In December, the disclosure of the supply chain attack against SolarWinds sent shockwaves throughout federal agencies responsible for the security of US information assets. The ripple effect hit the IT community as well. Those ripples have continued into 2021, as what was already seen as a sophisticated attack on the IT supply chain has taken additional twists. New evidence points to attackers using well-established methods to gain initial access the old-fashioned way, through on-premises Active Directory (AD).
Compromising the SolarWinds build environment and sending Trojanized versions of updates for the Orion Platform is the best-known tactic believed to have been used by the threat group behind the attacks. According to the Cybersecurity and Infrastructure Security Agency (CISA), the threat actor was observed compromising or bypassing federated identity solutions and leveraging forged authentication tokens to move laterally to Microsoft cloud environments. From there, the threat
News
Central Bank of Bahrain to launch eKYC for financial institutions Wednesday 3 February 2021 13:26 CET | News The Central Bank of Bahrain (CBB) announced the launch of eKYC by financial institutions in the Kingdom as part of its initiatives for digital transformation in the sector.
The national eKYC platform is operated by BENEFIT in collaboration with the Information and eGovernment Authority (IGA) and under the supervision of the CBB. The platform provides a national digital identity database for financial institutions to securely verify the identities of their customers, validate their information and share data digitally before providing products and services. This includes retrieval of customer data from governmental entities including IGA.
Programming in the pandemic - Perforce: In open source, ‘crowd’ is a positive Latest Blog Posts Related Content
UK government offers ‘inadequate’ response to broadband concerns
How Aberdeenshire Council is using Cherwell’s ITSM platform Download Current Issue
The Computer Weekly Developer Network examines the impact of Covid-19 (Coronavirus) on the software application development community.
With only a proportion of developers classified as key workers (where their responsibilities perhaps included the operations-side of keeping mission-critical and life-critical systems up and online), the majority of programmers will have been forced to work remotely, often in solitude.
So how have the fallout effects of this played out?
Moving from the Lab to the Mainstream - Microsoft s Machine-Learning Tool
Image Credit: Microsoft
Reinforced Learning systems are ready to make the jump from the research bench to real-world applications.
Wondering why you are still seeing advertisements for holidays in your browser during a global pandemic? It s because most companies that place ads generally use traditional Machine Learning (ML) models that make predictions based on past behaviors. Thus, when the temperature drops, these models suggest a trip to some far-flung destination, because that has worked in the past. Therefore the same ads are placed even if consumers are unlikely to be going anywhere due to lockdown restrictions.
Volvo Innovation Portal eases in-car app development
1 February 2021 4:46 pm / 0 comments
Downloading and using applications are a big part of the smartphone experience, and with Volvo already adopting Android as an operating system in its cars, it was only a matter of time before that experience would be ported over to the automotive world. The Swedish carmaker has launched an Innovation Portal to help third-party developers create apps for its vehicles, enabling increased functionality and personalisation.
The portal provides free resources and tools for the budding app maker, including an emulator for the Android Automotive Operating System and its associated Google apps. This enables users to recreate Volvo’s interface on their own computers, making it easier for them to design, develop, test and publish apps directly to the car’s Google Play store.