s the kind of discipline that the department needs to make sure it has when it does a pilot. It has to make sure these pilots are effective in way DHS can learn whether or not the pilot achieved the goals intended,” the source said. “It’s beside the point if lawmakers look at all of them, but if it’s hundreds I think we all would be surprised. But lawmakers will look at some of them and ensure the requirements are institutionalized in a way that will result in better pilots going forward.”

The fact that the language isn’t “punitive” or a reaction to something DHS did, as some experts surmised, is a positive thing.

The question Borras, Cummiskey and others asked is whether requiring reports will have the intended affect Congress wants, which is better oversight, accountability and general management of pilot programs. It’s unclear whether new reporting requirements, by themselves, in any federal management realm really changed agency behavior.

Mon, 11 Jul 2022 08:34:00 -0500 en-US text/html
Killexams : Lilith ransomware. ChromeLoader's evolution. Rolling-PWN. Russia's cyber war. Smartphones and targeting. Vault 7 guilty verdict

Dateline Moscow, Kyiv, and the Hague: War crimes in a stalled war.

Ukraine at D+140: Discriminate and indiscriminate war. (The CyberWire) Russian tactics remain indiscriminate, and there's a growing international consensus that Moscow views this as a feature, not a bug. Ukraine's SSSCIP looks at the evolution of the cyber phases of Russia's war (and it believes the Russian hacktivists are GRU front groups. Smartphones are changing targeting (and not in a good way for smartphone users).

Russia-Ukraine war update: what we know on day 141 of the invasion (the Guardian) Turkey announces deal with Ukraine, Russia and UN aimed at resuming grain exports; Missile strikes hit Vinnytsia and Mikolaiv

Russia-Ukraine war latest: Zelenskiy says 20 people killed in ‘act of Russian terror’ in Vinnytsia (the Guardian) Ukrainian president condemns attack on “ordinary, peaceful” city; Ukraine says grain deal ‘definitely closer’ after talks in Turkey

Russia-Ukraine war: List of key events, day 141 (Al Jazeera) As the Russia-Ukraine war enters its 141st day, we take a look at the main developments.

Ukraine cuts N Korea ties over recognition of separatist regions (Al Jazeera) Kyiv severs relations after Pyongyang recognises independence of Donetsk and Luhansk People’s Republics in Ukraine.

Analysis: Two exhausted armies are battling for eastern Ukraine. Can either of them make a decisive move? (CNN) When Vladimir Putin refocused his war in Ukraine on the country's east three months ago, he did so bruised by the failures of his initial lunge towards Kyiv and desperate for a face-saving success.

Putin weaponizes Russian passports in his genocidal war against Ukraine (Atlantic Council) Vladimir Putin's decision to expand fast-track Russian passport distribution to the whole of Ukraine is a clear signal that his imperial appetite is not limited to the Ukrainian regions currently under Kremlin control.

Russia is using rape as a weapon of war in Ukraine. Here's what can be done about it. (USA Today) How to create a permanent, independent and international body to investigate and prosecute rape and sexual violence as war crimes.

U.S. calls on Russia to halt forced deportations of Ukrainians, citing war crimes (CNBC) The Kremlin has previously denied all claims that its forces target and kill civilians.

Nations discuss coordinating Ukraine war crimes probes (AP NEWS) The International Criminal Court's chief prosecutor called Thursday for an “overarching strategy” to coordinate efforts to bring perpetrators of war crimes in Ukraine to justice.

Russia’s War Against Ukraine Has Turned Into Terrorism (The Atlantic) The Russian military isn’t just bombing civilians. It’s also targeting the laws and values that protect human rights.

Iranian envoy responds to US claim it’s selling drones to Russia (Defense News) Earlier in the war, Iran was criticized in the West for not condemning Russia’s Feb. 24 invasion of Ukraine.

Ukraine's Cyber Agency Reports Q2 Cyber-Attack Surge (Infosecurity Magazine) The volume of cyber-attacks targeting the country has risen substantially over the second quarter of the year

To Vilify Ukraine, The Kremlin Resorts to Antisemitism (United States Department of State) One of the Kremlin’s most common disinformation narratives to justify its devastating war against the people of Ukraine is the lie that Russia is pursuing the “denazification” of Ukraine. Russian President Vladimir Putin has referred to Ukraine’s democratically elected government as a “gang of drug addicts and neo-Nazis,” while Russian state media and propagandists have […]

Polish minister wants Russian ambassadors kicked off social media to fight disinformation (POLITICO) Russian ambassadors’ social media accounts are ‘propaganda officers of an aggressive regime,’ says Janusz Cieszyński.

The weaponizing of smartphone location data on the battlefield (Help Net Security) How each side collects the adversary’s smartphone location data and shields their own can mean the difference between victory and defeat.

Increase support for Ukraine, or NATO may have to fight (The Hill) President Biden summed up the results of discussions concerning support for Ukraine at the late June NATO summit this way: “We are going to stick with Ukraine, and all of the Alliance is going to s…

Ukraine needs more international support (Atlantic Council) As the war in Ukraine becomes severely protracted, the international community by advancing Ukraine’s proposed roadmap to end the war and clarifying its economic policies in response to Russian aggression.

Building a better Ukraine: Rule of law is essential for post-war prosperity (Atlantic Council) Few would argue that the rule of law is essential for Ukraine’s post-war prosperity. However, previous efforts to implement judicial reforms have fallen short. What is required to make sure next time is different?

The man who has Putin’s ear — and may want his job (Washington Post) Russian security chief Nikolai Patrushev is one of the Russian president’s few close advisers

Russia holding 400 passenger jets hostage in global sanctions fight (Washington Post) The country’s airlines are refusing to return the planes they’d leased from foreign companies; the planes are worth billions

Attacks, Threats, and Vulnerabilities

New Lilith ransomware emerges with extortion site, lists first victim (BleepingComputer) A new ransomware operation has been launched under the name 'Lilith,' and it has already posted its first victim on a data leak site created to support double-extortion attacks.

New Ransomware Groups on the Rise (Cyble) Cyble analyzes new ransomware families spotted in the wild led by notable examples such as LILITH, RedAlert, and 0Mega.

New Android malware on Google Play installed 3 million times (BleepingComputer) A new Android malware family on the Google Play Store that secretly subscribes users to premium services was downloaded over 3,000,000 times.

Researchers Uncover New Variants of the ChromeLoader Browser Hijacking Malware (The Hacker News) Researchers have uncovered new variants of the ChromeLoader information-stealing malware, highlighting its evolving features.

ChromeLoader: New Stubborn Malware Campaign (Unit 42) A malicious browser extension is the payload of the ChromeLoader malware family, serving as adware and an infostealer, leaking users’ search queries.

Facebook 2FA scammers return – this time in just 21 minutes (Naked Security) Last time they arrived 28 minutes after lighting up their fake domain… this time it was just 21 minutes

HavanaCrypt Ransomware Masquerades as a Fake Google Update (Infosecurity Magazine) Researchers at Trend Micro have uncovered stealthy ransomware named 'HavanaCrypt,' which presents itself as a Google Software Update

MaliBot Android malware spreading fast, says Check Point ( The MaliBot malware is becoming a persistent and widespread problem, and Android users should be on their guard, says Check Point.

‘Lives are at stake’: hacking of US hospitals highlights deadly risk of ransomware (the Guardian) The number of ransomware attacks on US healthcare organizations increased 94% from 2021 to 2022, according to one report

Ransomware Landscape Evolves in a Post-Conti World (Decipher) The release of LockBit 3.0 is making waves in a ransomware ecosystem that has been reshaped due to Conti shutting down its operations.

Ransomware Activity Resurges in Q2 (Infosecurity Magazine) Ransomware activity rose by 21% compared to Q1 2022, according to a new report

Honda Admits Hackers Could Unlock Car Doors, Start Engines (SecurityWeek) “Rolling-PWN attack” targets Remote Keyless System on Honda vehicles that allows them to open the car doors and start the engine.

Honda redesigning latest vehicles to address key fob vulnerabilities (The Record by Recorded Future) Honda said it is addressing a spate of vulnerabilities in its newly designed models after researchers found bugs affecting key fob systems.

Will Hackers Bring Down Airplanes One Day? (Aviation International News) Airline reticence over cyber-security suggests the threat has become increasingly serious.

Vulnerabilities allowing permanent infections affect 70 Lenovo laptop models (Ars Technica) UEFI updates often require manual installation. Are you patched?

New UEFI firmware flaws impact over 70 Lenovo laptop models (BleepingComputer) The UEFI firmware used in several laptops made by Lenovo is vulnerable to three buffer overflow vulnerabilities that could enable attackers to hijack the startup routine of Windows installations.

Bandai Namco confirms cyberattack after ransomware group threatens leak (The Record by Recorded Future) Japanese video game giant Bandai Namco confirmed on Wednesday that it suffered from a wide-ranging cyberattack that may have exposed customer information. 

Disneyland Account Takeover Highlights Lax Security for Social Media Accounts (CPO Magazine) A hack of Disneyland’s social media in the early hours of July 7 appeared to be a vulgar prank and was quickly scrubbed from the internet, but the brazen account takeover demonstrated that even the world’s most prominent companies continue to have gaps in areas of cyber operations that are considered “less essential.”

Colorado Springs Utilities experiences data breach, customer data compromised (KRDO) Colorado Springs Utilities is warning customers about a data breach that happened in June, affecting customer information. On July 6, Colorado Springs Utilities was notified that customer data stored by one of the company's subcontractors was accessed by an unauthorized party. According to Springs Utilities, this happened on June 15,

Afni, Inc. Announces Data Breach (JD Supra) Recently, Afni, Inc. filed official notice of a data breach that impacted the sensitive information of certain individuals. According to the Afni, the...

Security Patches, Mitigations, and Software Updates

ICS Patch Tuesday: Siemens, Schneider Electric Address 59 Vulnerabilities (SecurityWeek) Siemens and Schneider Electric have released their Patch Tuesday updates for July 2022 with a total of two dozen advisories describing 59 vulnerabilities.

Adobe Patch Tuesday: Critical Flaws in Acrobat, Reader, Photoshop (SecurityWeek) Adobe rolls out a major security update for its flagship Acrobat and Reader products to fix at least 22 documented security vulnerabilities.

DLL Hijacking Flaw Fixed in Microsoft Azure Site Recovery (SecurityWeek) Microsoft's Patch Tuesday rollout this month included fixes for multiple high-severity vulnerabilities in Azure Site Recovery.

Infiltrate, Exploit, Manipulate: Why the Subversive Nature of Cyber Conflict Explains Both Its Strategic Promise and Its Limitations (Lawfare) Cyber operations are not novel, nor is their impact revolutionary. They are instruments of subversion that promise great gains in theory but are constrained in practice by a crippling operational trilemma that limits strategic value.

Consulting firms jump on the Zero Trust bandwagon (CSO Online) Deloitte's new Zero Trust Access service and HCL's collaboration with Palo Alto Networks mark a sustained trend towards offering Zero Trust security services for clients.

Cyber Threats Within Digital Ecosystems May Be an Enterprise Blind Spot, Reveals New Study from TCS (TCS) Tata Consultancy Services’ Risk and Cybersecurity Study among 600 Cyber Executives Highlights the Most Pressing Cybersecurity Issues Facing Large Companies across Europe and North America.

New research reveals 93% of organizations surveyed have had failed IIoT/OT security projects; highlights top challenges in implementation of industrial security (PR Newswire) Barracuda Networks Inc. (Barracuda), a trusted partner and leading provider of cloud-enabled security solutions, today released key findings...


How War Impacts Cyber Insurance (Threatpost) Chris Hallenbeck, CISO for the Americas at Tanium, discusses the impact of geopolitical conflict on the cybersecurity insurance market.

Bishop Fox Secures $75 Million in Growth Funding from Carrick Capital Partners (GlobeNewswire News Room) Offensive security leader continues to defy market and economic trends with record growth and recognized innovation...

Lightspeed raises $7.1B across four funds and forms new crypto fund with Blockchain Ventures vet (Fortune) The new funding is a vote of confidence for the firm as valuations sink and one of the firm’s star investors steps back.

Blockchain Security Startup BlockSec Raises $8 Million (SecurityWeek) Blockchain security startup BlockSec has raised $8 million in a seed funding round co-led by Vitalbridge Capital and Matrix Partners

Forescout Completes its Acquisition of Cysiv to Deliver Automated True Threat Response (Business Wire) Forescout Technologies, the global leader in automated cybersecurity, today announced that it has completed its acquisition of Cysiv, a cybersecurity

WithSecure creates a new unit to Improve cyber resilience for enterprises (Help Net Security) WithSecure announces the creation of the new WithIntel unit to protect organizations from emerging threats and the damages that they cause.

Army awards Lockheed next phase of critical cyber, EW and intel platform (FedScoop) The Army has awarded Lockheed Martin a $58.8 million contract for the next phase of an effort to pave the way for the first brigade-organic cyber, electronic warfare and signals intelligence platform to be delivered to soldiers. The Terrestrial Layer System-Brigade Combat Team (TLS-BCT) is a Stryker-mounted system that will provide indications and warning, force […]

ADF Veterans Reskilling for Cybersecurity Roles (Australian Cyber Security Magazine) SANS Institute has announced the inaugural class of graduates from its Veteran Cyber Academy. SANS held a graduation ceremony at The Australian War Memorial in Canberra on 16 June, where the first cohort of students graduated.

BreachQuest Gains Momentum, Named Approved Vendor By Top Cyber Insurance Providers (PR Newswire) BreachQuest, the company modernizing incident response, announced today that over the past year of operations it has been added to the panel of...

Axis Shortlisted for 2022 SaaS Award for Security Innovation (Axis Security) Atmos Secure Service Edge Platform Nominated for Best Security Innovation in a SaaS Product SAN MATEO, CA, July 14, 2022 – Axis announced today that its Atmos Secure Service Edge platform has been shortlisted in the 2022 SaaS Awards program in the security innovation category.   Now in its seventh year of celebrating software innovation, the...

Incode Technologies Announces Expansion of Its Development Center in Serbia (Business Wire) Incode Technologies, an industry-leader in identity verification and authentication for global enterprises, announced the expansion of its Serbian dev

Contrast Security Expands Executive Team with Senior Vice President of Corporate Development and Strategic Alliances (Yahoo Finance) Contrast Security (Contrast), the leader in code security that empowers developers to secure-as-they code, today announced the appointment of Ben Goodman, who will serve as the company's Senior Vice President of Corporate Development and Strategic Alliances.

Zimperium Names General Joseph F. Dunford, Jr., Former Chairman of the Joint Chiefs of Staff, to Its Board of Directors (Business Wire) Zimperium today announced the appointment of former Chairman of the Joint Chiefs of Staff, Joseph Dunford, to its board of directors.

Praetorian Announces Appointment of Alexander Pagoulatos as Vice President of Product (Yahoo) AUSTIN, Texas, July 13, 2022--Praetorian, a leading offensive security company, today announces the appointment of renowned industry leader Alexander Pagoulatos to the position of vice president of Product.

Products, Services, and Solutions

ExtraHop Extends XDR Partnership with CrowdStrike, Introduces Native Push-Button Response for Precision Threat Quarantine (Business Wire) ExtraHop extends XDR partnership with CrowdStrike, introduces native push-button response for precision threat quarantine

CyberArk Launches Secrets Hub for AWS Secrets Manager (Business Wire) CyberArk Impact 2022–CyberArk (NASDAQ: CYBR), the global leader in Identity Security, today announced CyberArk Secrets Hub, a new Software-as-a-Servic

CyberArk Advances Identity Security Market with Unmatched Cybersecurity Innovation (Business Wire) CyberArk Impact 2022 – CyberArk (NASDAQ: CYBR), the global leader in Identity Security, is making several announcements today at the CyberArk Impact 2

Kudelski IoT Secure IP increases hardware security for semiconductor manufacturers (Help Net Security) Kudelski IoT launched its Secure IP portfolio, empowering hardware security for semiconductor manufacturers.

Cellebrite, Chainalysis Team Up Against Crypto Crime (GovTech) Even as cryptocurrency investors deal with recent losses in value, public-sector interest in crypto continues to grow. That means more opportunities for fraud and more need for protections, the companies say.

CyberArk Advances Identity Security Market with Unmatched Cybersecurity Innovation (Business Wire) CyberArk Impact 2022 – CyberArk (NASDAQ: CYBR), the global leader in Identity Security, is making several announcements today at the CyberArk Impact 2

Radware Delivers Cloud DDoS Protection for ESDS Software Solution Limited (GlobeNewswire News Room) Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions, today...

Core Security by HelpSystems Introduces New Ransomware Simulator (PRWeb) Core Security by HelpSystems, a leading provider of cyber threat solutions, today announced the addition of ransomware simulation to its penetration testing solu

TX-RAMP Authorizes the Lookout Security Platform for Level 2 Certification (PR Newswire) Lookout, Inc., a leader in endpoint and cloud security solutions, today announced it has been authorized to operate the Lookout Security...

Scribe Security Releases Code Integrity Validator Alongside Github Security Open Source Project (PR Newswire) Scribe Security, a leading software supply chain security solutions provider, announced today the release of Scribe Integrity, a code integrity...

Technologies, Techniques, and Standards

The Cyber Resilience Index: Advancing Organizational Cyber Resilience (World Economic Forum) This White Paper explains why many organizations lack cyber resilience and offers a blueprint to build a more sustainable, inclusive and resilient digital environment for everyone.

Mergers and acquisitions are a strong zero-trust use case (Register) Bypasses an arduous integration process with right security footing from the start

Report: Financial Institutions Overly Complacent About Current Authentication Methods (Dark Reading) New research report finds most financial organizations have experienced a breach due to an authentication weakness, yet only a third took action

Design and Innovation

Microsoft Releases Open Source Toolkit for Generating SBOMs (SecurityWeek) Microsoft has open-sourced its internal toolkit for generating SBOMs (software bill of materials) based on the SPDX specification.

Apple, Google and Microsoft have big plans to kill the password. Here's what it means for you (ABC) Some of the world's largest tech companies are collaborating to kill off the password — and the start of the transition is happening sooner than you may think.

Research and Development

The US military wants to understand the most important software on Earth (MIT Technology Review) Open-source code runs on every computer on the planet—and keeps America’s critical infrastructure going. DARPA is worried about how well it can be trusted


ASU launches global security and competitive statecraft graduate certificate (ASU News) Thanks to ASU's new, forward-thinking graduate certificate in global security and competitive statecraft, security-related professionals can stay ahead of developing trends and have a stronger grasp on contemporary problems in the global strategic environment.

Legislation, Policy, and Regulation

The U.S. Is Writing a New Digital Doctrine (The Information) In its infancy, the commercial web was thought to be a much-needed competitor against the incumbent players in the telecommunications market—or rather it could be, but only if it could steer clear of strangling regulations. So the U.S. created a governance system with minimal state control, ...

National Security Memorandum on The President’s Intelligence Priorities (The White House) The collection and analysis of timely and accurate intelligence is essential to our national security, foreign policy, law enforcement, and defense, and is critical to protecting and advancing the United States’ vital interests. Global challenges posed by nation states and transnational threats alike demand the Intelligence Community (IC) use its resources in a coordinated manner that aligns with and is responsive to the President’s overall priorities and direction.

Cyber Safety Review Board Closes the Book on SolarWinds While Reporting on Log4j  ( Legislation seeking to amend the annual National Defense Authorization Act wants the Government Accountability Office to investigate.

Dems stress national security as computer chips bill stalls (AP NEWS) The Biden administration and congressional Democrats are warning of dire ramifications for the economy and for national security if Congress fails to pass a bill by the end of July that is designed to boost semiconductor manufacturing in the United States.

Litigation, Investigation, and Law Enforcement

DHS Cyber Safety Review Board found no evidence China knew of Log4j before disclosure (CyberScoop) The report suggests that even though risk still remains for unpatched organizations, a government-wide response helped drive mediation.

Panel finds notorious Log4j internet bug did not lead to any "significant" attacks on critical infrastructure (CBS News) To date, "exploitation of Log4j occurred at lower levels than many experts predicted, given the severity of the vulnerability," a report from the panel determined.

Cyber Safety Review Board’s first report gives CISA thumbs up for Log4j response (Federal News Network) The board’s inaugural report offers more suggestions for how agencies could Improve software security and transparency.

First Cyber Safety Review Board report finds Log4j has become an 'endemic vulnerability' (The Record by Recorded Future) The flaw uncovered late last year in the widely-used Log4j software has not been used to exploit critical infrastructure or launch “significant” digital attacks but will remain a danger for many years to come, the independent body charged with investigating the global incident said Thursday.

Statement Of U.S. Attorney Damian Williams On The Espionage Conviction Of Ex-CIA Programmer Joshua Adam Schulte (US Department of Justice) Joshua Adam Schulte was a CIA programmer with access to some of the country’s most valuable intelligence-gathering cyber tools used to battle terrorist organizations and other malign influences around the globe.

Ex-C.I.A. Engineer Convicted in Biggest Theft Ever of Agency Secrets (New York Times) The top federal prosecutor in Manhattan said Joshua Schulte had engaged in “one of the most brazen and damaging acts of espionage in American history.”

Former CIA Staffer Convicted For Massive Data Breach To WikiLeaks (Forbes) Prosecutors said the 33-year-old who helped the CIA design shadowy hacking tools was responsible for “one of the most brazen and damaging acts of espionage in American history.”

Israel’s NSO Group said to lobby unsuccessfully for removal from US blacklist (Times of Israel) Lawyers and PR firms hired by embattled spyware company reportedly approached senators and members of Congress and are urging discussion of issue in Lapid-Biden meeting this week

Pegasus Spyware Maker NSO Is Conducting a Lobbying Campaign to Get Off U.S. Blacklist (ProPublica) The cybersecurity firm has invested heavily in top lobbyists and law firms in an effort to lift restrictions on doing business in America. NSO is hoping the Israeli prime minister will raise the issue with Joe Biden when the two meet this week.

European Police Aim to Keep Young Hackers From Slipping Into Cybercrime (Wall Street Journal) Teenagers and children, some as young as 8, can acquire simple skills of criminal hacking, police say. COPS, a Dutch group to steer young people away from cybercrime, is being replicated in Finland, Denmark and elsewhere.

Clearview AI hit with another €20M ban order in Europe (TechCrunch) Athens-based data protection authority has fined Clearview AI €20M and banned it from collecting and processing the personal data of people living in Greece.

Gaming firm Razer sues IT vendor for nearly S$10m in losses over leak of customers’ data (TODAY) Gaming hardware maker Razer has sued a vendor over a cybersecurity breach that led to confidential data of its customers and sales being leaked to the public.

Elephant Insurance Sued Over Breach That Affected 2.7 Million (Bloomberg Law) Elephant Insurance Co. was hit by a proposed class action over a data breach of its servers which compromised the personally identifiable information of over 2.7 million consumers.

Amazon Proposes Settlement of EU Antitrust Charges on Seller Data (Wall Street Journal) The online retailer has proposed concessions to settle two antitrust cases against it in the European Union, a fresh sign of changing strategy from big tech companies after the bloc passed a strict new digital-competition law.

Thu, 14 Jul 2022 05:31:00 -0500 text/html
Killexams : FBI and MI-5 warn of Chinese industrial espionage. Trickbot's privateering. Cozy Bear sighting. Chinese APTs target Russia.

Dateline Beijing, Moscow, Kyiv, Ankara, Warsaw, Berlin, Paris, London, and Washington: Russia's hybrid war, and NATO's response.

Ukraine at D+133: Privateering during an "operational pause." (The CyberWire) There's apparently an "operational pause" for reconstitution in Russia's Donbas offensive, but Russian privateering and influence operations pick up their pace.

Russia-Ukraine war: List of key events, day 134 (Al Jazeera) As the Russia-Ukraine war enters its 134th day, we take a look at the main developments.

Russia-Ukraine war: Russia fails to take territory for first time since war began (The Telegraph) Russia has not made any territorial gains in Ukraine for the first time in 133 days, according to its own assessments, hinting at an “operational pause” for its battle-stricken forces to recuperate.

Russia-Ukraine war: Snake Island and Odesa hit by rockets; row over ‘stolen’ Ukrainian grain grows – live (the Guardian) Local official says Russian rockets hit strategic island and city; Turkish ambassador summoned by Ukraine after Russian ship with grain released

Russia’s offensive gains pace in Donetsk; focus shifts to Slovyansk (Washington Post) After sweeping through Luhansk, Russian forces are now gaining ground in the neighboring Donetsk region. Both are part of the prized industrial Donbas heartland of eastern Ukraine that Moscow is seeking to control. Donetsk’s regional governor is urging the area’s 350,000 residents to evacuate as Russia intensifies its bombardment campaign, telling reporters Tuesday: “The destiny of the whole country will be decided by the Donetsk region.”

Slovyansk’s ‘remainers’ prepare for last stand against Russian invaders (The Telegraph) With the city poised to be flattened by Kremlin firepower, the citizens who haven’t fled either have nothing left to lose or a lot to fear

Russia confirms 6 Belarusian soldiers fighting for Ukraine captured or killed in Luhansk (Fox News) Roughly six Belarusian soldiers who volunteered to fight in Ukraine against Russia's invasion were confirmed on Wednesday to have been captured or killed.

Norwegian air chief: Russia isn't '10 feet tall,' but don't discount it (Breaking Defense) "I think we shouldn't underestimate [Russia's] level of capability, because I don't think we have seen it," Maj. Gen. Rolf Folland, chief of the Royal Norwegian Air Force, told Breaking Defense.

Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine (Security Intelligence) IBM Security X-Force uncovered evidence indicating that the Russia-based cybercriminal syndicate "Trickbot group" has been attacking Ukraine since the Russian invasion. Explore an in-depth analysis on six of ITG23's campaigns.

Trickbot may be carrying water for Russia (Washington Post) A top ransomware distributor has targeted Ukraine six times since Russia’s invasion.

Targets of Interest | Russian Organizations Increasingly Under Attack By Chinese APTs (SentinelOne) Chinese-linked phishing campaign seeks to compromise Russian targets with custom malware designed for espionage.

Chinese hackers targeting Russian government, telecoms: report (The Record by Recorded Future) Chinese hacking groups are targeting the Russian government and organizations in the telecommunications industry, according to a new report.

Russia Info Ops Home In on Perceived Weak Links (VOA) New report by cybersecurity firm Recorded Future says the Kremlin's disinformation efforts have focused on France, Germany, Poland and Turkey

Russia rages over French leak of Vladimir Putin’s ‘ice hockey’ phone call (The Telegraph) Emmanuel Macron's government criticised for taping conversation in which Russian president rebuffed last-ditch call for peace talks

NFT scammers see an opportunity in Ukraine donations (The Record by Recorded Future) The Ukrainian government and celebrities have been promoting non-fungible tokens (NFTs) and cryptocurrencies to raise funds for the country's military during its ongoing war with Russia.

Why Ukraine loves Boris (Atlantic Council) British Prime Minister Boris Johnson's domestic approval rating has hit rock bottom but he is the most popular foreign politician in Ukraine thanks to his support for the country in its fight against Vladimir Putin's invasion.

Don’t make decisions without me, frustrated Volodymyr Zelensky orders general (The Telegraph) Ukrainian president rebukes military commander over draconian travel restrictions that would have kept army recruits from visiting families

Ukraine’s military plans to limit free movement to make conscription easier (the Guardian) Unclear if Zelenskiy backs permit system to keep men eligible to fight in the region they are registered in

Latvia to reinstate compulsory military service amid Russia’s war on Ukraine (POLITICO) 15 years after abolishing the measure, Riga plans to make all men aged 18-27 complete 11 months of training.

Putin’s poisonous anti-Western ideology relies heavily on projection (Atlantic Council) Vladimir Putin's poisonous anti-Western ideology is rooted in projection of his own authoritarian instincts and outdated assumptions about the adversarial nature of relations between Russia and the democratic world.

The Great Global Rearmament (Foreign Affairs) Ukraine and the dangerous rise in military spending.

Winning friends and influencing Russians: Three audiences the US should target (Atlantic Council) The Biden administration needs an offensive strategy that prioritizes transparency and truth to defeat Russian aggression.

The U.S. Is Expanding Its Goals in Ukraine, and That’s a Very Good Thing (The National Interest) If we want a lasting and durable peace in Europe, with Russia contained, the West should arm Ukraine to the teeth.

Special dispatch from Madrid: At NATO's historic summit, good scores points on evil, but it's not enough to stop Putin's Ukraine war (Atlantic Council) Despite the successes of the NATO summit, Russia's missile strike on a Ukrainian shopping mall put the brutality of Putin's war into stark relief.

Ukraine tensions run high as Lavrov flies into Bali for G20 foreign ministers summit (the Guardian) Meeting in Indonesia will be the first with the Russian envoy since the Kremlin invaded its neighbour, triggering global food and energy crises

How to Equip Ukraine to Break the Black Sea Blockade (Foreign Policy) Russia’s grain blockade is a global catastrophe. It can be broken without NATO intervention.

Ukraine defies Russia and launches electricity exports to EU neighbors (Atlantic Council) Ukraine’s remarkable wartime synchronization with the electricity grid of continental Europe moved up a gear at the end of June with the landmark launch of commercial electricity exports to neighboring Romania.

Zelenskiy calls on trader Vitol to stop shipping Russian ‘blood oil’ (the Guardian) Kyiv asks largest independent oil trader to state when it will ship last barrel and how much it will ship until that date

Attacks, Threats, and Vulnerabilities

Heads of FBI, MI5 Issue Joint Warning on Chinese Spying (Wall Street Journal) “The Chinese government is set on stealing your technology,” the agency chiefs tell business leaders.

FBI and MI5 leaders deliver unprecedented joint warning on Chinese spying (the Guardian) Christopher Wray joins Ken McCallum in London, calling Beijing the ‘biggest long-term threat to economic security’

FBI and MI5 bosses: China cheats and steals at massive scale (Register) Other US spooks chime in with similar warnings

FBI director suggests China bracing for sanctions if it invades Taiwan (Washington Post) In a rare speech alongside London counterpart, Director Christopher Wray amps up warnings about Chinese hacking and influence operations

Near-undetectable malware linked to Russia's Cozy Bear (Register) The fun folk who attacked Solar Winds using a poisoned CV and tools from the murky world of commercial hackware

Russia's Cozy Bear linked to nearly undetectable malware (Computing) The distribution mechanism is similar to previous attacks by the Russian group.

When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors (Unit 42) Pentest and adversary emulation tool Brute Ratel C4 is effective at defeating modern detection capabilities – and malicious actors have begun to adopt it.

China Escalates Efforts to Influence U.S. State and Local Leaders, Officials Warn (Wall Street Journal) American counterintelligence officials are sounding the alarm about Chinese influence operations as tensions between Beijing and Washington rise.

Protecting Government and Business Leaders at the U.S. State and Local Level from People’s Republic of China (PRC) Influence Operations. (National Counterintelligence and Security Center) For decades, a broad range of entities in China have forged ties with government and business leaders at the state and local levels of the United States, often yielding benefits for both sides. However, as tensions between Beijing and Washington have grown, the government of the People’s Republic of China (PRC) under President Xi Jinping has increasingly sought to exploit these China-U.S. subnational relationships to influence U.S. policies and advance PRC geopolitical interests.

North Korean ransomware dubbed Maui active since May 2021 (Register) CISA, FBI, US Treasury warn Kim Jong-un's latest malware has hit healthcare orgs

China Police Database Was Left Open Online for Over a Year, Enabling Leak (Wall Street Journal) Cybersecurity experts say the error enabled the theft of records of nearly 1 billion people, including senior officials, leading to a $200,000 ransom note.

Shanghai data leak: China tested by possible largest hack in history (The Christian Science Monitor) “ChinaDan,” a Chinese hacker, claims to possess the phone numbers, names, and ages of 1 billion Chinese citizens. Although the scale of the leak seems huge, experts say many online advertising companies already get the same type of data when browsing online.

Researchers Flag 'Significant Escalation' in Software Supply Chain Attacks (SecurityWeek) Researchers at ReversingLabs and Checkmarx release separate warnings about software supply chain attacks targeting the open source NPM ecosystem.

Evasive Rust-Coded Hive Ransomware Variant Emerges (SecurityWeek) Researchers nab a new, highly evasive variant of the Hive ransomware written in Rust and supporting command-line parameters.

OrBit, a new sophisticated Linux malware still undetected (Security Affairs) Cybersecurity researchers warn of new malware, tracked as OrBit, which is a fully undetected Linux threat. Cybersecurity researchers at Intezer have uncovered a new Linux malware, tracked as OrBit, that is still undetected. The malware can be installed as a volatile implant either by achieving persistence on the compromised systems. The malware implements advanced evasion […]

Cyberattack knocks out California community college email, website, landlines (The Record by Recorded Future) A 12,500-student community college in California is suffering from a cyberattack that brought down the school’s online services and campus phone lines. 

Marriott Hotels suffers third data breach in 4 years (Register) Digital thieves made off with 20GB of internal documents and customer data

Marriott hit by new data breach and a failed extortion attempt (BleepingComputer) Hotel giant Marriott International confirmed this week that it was hit by another data breach after an unknown threat actor managed to breach one of its properties and steal 20 GB worth of files.

Marriott says hackers attempted to extort company with Baltimore hotel data theft (The Record by Recorded Future) Marriott confirmed reports that hackers tried to extort the company after 20 GB of employee and customer data was stolen from BWI Airport Marriott in Baltimore.

American Marriage Ministries acknowledges data exposure after earlier incident reported to FBI (The Record by Recorded Future) Wedding officiant training company American Marriage Ministries (AMM) said it is dealing with another data security issue after reporting a breach of sensitive data to the FBI earlier this year. 

Mass. FD warns of data breach that may include EMS patients (EMS1) The number of people affected is unknown, but Comstar Ambulance Billing said that suspicious activity was detected in March

Cybersecurity expert weighs in on Cedar Rapids schools’ cybersecurity breach (Cedar Rapids Gazette) Summer programs closed for the remainder of the week as district officials work with experts to find a solution

Macmillan Says Retailers Can Again Order Its Books After recent Cyberattack (Wall Street Journal) The company said it is working its way through a backlog of orders and that it doesn’t anticipate it will have to change the publication date of any of its coming books.

SHI hit by 'professional malware attack' (CRN) Reseller insists there is currently no evidence to suggest its customers were impacted

Crema hacker returns $8M, keeps $1.6M in deal with protocol (Cointelegraph) Solana-based liquidity protocol Crema Finance recovered $8 million of the $9.6 million it lost from a security exploit on July 2, granting the rest as a bounty to the exploiter.

Security Patches, Mitigations, and Software Updates

OpenSSL Releases Security Update (CISA) OpenSSL has released a security update to address a vulnerability affecting OpenSSL 3.0.4. An attacker could exploit this vulnerability to take control of an affected system.  CISA encourages users and administrators to review the OpenSSL advisory and upgrade to the appropriate version. 

OpenSSL fixes two “one-liner” crypto bugs – what you need to know (Naked Security) “As bad as Heartbleed”? We heard that concern a week ago, but we think it’s less ungood than that…

OpenSSL version 3.0.5 fixes a flaw that could potentially lead to RCE (Security Affairs) The development team behind the OpenSSL project fixed a high-severity bug in the library that could potentially lead to remote code execution. The maintainers of the OpenSSL project fixed a high-severity heap memory corruption issue, tracked as CVE-2022-2274, affecting the popular library. This bug makes the RSA implementation with 2048 bit private keys incorrect on such machines and triggers […]

Cisco and Fortinet Release Security Patches for Multiple Products (The Hacker News) Fortinet and Cisco released patches to address security vulnerabilities across multiple products.

Owl Labs Update (Owl Labs) Today, June 23, 2022, Owl Labs released the latest software update in reference to recent security issues that were identified.

Study Reveals That Mid-Sized Organizations Need to Prioritize Cybersec (PRWeb) Egnyte, a leader in cloud content security and governance, today released its Cybersecurity Trends for Mid-Sized Organizations Report, a mid-year updat

Cyberattacks against law enforcement are on the rise (Help Net Security) Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 500 companies worldwide, has registered an increase in malicious activity


Vector Capital becomes the majority shareholder of WatchGuard Technologies (Help Net Security) WatchGuard Technologies announced that Vector Capital closed the deal to acquire interests previously owned by other co-investors.

WatchGuard's new owner vows to 'double down' on MSPs (CRN) It was announced in April that Vector Capital had entered into a definitive agreement to acquire the interests of other shareholders, including Francisco Partners

Security Automation Firm Swimlane Closes $70 Million Funding Round (SecurityWeek) Swimlane banks $70 million in a growth funding round led by Activate Capital, bringing the total raised to $170 million.

BlueVoyant UK Marks One Year of Impressive Momentum, Targeting Aggressive Growth with Senior Cyber Security Appointments (PR Newswire) BlueVoyant UK, an industry-leading cyber defence platform company converging internal and external security, today announced significant UK...

DIA posts network-centric warfare training sources sought (Intelligence Community News) On July 6, the Defense Intelligence Agency posted a sources sought notice for Network Centric Warfare training. Responses are due by 1:00 p.m. Eastern on July 20.

DoD Launches 'Hack US' Bounties for Major Flaws in Publicly Exposed Assets (SecurityWeek) The U.S. Department of Defense launches a limited bug bounty program to reward high- and critical-severity vulnerabilities in its publicly accessible information systems.

Products, Services, and Solutions

What is ZuoRAT? | Allot's Network Security & IoT Blog for CSPs & Enterprises (ALLOT) Meet ZuoRAT, a remote access trojan that attacks via SOHO routers. Find out how it works, and what service providers and businesses can protect themselves.

Red Canary and Palo Alto Networks expand collaboration to provide detection and response across security landscape (PR Newswire) Red Canary, the Managed Detection and Response (MDR) trailblazer, has expanded its collaboration with industry leader Palo Alto Networks to...

Talon Cyber Security Introduces First Secure Enterprise Browser for Mobile Devices to Bring Full Visibility and Security to All Endpoints Across Enterprise Environments (Talon Cyber Security) Talon Delivers Enterprise-Grade Security through Mobile Browser to Close Significant Gap in Endpoint Security Programs  Tel Aviv, Israel – July 7, 2022 – Talon Cyber Security, the leading secure enterprise browser provider, today introduced TalonWork Mobile, a version of its TalonWork browser made specifically for mobile endpoints. With TalonWork Mobile, customers can extend secure access and...

CISA and NPower offer free entry-level cybersecurity training (Help Net Security) NPower is looking for recruits for a free cybersecurity training program aimed at underserved populations in the US.

Technologies, Techniques, and Standards

Implementing a Zero Trust Architecture (NIST NCCOE) The proliferation of cloud computing, mobile device use, and the Internet of Things has dissolved conventional network boundaries. The workforce is more distributed, with remote workers who need access to resources anytime, anywhere, and on any device, to support the mission. Organizations must evolve to provide secure access to company resources from any location and asset, protect interactions with business partners, and shield client-server as well as inter-server communications.

How to Avoid the Worst Instagram Scams (Wired) Fake sellers. Competitions. Crypto cons. There are plenty of grifts on the platform, but you don’t have to get sucked in.

Credential Stuffing Examples and Keys to Detection (ThreatX) As part of our ongoing blog series on the modern threat landscape, we are taking a look at some of the many threats and risks that are often missed by legacy WAFs and security tools. Unlike traditional injection and XSS attacks, this newer breed of attacks excels at evading traditional signatures and regex rules, allowing […]

How to Secure PowerShell and Use it for Cybersecurity Defense (My TechDecisions) Cybersecurity agencies say organizations should take several steps to secure PowerShell and keep it from being used in cyberattacks.

Cyber Yankee exercise hones New England Guard skills to fight digital threats (C4ISRNet) “Whether it’s a state or a federal effort, the importance of being prepared to respond to a cyber incident is paramount.”

Lessons Learned While Pentesting GraphQL (Black Hills Information Security) Sean Verity // GraphQL is one of those technologies that I heard about several years ago but had not encountered during an genuine pentest. After memorizing a blog or two, […]

Design and Innovation

Press Release | Fortress Sponsors Open Web Application Security Project to Work on Industry-Wide SBOM Standards (Fortress Infosec) Fortress joins the Open Web Application Security Project (OWASP) to support the CycloneDX project, which is focused on promoting a lightweight SBOM standard.

Apple introduces 'Lockdown Mode' iPhone feature to block elite spyware (NBC News) The new feature aims to counter the rise of advanced hacking software that governments sometimes use to spy on people’s devices.

Apple Adds 'Lockdown Mode' to Thwart .Gov Mercenary Spyware (SecurityWeek) Apple is adding a new ‘Lockdown Mode’ that significantly reduces attack surface and adds technical roadblocks to limit sophisticated software exploits.

Research and Development

Bias in Artificial Intelligence: Can AI be Trusted? (SecurityWeek) AI in cybersecurity has value, but there is concern over faulty algorithms, hidden bias, false positives, abuse of privacy, and potential for abuse by criminals, law enforcement and intelligence agencies.

Legislation, Policy, and Regulation

Democracies Aren’t Ready for AI’s Impact (World Politics Review) Artificial intelligence is already an important part of daily lives around the world, and much of what it does is uncontroversial. But there’s a sinister side to the technology—one that, because of the danger it poses to democracy and human rights, demands much greater attention than it has so far received.

China’s Cabinet Urges Greater Cybersecurity After Data Leak (Bloomberg) State Council meeting discusses need to safeguard information. Gathering follows largest potential hack in country’s history.

Aussie MSSPs dish on Home Affairs' enforcement of The Critical Infrastructure Bill (CRN Australia) We hear from Cytrack, Sekuro and Stickman Cyber on their views.

The Role Of National Center For Cyber Security In Pakistan (The Nation) The entire world is going digital for all the right reasons. Thanks to its large internet user base, Pakistan has also undergone massive digitisation. With improved internet connectivity, the government, the private stakeholders and even individuals

Breaking down the cyber amendments to the House defense policy bill (The Record by Recorded Future) House lawmakers have filed an eye-popping 1,144 amendments to the chamber’s annual defense policy bill, including nearly two dozen cyber-related proposals.

Justice Department identifies disrupting ransomware and cyberattacks as key objective in new strategic plan (FedScoop) The Department of Justice said Friday that it will make disrupting ransomware attacks and prosecuting cybercriminals a key objective as part of a new strategic plan. In a statement, the department said it intends to beef up its cybersecurity technological capabilities and to more aggressively pursue those who put U.S. government information or assets at […]

Pentagon ‘endorses’ reciprocity for CMMC, FedRAMP requirements (Federal News Network) DoD still needs to iron out the details for how it will streamline overlapping cybersecurity requirements.

How the US DHS develops hard-to-find cybersecurity skills (CSO Online) The Department of Homeland Security's Amanda Conley tells how she finds and uplevels specialized and expensive cybersecurity talent on a government budget.

FCC taps GSA’s Hill to be new CIO (Federal News Network) Allen Hill, the deputy assistant commissioner for Category Management in the Federal Acquisition Service at the General Services Administration, will take over the FCC’s lead technology role on Aug. 1.

Litigation, Investigation, and Law Enforcement

Iran TV says several foreigners, a UK diplomat, detained for alleged spying (Reuters) Iran's Revolutionary Guards have detained several foreigners, including Britain's second most senior envoy in Tehran, for alleged acts of spying such as taking soil samples in restricted areas, state television reported on Wednesday.

Draft Online Safety law requires encrypted chat CSAM scans (Register) 'It is possible to implement end-to-end crypto in a way that preserves privacy,' claims UK Home Sec

Thu, 07 Jul 2022 04:26:00 -0500 text/html
A2010-599 exam dump and training guide direct download
Training Exams List