Tag Archives: While

Italian company implicated in GuLoader malware attacks

While tracking a new security threat known as “GuLoader,” researchers at Check Point Software Technologies discovered more than just a malicious software installer.

GuLoader has been on the radar of a number of security vendors this year. According to a new report this week, Check Point Research said the installer or network dropper “has been very actively distributed in 2020 and is used to deliver malware with the help of cloud services such as Google Drive,” with hundreds of attacks using GuLoader being observed every day.

An investigation into GuLoader led the security vendor to the website of an Italian security software company which offered a product called CloudEye. While their operations and clearnet website appeared to be legitimate, providing software to protect Windows applications, they actually sell a product comparable to GuLoader and undetectable to antivirus software, according to Check Point.

In its report titled “GuLoader? No, CloudEye,” Check Point estimates the Italian company makes a monthly income of $500,000 from sales to cybercriminals. And, according to Maya Levine, Check Point’s technical marketing engineer for cloud security, it’s been a legally registered Italian company operating a publicly available website for years. This form of sales is unusual because attackers commonly do their business on the dark web, Levine said. Though they aren’t hiding on the dark web, finding CloudEye wasn’t a simple process.

“While monitoring GuLoader we repeatedly encountered samples that our systems detected as GuLoader, but they didn’t have the URL in it for downloading the payload,” Levine said. “When we looked at it manually and analyzed it, we found the payload is embedded in the sample itself. It was slightly different than GuLoader — it was something called DarkEye.”

The Italian company offering CloudEye previously sold the product as DarkEye Protector, which Check Point researchers connected to the GuLoader malware dropper.

After a search for DarkEye on the dark web, Check Point researchers found multiple advertisements that described it as a cryptor that could be used with a variety of malware that would make it fully undetectable for antivirus. A closer look at who posted the advertisements led to a website whose URL was mentioned in the ads.

[CloudEye] pretended to be legitimate and aboveboard, but they are selling basically the same thing as GuLoader.
Maya LevineTechnical marketing engineer for cloud security, Check Point Software Technologies

“It was connected to DarkEye but it was selling a product they called CloudEye. They pretended to be legitimate and aboveboard, but they are selling basically the same thing as GuLoader,” Levine said. “When we looked at the sample from CloudEye and the same we had for GuLoader, we found it almost identical. The only difference came from code randomization techniques but the actual important information in the code, the import functions, were all identical.” 

Check Point’s report cited CloudEye’s website, which states “DarkEye evolved into CloudEye! Next generation of Windows executables’ protection!” Earlier versions of the website on the Internet Archive’s Wayback Machine show the company was previously called DarkEye.

Not only did Check Point find CloudEye was offering a commodity downloader strikingly similar to GuLoader, it also provided video tutorials on its website of how to use it.

“Basically what they’re selling is the ability to bypass cloud drive antivirus checking because Google and all those [cloud services] don’t allow you to upload malware. What they’re selling uses techniques to avoid being detected by a lot of these security products,” Levine said.

CloudEye and cloud-based attacks

A new trend is what jumpstarted Check Point’s inquiry into GuLoader initially. Earlier this year, the security vendor determined that the delivery of malware through cloud drives is one of the fastest-growing trends of 2020. Research into the trend led to the discovery of GuLoader, which has become very prevalent in the threat landscape, Levine said. According to Levine, up to 25% of all packed malware samples are GuLoader.

“We looked at how these attacks usually work. Usually there’s a dropper that’s sent in the form of an email, spam emails, that have an embedded attachment. An ISO file has the malicious executable then that dropper will download the malicious payload from a well-known cloud service and execute it,” Levine said.

Email security vendor Proofpoint has also been tracking GuLoader. Researchers first observed it being used in December 2019 to deliver Parallax RAT and began looking into the malware in conjunction with that research. Sherrod DeGrippo, senior director of threat research and detection at Proofpoint, says GuLoader is interesting for three reasons.

“First, it’s written in Visual Basic 6.0, a version of Visual Basic Microsoft stopped supporting in 2008. Second, we found that while it was new, it was being adopted very quickly by multiple threat actors. Third, it stores its encrypted payloads on Google Drive or Microsoft OneDrive, showing that threat actors are leveraging the cloud just like businesses are,” DeGrippo said.

One reason attackers are turning to this method of malware delivery is the fact that it can fool a lot of humans and a lot of firewalls, Levine said. 

“If humans look at the network activity and all they see is Google Drive, they’ll probably dismiss that activity as legitimate even though it’s contacting Google Drive to download something malicious,” Levine said. “Same thing with firewalls, because the antivirus signatures aren’t always distributed on a daily basis; sometimes it’s a weekly basis so there’s a lag these kind of attacks could take advantage of.”

Evasion and disguises

Hiding under a legitimate front isn’t the only sneaky part of the CloudEye dropper.

“There’s a spam email with an embedded attachment; usually it’s an ISO file with the malicious executable, and then they disguise the payload as a picture. The key here is that it’s encrypted while it’s in cloud storage; it only gets decrypted on the victim’s machine,” Levine said. “And what that does is make it so the cloud host can’t really kick off the malicious payload because it’s decrypted while it’s on their servers, so they don’t really know what it is.”

The image file may appear as a jury summons, for example. Once it’s opened and the dropper is activated, it fetches the malware payload and only stores it in memory, Levine said.

While there is some technology like sandboxing that will detect these malicious droppers, Levine said CloudEye has been a common denominator in thousands of attacks over the past year.

While this instance of threat actors standing up a “fake” company is not very common, Check Point’s head of cyber research Yaniv Balmas says it is not the first case in which a cybercrime tool was sold publicly on the internet.

“In most cases it is very difficult to link the tool to a specific company, or to a specific person. In this case however it seems the amount of connections we found linking this site to the ‘real world’ were significant. This might mean the owners are not concerned from being exposed, as they probably believe the ‘legitimacy cover’ is providing them with the required legal umbrella allowing them to continue their actions even if it will be brought to the public eye,” Balmas said. “The sad fact is they may be right.”

SearchSecurity contacted CloudEye for comment but the company has not responded. Attempts by Check Point to reach CloudEye were also unsuccessful.

CloudEye’s website was updated Wednesday with a statement from Sebastiano Dragna and Ivano Mancini, who were named in the Check Point report:

“We learned from the press that unsuspecting users would use our platform to perpetrate abuses of all kinds. Our protection software was created and developed to protect intellectual works from the abuse of hackers and their affiliates, not to sow malware around the network. Although we are not sure that what is reported by the media is true, we believe it appropriate to suspend our service indefinitely. We are two young entrepreneurs, passionate about IT security and our goal is to enrich the scientific community with our services, not to allow a distorted use of our intellectual work. We thank all our customers, who have legally used our services since 2015. Customers will be reimbursed for purchased and unused license days. For more information contact us by e-mail [email protected], you will receive an answer within 24 hours.”

Go to Original Article

Maze ransomware builds ‘cartel’ with other threat groups

While operators behind Maze ransomware have been exposing victims’ data through a public-facing website since November 2019, new information suggests ransomware gangs are now teaming up to share resources and extort their victims.

On June 5, information and files for an international architectural firm was posted to Maze’s data leak site; however, the data wasn’t stolen in a Maze ransomware attack. It came from another ransomware operation known as LockBit.

Bleeping Computer first reported the story and later received confirmation from the Maze operators that they are working with LockBit and allowed the group to share victim data on Maze’s “news site.” Maze operators also stated that another ransomware operation would be featured on the news site in the coming days.

Three days later, Maze added the data for a victim of another competing ransomware group named Ragnar Locker. The post on Maze’s website references “Maze Cartel provided by Ragnar.”

Maze operators were the first to popularize the tactic of stealing data and combining traditional extortion with the deployment of ransomware. Not only do they exfiltrate victims’ data, but they created the public-facing website to pressure victims into paying the ransom.

Data exposure along with victim shaming is a growing trend, according to Brian Hussey, Trustwave’s vice president of cyber threat detection & response. Threat actors exfiltrate all corporate data prior to encrypting it and then initiate a slow release of the data to the public, he said.

“Certainly, we’ve seen an increase in the threat — the actual carrying out of the threat not as much from what I’ve seen,” Hussey said. “But a lot of times, it does incentivize the victim to pay more often.”

Maze ransomware cartel
A recent posting on the Maze ransomware site shows victim data stolen by Ragnar Locker threat actors and refers to the ‘Maze Cartel.’

There are dozens of victims listed by name on the Maze site, but only 10 “full dump” postings for the group’s ransomware victims; the implication is most organizations struck by Maze have paid the ransom demand in order to prevent the publication of their confidential data.

Rapid7 principal security researcher Wade Woolwine has also observed an increase in these shaming tactics. Both Woolwine and Hussey believe the shift in tactics for ransomware groups is a response to organizations investing more time and effort into backups.

“My impression is that few victims were paying the ransom because organizations have stepped up their ability to recover infected assets and restore data from backups quickly in response to ransomware,” Woolwine said in an email to SearchSecurity.

One of the primary things Trustwave advises as a managed security services provider, is to have intelligent, well-designed backup procedures, Hussey said.

“These new tactics are a response to companies that are mitigating ransomware risk by properly applying the backups. It has been effective. A lot of companies invested in backup solutions and design backup solutions to kind of protect from this ongoing scourge of ransomware. Now the response is even with backup data, if threat actors exfiltrate first and then threaten to release the private information, this is a new element of the threat,” Hussey said.

When threat actors make it past the perimeter to the endpoint and have access to the data, it makes sense to steal it as further incentive for organizations to pay to unencrypt the data, Woolwine said. And the threat actors pay particular attention to the most sensitive types of data inside a corporate network.

“Initially, we were seeing exploit kits like Cobalt Strike used by the attackers to look for specific files of interest manually. I say ‘look,’ but the Windows search function, especially if the endpoint is connected to a corporate file server, is largely sufficient to identify documents that say things like ‘NDA,’ ‘contract’ and ‘confidential,” Woolwine said. “More recently, we’ve seen these searches scripted so they can execute more quickly.”

According to Woolwine, phishing and drive-by continue to be preferred vectors of delivery for most ransomware attacks, but those techniques are shifting too.

“We also see attackers target specific internet-facing systems that have been unpatched, as well as targeting RDP servers with brute-force authentication attempts. In either case, once the vulnerability is exploited or the credentials guessed, the attackers will install ransomware before disconnecting,” Woolwine said. “The rise in tactics is very likely due to the shift from ransom to data exposure. It’s no longer about how many machines you can infect but infecting the machines that have access to the most data.”

Hussey said these new tactics were unexpected at the time; they are the next logical step in the ransomware progression, and he expects more threat actors to adopt them in the future.

Go to Original Article

Remote work cybersecurity a concern during pandemic

While technology has helped organizations continue operations during the COVID-19 pandemic, a recent study from NordVPN found remote work cybersecurity issues to be concerned about, considering the use of personal devices and unsecured networks.

The survey, which had 5,000 respondents, found that 62% of employees are using personal devices for remote work.

“On a personal endpoint, there is a greater risk,” said Chris Sherman, a senior analyst at Forrester Research. “Whenever you’re outside of the organization’s control, you frankly have very little control as the company IT admin or security admin over these personal devices.”

Forty-six percent of employees weren’t working remotely prior to the COVID-19 pandemic, according to a recent survey by Kaspersky of 6,017 IT professionals.

“I think there’s a lot of folks who weren’t used to working from home — like in government, healthcare, retail and manufacturing [where] there’s a little bit more of a learning curve,” said John Grady, an analyst at Enterprise Strategy Group. “I think those are industries that are not always issued a corporate machine and have to use their own device.”

Seventy-three percent of those surveyed by Kaspersky said they had no special IT awareness training when switching to full-time remote work. The Kaspersky report also found that employees are more comfortable on personal devices and are more likely to download applications that are not work-related, browse unsecure websites and click suspicious links.

“[Employees] have taken past training, so their organization does have some level of awareness training, whether that’s kind of introductory or part of onboarding are ongoing — but they’ve not had anything specific to COVID,” Grady said.

Unsecured network access affecting remote work cybersecurity

The Kaspersky survey also found that just 53% of respondents were using a VPN to access their employer’s network while working from home. This means that nearly half were not using a secure access point to handle company content.

“It’s more important for you as security admin to take into consideration all of the different IoT devices and all of the consumer devices that may be interacting with whatever laptop or mobile device that employee is using on the same network as those IoT devices,” Sherman said. “Many endpoint security vendors offer endpoint security SaaS. The benefit here is you eliminate the hands-on server maintenance by your remote admins, who are also working from home.”

Future of remote work cybersecurity

Grady said that although there could be some security risks associated with remote work, he believes more executives will push for more flexible and remote work schedules even after the pandemic.

I think there’s a lot of folks who weren’t used to working from home — like in government, healthcare, retail and manufacturing [where] there’s a little bit more of a learning curve.
John GradyAnalyst, Enterprise Strategy Group

“Executives think there’ll be more flexibility. I think that’s positive because if the IT team is thinking like that, the kind of buzzwords coming out of this are going to be flexibility and agility,” Grady said. “That is difficult to scale, and you’re kind of locked into it. Everything’s going be more cloud focused and that is intuitive.”

It also helps companies to prepare for another pandemic or situation where most employees have to go remote. Cloud adoption is seeing more interest because of the uptick in remote work.

“I think over time when people go back into the office, there has to be that contingency plan in place so that if you do have to suddenly shift 80% of your workforce to remote you won’t run into that kind of first phase that we went through in the end of March and beginning of April, where you’re trying to just get people access to what they need and forgetting about security,” Grady said.

NordVPN’s study also found that remote workers were spending three hours more online than when working in offices. This brought up the average workday to just shy of 11 hours. The 35.5% increase is just in the U.S., but NordVPN found that the workday had increased for workers internationally as well.

Go to Original Article

AI COVID-19 tech bolsters social distancing, supply chains

While we’ve had many pandemics in the past, none have been so life-changing as the struggle against the latest novel coronavirus, COVID-19. The impacts of the pandemic have significant economic and public health consequences — including widespread effects on education, e-commerce and global supply chains.

With the world’s attention on this virus, artificial intelligence researchers, companies and solution providers of all sorts are looking to apply AI and machine learning to the vast range of challenges that the world faces. Many companies are applying AI capabilities to medical and health needs, while others are applying AI to the ongoing challenges faced in the economy. AI-based COVID-19 solutions are bolstering industries to provide healthcare, enterprise communication and ensure social distancing.

AI helping keep people safe and distant

At this moment, there is no vaccine to combat the COVID-19 virus; the primary way to get control over the spread of the virus is through mitigation and suppression. The most effective treatment so far has been to practice self-isolation and to avoid crowded areas through social distancing. In the case of being tested positive, patients are told to quarantine themselves if they are showing manageable symptoms.

U.S.-based Athena Security is repurposing its security-based imaging solution to the healthcare field by analyzing thermal imagery to detect and track potentially sick patients. The company uses thermal imaging combined with algorithms that analyze the body temperatures of people to flag potentially sick individuals traveling in high traffic areas such as airports, stadiums, train stations and other locations.

Other regions have taken much more intrusive — some might say draconian — measures in monitoring and policing communities. Among the solutions employed by China were a surveillance system that used facial recognition and temperature detection for the identification of people who may have a fever. This technology was combined with mobile device tracking data and other information to not only spot those who were potentially sick, but match to facial records databases and indicate everyone who they might have potentially infected. In the Sichuan province, officials used AI-powered smart helmets that could identify people with a fever.

Using data analytics and big data, the Chinese government instigated a program whereby they monitored the risk each individual had of contracting the disease. This identification could be made based on the individual’s travel history, time spent in virus hot spots and exposure to people who had already contracted the disease. Based on this, the government assigned codes like red, yellow or green to indicate whether individuals are put in quarantine or advised self-isolation. Across China, drones are also used with thermal imaging to track infected patients, as well as to patrol public spaces for curfew compliance. This social tracking approach will probably become more commonplace as countries look to be more forceful and proactive in keeping infected people home and preventing the spread of disease.

How AI is assisting the fight against COVID-19
AI-based technology is assisting diagnosis, detection, supply chains and telemedicine.

Handling the wave of healthcare and employment claims

When a pandemic hits, no aspect of the global economy is untouched. Health insurance providers and healthcare officials are backlogged by numerous cases of claims that they must process immediately. Likewise, the growing unemployment caused by work closures is resulting in an exponential increase in jobless claim filings. A lot of resources are needed to verify these claims, process them and provide benefits. Furthermore, with government staff themselves working from home and away from internal governmental systems, many of those needed benefits are stuck behind process bottlenecks that require human intervention.

RPA and more cognitive process automation tools that utilize the power of natural language processing for document handling, and more nimble solutions that can dynamically adjust to process changes are being applied to help move claims forward, while minimizing human workload. While RPA adoption has been moving at a fast pace over the past few years, it is expected that the global pandemic and work-from-home requirements will give cognitive automation even more of a push this year.

The growth of video conferencing and chatbots

Likewise, the shift to work-from-home and home education has skyrocketed the demand for online conferencing and education platforms. This has in turn skyrocketed the consumption of the internet and is taxing global broadband providers. While internet providers work to adjust to the new normal of stay-at-home workers, the growth in online platforms is presenting additional opportunities enabled by AI.

As an increasing number of employees work from home, the load on their organization’s IT service desks are likewise increasing. Getting employees functional at home is vital to the running of the organization, but this is challenged by the fact that many IT service and operations staff are also working from home. As a result, companies are employing AI-based self-service solutions that can address common and critical IT service needs and resolve them autonomously without human interaction. These intelligent systems can provide step-by-step instructions from IT knowledge bases and the AI-backed digital assistants can help solve these queries freeing up IT for more complex cases.

Routine healthcare has been disrupted by the closure of many traditional doctors’ offices, while hospitals must deal with more urgent needs for COVID-19 patients. As such, there’s been an increased demand in telemedicine and health-based chatbots that can address a wide range of health concerns. Using these chatbots and intelligent assistants, less face-to-face interaction is needed between patients and medical staff, thereby reducing risks to these individuals. These tools are helping to reduce the overwhelming number of patients that hospitals and medical personnel may face. By employing bots and conversational AI tools it can help assess people with symptoms and address health needs without necessarily requiring an in-person doctor visit. Now, patients that can be managed at home will be advised to stay at home and free up vital resources for more severe cases.

One example of where we are seeing this in action is the Healthcare Bot service by Microsoft that uses AI-enabled chatbots to provide healthcare advice and some telemedicine capabilities. The system uses a natural conversation experience to impart personal health-related information and the government’s protocols on dealing with the pandemic.

AI and the supply chain

The demand for online commerce has increased tremendously as people shelter in place. The normal supply routes and logistical supplies suffer as a result of unprecedented lockdowns, closure of nonessential services and even curfews in extreme conditions. One way to address these restrictions is to use technology and robotics driven by AI for the safe provision of supplies, medical drugs and food supplies to those in lockdown.

Terra Drone is providing these services especially in the transportation of high-risk quarantined material and medical samples to and from these sites to Xinchang County’s disease control center. This considerably reduces the risk of medical personnel getting harmed by infected people or quarantined stuff. Other companies are utilizing AI to help speed up their logistics and warehouse functions and deliver goods reliably and safely with little disruption to the status quo.

AI seeking cures and treatments

The White House Office of Science and Technology Policy has urged researchers to employ AI to find solutions to issues relating to COVID-19. The U.S. Centers for Disease Control and Prevention (CDC) and World Health Organization (WHO) have likewise asked AI researchers to assist in vaccine research to combat the virus. There are almost 29,000 research documents that need to be analyzed and scrutinized to find information about the novel coronavirus. Computers can extract the required information much faster than humans. To meet this challenge, a Kaggle competition called “CORD-19” was developed to generate potential solutions from interdisciplinary fields to provide input to the available data set as part of this challenge.

One of the most potent capabilities of machine learning is its ability to find patterns in big data. As such, researchers are applying AI in the discovery of potential vaccines and effective treatments. Google subsidiary DeepMind, known for its AlphaZero and research into artificial general intelligence, recently put efforts to find a vaccine through the sequencing of six protein structures linked to COVID-19. Usually, research into vaccines can take a significant amount of time, but using significant GPU-based horsepower and powerful algorithms that can make sense of tremendous amounts of big data, new vaccines could be developed faster using this AI approach.

Companies of all sizes, including startups, are jumping in to help. In February 2020, British startup BenevolentAI published two articles that identified approved drugs that could potentially be used to target and block the viral replication of COVID-19. The AI system mined a large quantity of medical records and identified the patterns and signals which could imply potential solutions. Their system identified a total of six compounds that could block the cellular pathways that allow the virus to replicate. The company is reaching out to potential manufacturers of the identified drugs to pursue clinical trials that can test their efficacy.

Likewise, Insilico Medicine is also applying AI techniques to find a vaccine for COVID-19 and similar viruses. In February 2020, the company generated an extensive list of molecules that could bind a specific protein of the COVID-19 virus. Using their AI-based drug discovery platform utilizing deep learning, the company filtered the potential list of molecules down to just a hundred. They then seek to test seven molecules, which could be put on trial by medical labs for viability as a suitable vaccine for COVID-19.

Other startups such as Gero Pte. Ltd., based in Singapore, are using AI to spot potential anti-COVID-19 compounds that have previously been tested in humans. Using machine learning and AI-based pattern matching, the company identified medicines such as the generic agents niclosamide, used for parasite infections, and nitazoxanide, an antiparasitic and antiviral medicine, that could slow the new virus’s replication.

Applying AI to diagnosis and detection

A study published in the journal Radiology wrote that artificial intelligence-based deep learning models can accurately detect COVID-19 and differentiate it from forms of community-acquired pneumonia. The model, which is called the COVID-19 detection neural network (COVNet), extracts visual features from 4,356 computed tomography (CT) exams from 3,322 patients for the detection of COVID-19. To make the model more robust, community-acquired pneumonia (CAP) and non-pneumonia CT exams were included.

With COVID-19 first spreading like wildfire through China, Chinese companies hurried to provide innovative solutions to tackle the problem. Infervision introduced an AI-based solution that uses a machine learning model to increase the speed of medical image analysis and assist with the diagnosis of COVID-19 in patients. The use of AI-enhanced medical imaging reduces time needed to get positive results and can handle the large number of cases that need diagnosis at great speed and efficiency. As a result, hospitals and labs with scarce resources can quickly screen suspected COVID-19 patients and expedite treatment.

In addition to analyzing radiology imagery, AI systems can handle a range of other health-related data and diagnostics. A recent study presented by researchers at the University of Massachusetts Amherst aims to predict illness based on cough patterns. Other AI systems are listening to coughs and can potentially indicate patients who have the coronavirus from other patients who might have coughs originating from other illnesses. The combination of inputs from thermal images and audio input by microphones can assist clinics and other locations in identifying and segregating sick patients.

As can be seen above, the impacts of a global pandemic are widespread, impacting almost every corner of our society and economy. AI is being applied in a widespread manner as well, handling everything from the treatment and prevention of the virus to dealing with the impacts of the pandemic across the ecosystem. No doubt this is AI’s moment to shine and show how it can add transformational value across the globe.

Go to Original Article

SMBs struggle with data utilization, analytics

While analytics have become a staple of large enterprises, many small and medium-sized businesses struggle to utilize data for growth.

Large corporations can afford to hire teams of data scientists and provide business intelligence software to employees throughout their organizations. While many SMBs collect data that could lead to better decision-making and growth, data utilization is a challenge when there isn’t enough cash in the IT budget to invest in the right people and tools.

Sensing that SMBs struggle to use data, Onepath, an IT services vendor based in Kennesaw, Ga., conducted a survey of more than 100 businesses with 100 to 500 employees to gauge their analytics capabilities for the “Onepath 2020 Trends in SMB Data Analytics Report.”

Among the most glaring discoveries, the survey revealed that 86% of the companies that invested in personnel and analytics surveyed felt they weren’t able to fully exploit their data.

Phil Moore, Onepath’s director of applications management services, recently discussed both the findings of the survey and the challenges SMBs face when trying to incorporate analytics into their decision-making process.

In Part II of this Q&A, he talks about what failure to utilize data could ultimately mean for SMBs.

What was Onepath’s motivation for conducting the survey about SMBs and their data utilization efforts?

Phil MoorePhil Moore

Phil Moore: For me, the key finding was that we had a premise, a hypothesis, and this survey helped us validate our thesis. Our thesis is that analytics has always been a deep pockets game — people want it, but it’s out of reach financially. That’s talking about the proverbial $50,000 to $200,000 analytics project… Our goal and our mission is to bring that analytics down to the SMB market. We just had to prove our thesis, and this survey proves that thesis.

It tells us that clients want it — they know about analytics and they want it.

What were some of the key findings of the survey?

Moore: Fifty-nine percent said that if they don’t have analytics, it’s going to take them longer to go to market. Fifty-six percent said it will take them longer to service their clients without analytics capabilities. Fifty-four percent, a little over half, said if they didn’t have analytics, or when they don’t have analytics, they run the risk of making a harmful business decision.

We have people trying analytics — 67% are spending $10,000 a year or more, and 75% spent at least 132 hours of labor maintaining their systems — but they’re not getting what they need.
Phil MooreDirector of applications management services, Onepath

That tells us people want it… We have people trying analytics — 67% are spending $10,000 a year or more, and 75% spent at least 132 hours of labor maintaining their systems — but they’re not getting what they need. A full 86 % said they’re underachieving when they’re taking a swing with their analytics solution.

What are the key resources these businesses lack in order to fully utilize data? Is it strictly financial or are there other things as well?

Moore: We weren’t surprised, but what we hadn’t thought about is that the SMB market just doesn’t have the in-house skills. One in five said they just don’t have the people in the company to create the systems.

Might new technologies help SMBs eventually exploit data to its full extent?

Moore: The technologies have emerged and have matured, and one of the biggest things in the technology arena that helps bring the price down, or make it more available, is simply moving to the cloud. An on-premises analytics solution requires hardware, and it’s just an expensive footprint to get off the ground. But with Microsoft and their Azure Cloud and their Office 365, or their Azure Synapse Analytics offering, people can actually get to the technology at a far cheaper price point.

That one technology right there makes it far more affordable for the SMB market.

What about things like low-code/no-code platforms, natural language query, embedded analytics — will those play a role in helping SMBs improve data utilization for growth?

Moore: In the SMB market, they’re aware of things like machine learning, but they’re closer to the core blocking and tackling of looking at [key performance indicators], looking at cash dashboards so they know how much cash they have in the bank, looking at their service dashboard and finding the clients they’re ignoring.

The first and easiest one that’s going to apply to SMBs is low-code/no-code, particularly in grabbing their source data, transforming it and making it available for analytics. Prior to low-code/no-code, it’s really a high-code alternative, and that’s where it takes an army of programmers and all they’re doing is moving data — the data pipeline.

But there will be a set of the SMB market that goes after some of the other technologies like machine learning — we’ve seen some people be really excited about it. One example was looking at [IT help] tickets that are being worked in the service industry and comparing it with customer satisfaction. What they were measuring was ticket staleness, how many tickets their service team were ignoring, and as they were getting stale, their clients would be getting angry for lack of service. With machine learning, they were able to find that if they ignored a printer ticket for two weeks, that is far different than ignoring an email problem for two weeks. Ignoring an email problem for two days leads to a horrible customer satisfaction score. Machine learning goes in and relates that stuff, and that’s very powerful. The small and medium-sized business market will get there, but they’re starting at earlier and more basic steps.

Editor’s note: This Q&A has been edited for brevity and clarity.

Go to Original Article

Traditional, emerging topics unite in the new CCNA exam

While Cisco’s updated Cisco Certified Network Associate — or CCNA — certification track shrunk to a single path and single exam, CCNA hopefuls must know a broad range of both networking basics and emerging networking technologies in order to pass the exam.

Cisco announced sweeping changes to its certification tracks in June 2019, and the new CCNA exam derives from one of the largest changes in Cisco history, according to Cisco author Wendell Odom. Odom, author of every CCNA Official Cert Guide, wrote two new volumes of his guides for the CCNA 200-301 exam. The singular path of the new CCNA exam is smaller overall compared to past exam versions, yet the extensive amount of material — both old and new — necessitated two volumes.

Both Volumes 1 and 2 cover various traditional networking topics, such as virtual LANs (VLANs) and basic IP services, as well as newer networking technologies, such as network automation. Odom said the new CCNA exam includes a lot for engineers to learn but also contains relevant and useful material for the current job market.

Editor’s note: The following interview was edited for length and clarity.

Can you compare details of the former and the new CCNA exams?

Wendell OdomWendell Odom

Wendell Odom: If you took the old CCNA Routing and Switching exam blueprint, about half those topics are in the new CCNA exam. The literal words are there. It’s not just the same topic — it’s copied-and-pasted topics from the old to the new.

Then, the new exam has topics that weren’t in any of the old. It has a few you might say came from CCNA Collaboration or CCNA Data Center. For the most part, the new topics [show] the world is changing and IT changes quickly. These are new things Cisco finds important for routing and switching, like automation and cloud. Now, it introduces intent-based networking to CCNA for the first time.

If you view the old as 100 points in volume, the new is about 75% of that — 75 points. Fifty points are old exam topics that stuck around: VLANs, VLAN trunks, IPv4 and IPv6 routing, Layer 3 filters, sub-Layer 2 filtering with port security, security protocols, basic IP services, like SNMP [Simple Network Management Protocol] and NTP [Network Time Protocol].

CCNA Guide book coverClick to learn more about
this book.

Now, there’s more OSPF [Open Shortest Path First] — particularly, OSPF network types. On an Ethernet interface, you’ve got two or more routers that run OSPF connected to the same Ethernet. They elect a designated router, which causes OSPF to model the connected subnet differently. It changes OSPF operation on that LAN.

That’s typical on a LAN, but if you use Ethernet in WANs — particularly point-to-point WAN links — you don’t want LAN-like OSPF behavior electing a designated router. To change that, in Cisco routers, you change the OSPF network type to point-to-point instead of the default broadcast type, which is what causes it to act like a LAN.

The new Volume 1 has four chapters on wireless LANs. It’s basic: What’s an access point [AP]? What are the different wireless standards? How would you configure an AP to be a stand-alone AP? How would you do it with a wireless LAN controller? To a networker, it’s not very deep, but it’s your first step, and there’s a lot in CCNA that are first steps in learning technologies.

Now, there’s DHCP [Dynamic Host Configuration Protocol] snooping and dynamic ARP [Address Resolution Protocol] inspection. And the new CCNA exam mentions TFTP [Trivial File Transfer Protocol] and FTP specifically.

People will enjoy the topics they learn, both for learning and for how it matches real jobs today. Cisco did this particular exam right.
Wendell OdomAuthor

The old had basics of what I call ‘controller-based networking;’ there’s more now. It talks about underlays and overlays, which now gets you ready for software-defined access. The old and new CCNA exams have a lot about the old way to do LANs — how you build switch networks, Spanning Tree Protocol, etc.

Now, there’s REST, JSON [JavaScript Object Notation], specifically mentioned comparisons of Ansible, Puppet and Chef, as far as how they work under the covers. It doesn’t get into how to manipulate the tools, but more of which uses a push model, which uses a pull model, etc.

If you studied now for everything except newer technologies, which is 10% of the exam blueprint, it’d seem like traditional networking technology. Then, you get into newer, evolving technologies. Now, we’re pushing the baby birds out of the nest because … you’re going to get a lot of this in the CCNP Enterprise Core, etc. I’m glad some of it is in CCNA.

What questions have you gotten about the new CCNA exam?

Odom: Oddly enough, there’s not much worry about new topics. ‘Do I need to know Python?’ That’s probably most common because exam topics don’t mention Python. You think automation, and you think your first step is a programming language. You can actually learn everything in CCNA for automation without knowing Python.

People quickly zero in on technical questions: Layer 2, Layer 3 interactions. People get confused about encapsulation. OSPF concepts are more common — typically, LSAs [link-state advertisement], what those mean and whether that’s important. ‘Do I need to understand what a Type 1, Type 2 and Type 3 LSA is?’ I don’t know how important that is for the exam depending on the version. But if you’re going to use OSPF, you need to know what it is for real life.

I’m happy with how [the new CCNA exam] balances newer automation features and technologies — not overwhelming newbies with too much new and giving the foundation they need to get a real job. I think Cisco hit the right balance. People will enjoy the topics they learn, both for learning and for how it matches real jobs today. Cisco did this particular exam right.

Go to Original Article

5G vs. Wi-Fi: Verizon says cellular will win

Verizon’s long-term strategy is to make mobile 5G a Wi-Fi killer. While analysts don’t see that happening this decade, it is technically possible for the next-generation wireless technology to drive Wi-Fi into obsolescence.

Ronan Dunne, CEO of Verizon Consumer Group, recently entered the ongoing 5G vs. Wi-Fi tech debate when he predicted the latter’s demise. Dunne said his company’s upcoming 5G service would eventually make high-speed internet connectivity ubiquitous for its customers.

“In the world of 5G millimeter wave deployment, we don’t see the need for Wi-Fi in the future,” Dunne told attendees at a Citigroup global technology conference in Las Vegas.

Today, the millimeter wave (MM wave) spectrum used to transmit 5G signals is often blocked by physical objects like buildings and trees, making service unreliable. Verizon believes its engineers can circumvent those limitations within 5 to 7 years, bringing 5G wireless broadband to its 150 million customers.

Most analysts agree that Wi-Fi will remain the preferred technology for indoor wireless networking through the current decade. Beyond that, it’s technically possible for 5G services to start eroding Wi-Fi’s market dominance, particularly as the number of 5G mobile and IoT devices rises over the next several years.

“If the CEO of a major cellular carrier says something, I will take that seriously,” said Craig Mathias, principal analyst at Farpoint Group. “He could be dead wrong over the long run, but, technically, it could work.”

As an alternative to Wi-Fi, Verizon could offer small mobile base stations, such as specially designed picocells and femtocells, to carry 5G signals from the office and home to the carrier’s small cell base stations placed on buildings, lampposts or poles. The small cells would send traffic to the carriers’ core network.

Early uses for 5G

Initially, 5G could become a better option for specific uses. Examples include sports stadiums that have an atypically high number of mobile devices accessing the internet at the same time. That type of situation requires a massive expenditure in Wi-Fi gear and software that could prove more expensive than 5G technology, said Brandon Butler, an analyst at IDC.

Another better-than-Wi-Fi use for 5G would be in a manufacturing facility. Those locations often have machinery that needs an ultra-low latency connection in an area where a radio signal is up against considerable interference, Butler said.

Nevertheless, Butler stops short of predicting a 5G-only world, advising enterprises to plan for a hybrid world instead. They should look to Wi-Fi and 5G as the best indoor and outdoor technology, respectively.

“The real takeaway point here is that enterprises should plan for a hybrid world into the future,” Butler said.

Ultimately, how far 5G goes in replacing Wi-Fi will depend on whether the expense of switching is justified by reducing overall costs and receiving unique services. To displace Wi-Fi, 5G will have to do much more than match its speed.

“It’ll come down to cost and economics, and the cost and economics do not work when the performance is similar,” said Rajesh Ghai, an analyst at IDC.

Today, Wi-Fi provides a relatively easy upgrade path. That’s because, collectively, businesses have already spent billions of dollars over the years on Wi-Fi access points, routers, security and management tools. They have also hired the IT staff to operate the system.

Verizon 5G Home

While stressing the importance of mobile 5G vs. Wi-Fi, Dunne lowered expectations for the fixed wireless 5G service for the home that the carrier launched in 2018. Verizon expected it’s 5G Home service to eventually compete with the TV and internet services provided by cable companies.

Today, 5G Home, which is available in parts of five metropolitan markets, has taken a backseat to Verizon’s mobile 5G buildout. “It’s very much a mobility strategy with a secondary product of home,” Dunne said.

Ghai of IDC was not surprised that Verizon would lower expectations for 5G Home. Delivering the service nationwide would have required spending vast amounts of money to blanket neighborhoods with small cells.

Verizon likely didn’t see enough interest for 5G Home among consumers to justify the cost, Ghai said. “It probably hasn’t lived up to the promise.”

Go to Original Article

Decision-makers may prefer Wi-Fi over 5G in retail networks

While fifth-generation wireless has taken the technology world by storm, many retailers don’t see a need to heed the hype.

Several use cases may glean immediate 5G benefits, yet 5G in retail is superfluous for now. Although 5G can support retail networks that require advanced capabilities, such as virtual reality, the retail world won’t depend on 5G because other wireless technologies are still efficient, according to a recent Forrester Research report. The report “The CIO’s Guide To 5G In The Retail Sector” explored particular retail use cases, and report author and principal analyst Dan Bieler discussed key differences between retail and other 5G use cases.

“Retailers are quite sophisticated in their existing technology understanding,” Bieler said. “They have achieved some great solutions with existing technologies, and they will not risk upsetting everything in the short term where they don’t see a clear [ROI] for making additional network infrastructure investments in 5G.”

Dan BielerDan Bieler

Retailers are interested in 5G for their networks, Bieler said, yet few have implemented or deployed 5G so far. Some retailers may seek out 5G as a replacement for existing MPLS connectivity, but this choice depends on pricing models and business requirements. Overall, IT decision-makers may prefer Wi-Fi over 5G in retail networks because not all retailers require the advanced capabilities 5G networks offer, he added.

5G in retail lacks transformative qualities largely because cellular technologies weren’t developed for indoor network coverage, and physical objects indoors can impede 5G’s millimeter wave frequencies and its line-of-sight travel capabilities.

The advent of Wi-Fi 6, or 802.11ax, may interest retailers more than 5G, as Wi-Fi historically supports more indoor use cases and networks than cellular technologies. Both Wi-Fi 6 and 5G offer similar capabilities, which makes them competitors in some use cases and complementary in others. For exclusively indoor retail environments, IT decision-makers may not see a need for 5G networks, Bieler said.

“[Retailers] can do a lot with the technologies that we have today,” he said. “5G will be a continuum rather than a completely revolutionary new technology for them.”

5G benefits
Aside from 5G in retail, the new generation of cellular technology has several benefits for all types of organizations.

Another issue retailers could face regarding 5G is customer apprehension. Despite 5G’s various new capabilities, customers don’t necessarily care about technological innovations and won’t alter their shopping habits because of 5G. However, customers in younger age groups may be more willing to adapt to the capabilities 5G enables, so organizations should focus more on how to win over older age groups, the report said.

Benefits of 5G in retail use cases, networks

Despite the efficiency of other wireless technologies, the report noted three main areas where 5G in retail can benefit business operations, including the following:

  1. Back-end operations, where organizations can handle work the customers don’t see, such as tracking and monitoring inventory within warehouses.
  2. Front-end operations, which are customer-facing operations and deal with tracking and monitoring products and people within stores.
  3. Finance operations, where the store can remotely track and monitor a customer’s product or service usage and charge them accordingly.

As 5G rolls out throughout the 2020s, more features and potential benefits for organizations will arise, such as network slicing and mobile edge computing. These capabilities can help organizations create experiences tailored specifically to individual customers.

“5G allows the retailer to track many more items and many more sensors in a store than previous cellular technologies, so they can have a much more granular picture of what retail customers are looking at, where they are going and what they are doing with products in the store,” Bieler said.

Other benefits the report cited include cost-efficient store connectivity, enhanced customer insights and improved transparency within supply chains. Organizations won’t glean these benefits for several years, Bieler said, as carriers will deploy new 5G features in stages.

However, decision-makers can prepare to deploy 5G in retail use cases by focusing closely on network design and determining whether 5G is the right choice for their operations. To evaluate this, organizations can assess their indoor connectivity environments and gauge how a 5G deployment could affect the business sectors in which the store or organization requires 5G access.

Overall, 5G has various benefits for retail use cases, the report said, but these benefits are not universal. Businesses need to look closely at their network infrastructures and business requirements to evaluate 5G’s potential effect on their operations. Regardless, Bieler said he was sure deployments of 5G in retail will eventually become common.

“[Retailers] will still adopt it over time because 5G will provide super-fast broadband connectivity,” Bieler said. “It opens up your business model opportunities in an easier way. So, over time, retailers will definitely embrace it, but not tomorrow.”

Go to Original Article

For Sale – LG 34WK95U 34″ 5120X2160 HDR600 Monitor – nearly new & Asus PG279Q

Bought this a while ago for work and photo editing, but don’t need it.

Hasn’t been used much at all.

All in perfect condition, with original box.

Collection preferred, but could be shipped.


WD HDDs now sold

Asus PG279Q

Well used, good condition (should have wiped before picture, but it will come clean), no box, collection only.


Go to Original Article