Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Google Cloud. Show all posts
OpenAI
AI Chatbot Artificial Intelligence Cyber Security Google Google Assistant Google Cloud Large Language Model OpenAI

Google Launches Next-Gen Large Language Model, PaLM 2

Google has launched its latest large language model, PaLM 2, in a bid to regain its position as a leader in artificial intelligence. PaLM 2 is an advanced language model that can understand the nuances of human language and generate responses that are both accurate and natural-sounding.

The new model is based on a transformer architecture, which is a type of deep learning neural network that excels at understanding the relationships between words and phrases in a language. PaLM 2 is trained on a massive dataset of language, which enables it to learn from a diverse range of sources and improve its accuracy and comprehension over time.

PaLM 2 has several features that set it apart from previous language models. One of these is its ability to learn from multiple sources simultaneously, which allows it to understand a broader range of language than previous models. It can also generate more diverse and natural-sounding responses, making it ideal for applications such as chatbots and virtual assistants.

Google has already begun using PaLM 2 in its products and services, such as Google Search and Google Assistant. The model has also been made available to developers through Google Cloud AI, allowing them to build more advanced applications and services that can understand and respond to human language more accurately.

The launch of PaLM 2 is significant for Google, as it comes at a time when the company is facing increased competition from other tech giants such as Microsoft and OpenAI. Both of these companies have recently launched large language models of their own, which are also based on transformer architectures.

Google hopes that PaLM 2 will help it to regain its position as a leader in AI research and development. The company has invested heavily in machine learning and natural language processing over the years, and PaLM 2 is a testament to its ongoing commitment to these fields.

In conclusion, Google's PaLM 2 is an advanced language model that has the potential to revolutionize the way we interact with technology. Its ability to understand and respond to human language more accurately and naturally is a significant step forward in the development of AI, and it will be exciting to see how developers and businesses leverage this technology to build more advanced applications and services.


Read more »
Microsoft
CISA Cloud Services Cyber Security Cyberattacks Google Cloud Microsoft

Cybersecurity and the Cloud in Modern Times

 


Due to the advent of remote work, most companies - even those in heritage industries - have had to adopt SaaS (software as a service) and other cloud tools to remain competitive and agile in the market. Several modern cloud-based platforms, including Zoom, Slack, and Salesforce have become critical to the effective collaboration of knowledge workers from their homes, which will allow them to work more efficiently. In the last few years, public cloud hosting providers like Amazon Web Services, Microsoft Azure, and Google Cloud have seen phenomenal growth and success. This is a consequence of this tailwind. As per Gartner's predictions, by 2022, $178 billion will be spent on cloud providers, up from $141 billion in 2021. 

The shift to the cloud has led to lots of challenges when it comes to cybersecurity, although public cloud providers have made it easy to use modern software tools. Cloud-first security represents a paradigm shift from traditional, on-premise security in the modern day. Before this change, customers had complete control over their environments and security. They hosted their applications in their own data centers and were responsible for controlling the environment. Customers operated their network in a "walled castle" - where they controlled and secured the network and applications themselves. 

Nevertheless, when customers consume public cloud services, they are obligated to share responsibility for security with the cloud service providers as a shared responsibility. 

If your company stores data in a cloud data center provided by Amazon Web Services, you will be responsible for configuring and managing your cybersecurity policies. This is part of your compliance program. The customer is responsible for monitoring security breaches regardless of whether they have complete control over the data in the Amazon Web Services data center. As a result, when customers adopt public clouds, they no longer have full control over their security in terms of what they do with their data. A major barrier to adopting the cloud is concern about security, which is often among the most common. 

In addition, it is more difficult to secure cloud environments than traditional environments. As a result of today's cloud computing architecture, many cloud service providers utilize what is known as microservices, a design that allows each component of an application (for example, a search bar, a recommendation page, a billing page, etc.) to be created independently. On-premise systems can support as many as ten times the amount of workloads (for example, virtual machines, servers, containers, microservices) that the cloud can support. As a result of this fragmentation and complexity, there is a tendency for access control issues to develop, as well as a higher chance of developer errors - such as leaving a sensitive password in an AWS database. This information can be exposed to the public. Simply put, there is a wider and more complex attack surface area in the cloud than there is in local computing environments. 

Embrace the cloud-first era of cybersecurity

There are not just complexities associated with the cloud, but there has also been an inversion from a top-down to a bottom-up sales model, leading to security buying decisions being made not by CISOs or CISMs, but rather by developers (Chief Information and Security Officers). 

Two reasons have contributed to this happening. Due to the cloud, applications can be developed more efficiently. Therefore, the importance of cybersecurity has become a part of the development process rather than just an afterthought in the past few years. Responsibility for creating code and product releases was traditionally assigned to developers, while the team that works with the CISO is in charge of the cybersecurity aspect. As a result, the responsibilities of each party were split. It has become so easy to update code or to release product updates every day or every week in modern companies due to the cloud. This has made it much easier for them to do so. It's common nowadays for our favorite apps to update themselves frequently. For instance Netflix, Amazon, and Uber, but not so long ago, this wasn't the norm. We had to manually patch them to get them to run smoothly. With the increased frequency of deploying revised code, cybersecurity has become a problem that developers now have to care about because of the increased frequency of application development. 

In the second place, the early adopters and the power users of the cloud are primarily digital start-ups and medium-sized businesses, which are more decentralized in their decision-making processes. Traditionally, CISOs at large enterprises have played an active role in making security decisions about the organization. A CISO, acting as the chief executive officer of the company, makes purchasing decisions on behalf of the rest of the organization. This was after rigorous proof of concept, negotiation, and cost-benefit processes. The different techniques used by start-ups and mid-scale customers to make security buying decisions are very different, and many often, they leave security decision-making to their developer team. 

As a result of this revolutionary top-down sales model, cybersecurity software is about to be built and sold in a completely different way. Developing a sales model that is suitable for developers is different from one designed for CISOs. There is no doubt that developers prefer self-serve features - they often like to try and offer their products to their customers before they have to purchase them. To achieve this goal, we need to build a self-serve and freemium sales model, so we can attract a large number of inbound, free users at the top of the funnel and build a customer base around them. In comparison with the traditional sales model used by security incumbents, this model is completely different, as the incumbents have hired huge sales teams that are responsible for outbound selling large deals to their CIOs in a sales-led approach.
Read more »
Technology
Cloud Security GCP Google Cloud Mainframe Real-Time testing Software Technology

Mainframes are Still Used in 9 Out of 10 Banks, Google Cloud Wishes to Mitigate

 



It has been announced that Google Cloud is introducing a simpler, more risk-averse way for enterprises to migrate their legacy mainframe estates to the cloud. Google Cloud's newly launched service is based on technology originally developed by Banco Santander and aims to simplify planning and execution.

As a result, customers can perform real-time testing before they transition to Google Cloud Platform as their primary system to ensure their cloud workloads are performing as expected, running securely, and meeting regulatory compliance requirements – without stopping their application or negatively impacting user experience.

In his interview with Protocol on Tuesday, Nirav Mehta told: "This is a simple concept, but it is difficult to implement - hasn't been done yet," Nirav Mehta, Google Cloud's senior director of product management for cloud infrastructure solutions and growth, said. As compared to moving mainframe applications to the cloud, this solution will substantially reduce the risk associated with doing so." 

A parallel instance of mainframe workloads is created by using virtual machines on the Google Cloud Platform (GCP) through Dual Run. As Mehta describes, a launcher/splitter is an architecture consisting of the necessary mechanisms to duplicate activity - and return the "primary" response of the system - at each interface that drives the incoming requests or triggers the scheduled workload and can handle both.

A dashboard that displays real-time monitoring shows the differences in transaction responses between the mainframe and GCP deployments that are displayed on the dashboard. The single output hub also ensures that there is a single point of contact during the roll-out period for all batch information that needs to be sent out and collected.

Once the customers are comfortable with the use of their mainframes as backups, they can retire their mainframes or use them as storage.

As long as your mainframe is the primary system that handles customer requests, it should remain the system of choice for quite some time to come. You can consider the cloud instance as nothing more than a secondary system. This will also run the same requests as the regular system, Mehta explained. As part of your monitoring process, you maintain a record of the responses coming back from both the mainframe and Google Cloud. This is to determine whether the Google Cloud instance is working equally well as the mainframe. Then at some point, you switch over to using Google Cloud as your primary source of data and the mainframe as your secondary source of data.

The Dual Run device, which is currently in the preview stage, was developed for a wide range of industries, including the financial services, health care, manufacturing, and retail industries, and the public sector as well. Approximately 90% of North America's biggest banks still use mainframes, according to Mehta, while 23 of the 25 largest U.S. retailers use mainframes as well.

"All of these companies are looking to modernize their old mainframe applications and take them to the cloud to maximize security, scalability, and cost efficiency," he said. However, because these systems are so mission-critical - and mainframes are especially unique in this regard since they've been around for so long and contain so much legacy technology - they perceive a lot of risks, so they do not bring them to the cloud."

In May, Banco Santander, a Google Cloud customer, published a report about the progress it has made in digitizing its core banking platform. It said that 80% of its IT infrastructure had been moved to the cloud using software developed in-house called Gravity, to automate the process. The technology is an exclusive license that Google Cloud has acquired, and its engineers have been working with Santander during the past six months to optimize the technology to make it more suitable for end-to-end mainframe migrations for customers in a wide variety of industries. 

Mehta explained that they only had a very limited use case for the software. The relevance of the solution to any mainframe customer has been elevated to a substantial extent thanks to the changes we have made. This is a huge deal for anyone running mainframes because it allows them to access data remotely.
Read more »
URL
API Cyber Security Google Cloud Security Researchers SSRF URL

A URL Parsing Bug Left an Internal Google Cloud Project Open to SSRF Attacks

 

According to security researcher David Schütz, a URL parsing flaw exposed an internal Google Cloud project to server-side request forgery (SSRF) attacks. The bug, which Schütz detailed in a video and blog post, might have allowed an attacker to gain access to sensitive resources and perhaps launch harmful code.

Server-side request forgery is a web security flaw that allows an attacker to force a server-side application to send HTTP requests to any domain the attacker chooses. The attacker may cause the server to connect to internal-only services within the organization's infrastructure in a conventional SSRF attack. They may also be able to force the server to connect to arbitrary external systems, exposing sensitive data such as authorization credentials. 

Unauthorized activities or access to data within the company can often arise from a successful SSRF attack, either in the vulnerable application itself or on other back-end systems with which the programme can interface. The SSRF vulnerability could allow an attacker to execute arbitrary commands in some circumstances. An SSRF vulnerability that establishes connections with external third-party systems could lead to malicious attacks that appear to come from the company that hosts the vulnerable application. 

While researching Discovery Documents, data structures that give specifications for Google API services, Schütz discovered the problem. While looking through the Discovery Documents, Schütz came upon an intriguing service named Jobs API, which had the appearance of being an internal service. The Jobs API led him to an application on the Google App Engine that acted as a proxy, allowing him to access the API through Google's public product marketing pages. The proxy acted as an intermediate between the user and the API, which meant it had an access token that could be used to launch SSRF attacks. 

Request URLs were run via a whitelist to restrict access to internal Google resources. Schütz, however, was able to fool the URL parser and bypass the whitelist, allowing him to send requests to any server he wanted. This allowed him to send requests from the proxy app to a Google Cloud VPS server. The request revealed the proxy app's access token, which he could then use to send requests to other Google Cloud projects.

“This issue feels like an industry-wide problem since different applications are parsing URLs based on different specifications,” Schütz said. “After disclosing the initial issue in the Google JS library, I have already seen this getting fixed in products from different companies as well. Even though, this issue still keeps popping up even at Google. This SSRF is a great example of it.”
Read more »
Phishing emails
Cyber Attacks Google Google Cloud Microsoft Phishing emails

Cyber Attackers Hijacked Google and Microsoft Services for Malicious Phishing Emails

 

Over recent months, the cybersecurity industry has seen a huge increase in malicious attackers exploiting the networks of Microsoft and Google to host and deliver threats through Office 365 and Azure. 

The actors who are at risk are quickly moving towards cloud-based business services during the pandemic by concealing themselves behind omnipresent, trustworthy services from Microsoft and Google to make their email phishing scams appear legitimate; and it works. 

In particular, during the first three months of the year 2021, researchers discovered that 7 million malicious e-mails were sent from Microsoft's 365, and also that 45 million were transported from Google's network. The Proofpoint team said that cyber-criminals had been able to send phishing e-mails and host attacks with Office 365, Azure, OneDrive, SharePoint, G-Suite, and Firebase. 

“The malicious message volume from these trusted cloud services exceeded that of any botnet in 2020, and the trusted reputation of these domains, including outlook.com and sharepoint.com, increases the difficulty of detection for defenders,” the report, issued on Wednesday, explained. “This authenticity perception is essential, as email recently regained its status as the top vector for ransomware; and threat actors increasingly leverage the supply chain and partner ecosystem to compromise accounts, steal credentials and siphon funds.” 

Proofpoint estimated that 95% of cloud account organizations had been attacked, and more than half of them succeeded. Additionally, more than 30% of those organizations were compromised. 

Once attackers have access to passwords, they can easily enter or exit several services and send out more, persuasive phishing emails. 

Proofpoint offered many examples of projects behind Microsoft and Google that tried to scam users to give up or deliver their details. 

Attackers exploited Gmail to host another operation throughout March, that provided them with the message of the fake benefits together with a Microsoft Excel attachment, that delivered The Trick Bank Trojan to steal credentials whenever macros were activated. 

Another Gmail-hosted February attack seeks to persuade users to use their passwords for accessing zip-on MS Word documents. Upon opening, Xorist ransomware has been delivered. 

The use of Gmail and Microsoft by attackers to give their emails a patina of credibility is part of a broader trend: threats are developing increasingly persuasive appeals. 

“Our research demonstrates that attackers are using both Microsoft and Google infrastructure to disseminate malicious messages and target people, as they leverage popular cloud-collaboration tools,” the Proofpoint report added. “When coupled with heightened ransomware, supply chain, and cloud account compromise, advanced people-centric email protection must remain a top priority for security leaders.”
Read more »
Subscribe to: Posts (Atom)