Silicon Valley Bank (SVB) surprised investors with news that the bank needed $2.25B to correct its financial deficiencies. The news caused panic and a massive sell-off resulting in the second-biggest bank collapse in US history. Customers withdrew $42B by the end of the next day, according to a California regulatory filing, decimating the remains of the 40-year-old investment bank, and leaving SVB with a negative cash balance of $958M. The California Department of Financial Protection and Innovation closed SVB, seized remaining cash deposits, and named the FDIC as receiver. The FDIC created the Deposit Insurance National Bank of Santa Clara to hold insured deposits from SVB.
We all have become accustomed to Microsoft’s “Patch Tuesdays”, where the weekly batch of bugfixes are put out. This week, Microsoft released some big ones, releasing fixes for over 80 windows security flaws. One of the most pronounced flaws addressed in this release was CVE-2023-23397, an already-exploited critical defect in Microsoft Outlook. According to a variety of sources, this security flaw allows specially-crafted emails to exploit user credentials from Outlook (specifically the Net-NTLMv2 hash), allowing the attackers to log onto an Exchange Server as the exploited user. Most interestingly, this bug can do as soon as the email hits the Outlook client, before the user opens the sees it in the Preview Pane.
Slack is used by 100k+ organizations, including 77 of the Fortune 100 companies. Slack breaks down silos and creates an open forum for troubleshooting, sharing ideas, finding common interests, and venting. But, 12M+ daily users (and, a jaw-dropping 79M+ users expected by 2025) and rapid-fire exchange, across multiple channels, with people you have never met before, creates a cybersecurity risk rich environment. The benefit of Slack? Users relax and collaborate freely. The risk? Users don’t consider the hacking risks and may not question whether the person asking for confidential data is the authorized recipient of that information or may click on a shared article without the poster or viewer recognizing the document is infected. Obviously, it is not the fault of the platform if someone mistakenly or maliciously shares an infected document, but the risks should be recognized and minimized.
Businesses are prime targets for cybercriminals during the holiday shopping season. Think about it – most retail companies make the majority of their revenue in November and December (try to find a parking space at the mall during those months!). Hackers know this, and they also know that companies will pay off ransomware attacks during these months for exactly that reason. Historically, attempted ransomware attacks increase by roughly 30% during this time, as reported by Darktrace. If making your year’s revenue means keeping (or getting back) the operation of your point of purchase systems (for instance), paying ransomware becomes an easy choice for most businesses.
One Stop Systems, Inc. and TMGcore, Inc introduced a two-phase liquid immersion-cooled version of the OSS Rigel Edge Supercomputer at this year’s SC22. Rigel is the first edge product of its kind to use the highest-performance NVIDIA HGX™ platform
powered by NVIDIA A100 Tensor Core GPUs and the NVIDIA NVLink® GPU interconnect in place of traditional PCI Express GPUs. Rigel also has planned upgrades to the latest NVIDIA H100 Tensor Core GPUs. OSS intends to launch multiple liquid-cooled versions of Rigel two-phase immersion starting in the first quarter of 2023.
U.S. Federal Inflation Reduction Act Excludes 70% of EVs from Tax Credits
Stringent Domestic Production Requirements Give Manufacturers Little Time to Adapt
The Inflation Reduction Act reinstated US EV tax credits which were slated to expire. However, the rules that companies have to play by in order to qualify for the tax credits has changed. In order to qualify for the $7,500 tax rebate, consumer EVs must be manufactured in North America. Additionally, the percentage of rare Earth minerals that are extracted in North America for EV batteries is also a qualifier for half of the tax credit. Manufacturers must use North American minerals for at least 40% of the batteries in 2023
Joe Sullivan, a prominent security expert, spent the first eight years of his career working for the Department of Justice, first as an intern at the DOJ Miami office. He prosecuted cybercrimes for the San Francisco U.S. attorney’s office, working with Robert Mueller, then as Assistant United States Attorney at the District of Nevada in Las Vegas, and worked as Assistant US Attorney at the Northern District of California. Sullivan was the top security officer at Facebook, Uber, and Cloudflare, and a Commissioner for Obama Cyber Commission. Next, he faced his previous employer U.S. attorney’s office – this time as a defendant charged with obstruction of justice for concealing a 2016 breach of Uber customer and driver records from the Federal Trade Commission and for actively hiding a felony.
Data is predicted to grow at a 23% CAGR from now until 2025. Internet of Things (IOT) and Social Media are the two biggest growth factors contributing to this data expansion. Competition for the connected vehicle space has become crowded as Apple and Google are becoming involved in vehicle programming, alongside both established car companies and the myriad of electric automotive startup companies. These companies view the car as a smartphone on wheels, and are eager to gain a piece of the pie.
Yet despite all of this, social media is growing and connecting people from all around the world in ways which were not possible before now. Perhaps social media companies will be able to tweak their algorithms, and/or change the way that they interact with users to make the platforms healthier for everyone.
What can organizations do to improve their cybersecurity posture?
Educate all employees on security
Protecting the edge is partly about ensuring that the edge users (ie. your employees) are following cybersecurity best practices. These include:
Ensuring that all passwords are durable and changed routinely
Using password screen-locking and device tracking for all mobile devices
Don’t give out personal information, usernames or passwords when asked via email
46% of cybersecurity leaders target improved security awareness training as something that they would like to invest in if they had more funds available.
82% of breaches involved the human element, including Social Attacks, Errors, and Misuse. - Verizon Data Breach Report