Show Notes
A podcast about cloud adoption and cybersecurity.
Website: https://www.globaltech.tv/
Social networks: https://linktr.ee/globaltechtv
View Full Transcript
Episode Transcript
[00:00:03] Speaker A: Hey everyone. It's the Global Tech TV podcast and the monthly news is here today. I'm the moderator.
Ariel is a bit have a running nose and a bit cold. So we told him, hey man, it's okay. Take your coffee, take your tea, take your soup. We can do things. Not the same good as you, but we're gonna try to do our best today. So welcome again to our episode 16. It's a January for January 2025.
This episode actually was recorded at the beginning of February 2025. We had some glitch, but we don't want to miss a month. So we are here and we're going to keep being here as always. Previously. We're going to speak about last month and let's begin.
Angie, I think we're going to start with cyber. Okay, I'm going to pass it to you with the cyber news.
[00:01:05] Speaker B: Sounds great. Hello everyone. Thank you, Ross, for the introduction. Actually, January started really strong this year. We were not expecting the first news that I'm about to share with you guys.
It's explosive. We didn't expect it at all. The whole world stopped for a minute when this was announced. And I'm talking about none other than Deep Seek. So what happened, you're gonna wonder. As always, Deep Seq actually had a data exposure, something that was completely unexpected. Deep Seq actually came as the best alternative next to ChatGPT. Everyone started, let's say, transitioning into this platform and thinking that it was a better solution, when all of a sudden everything collapsed. Everything changed. We saw that with this move, with the launch Deep Seq and the attention that it gained, actually even, even the stock market was really, really influenced. I could even say it was shook by this decision, but that everything changed in a couple of days when this month we came across a troubling cybersecurity mishap which involved actually the Chinese AI startup. What happened is that it was actually researchers at Wiz that discovered that the company had accidentally left over a million lines of sensitive data exp online. This included software keys and user chat logs. And while Deep Seq acted quickly to secure the data after it was notified, after they were notified. It also raised serious concern about the handling of AI related sensitive information.
I think that it serves as another reminder that even innovative tech companies need to really, really prioritize security from the start. Rather than treating it as an afterthought.
[00:03:00] Speaker C: I would just say something from my side, a couple of things. First, as you mentioned, the entire world was shook about this new technology. I don't know how well they are able to compete with ChatGPT but but they are doing very good work just by the fact that at least according to claims they find ways to do almost similar results using much cheaper hardware.
So instead of having to buy the latest processors from Nvidia which cost a lot of money and not every company can actually afford to now theoretically you can use cheaper processors is on one side the other side since all cloud providers were all amazed about this new technology.
So within a couple of days they all offered some sort of alternative to be able to run the Deep SEQ model on top of their AI infrastructure.
I don't know how well it has been fully supported but it works.
But other than this we still need to recall and just in parallel to the research from wizard that we don't exactly know how data has been handled at the back end and where is it being shipped. So probably cheaper hardware, probably more efficient way to run LLMs. But I would think twice before moving production data or customers data to use this new model.
Just manage the risk by yourself. This is my only tip for this.
[00:04:49] Speaker A: I totally agree with you by the way.
In the end of the day I have nothing against the Chinese but they like to collect.
I have nothing, I just saying something that they will agree with me and again they like to collect data. So just remember that yes, this is true.
[00:05:13] Speaker B: But on the other side I think that the news itself serves as a reminder that it seems like no matter how much we raise awareness on these topics and this is going to really well transition and align with the next news that I'm about to present, I think that people would always choose to not be careful about the way that they handle their data or who they are handling their data to. As you guys mentioned, I think that people mostly as consumers, they care about the price and it seems like if the price is not there, if everything is offered for free, if these services are not offered for a certain, let's say significant amount of subscription per month, everyone would go and transition into these new sites, into these new tools that we don't know anything where they come from. And I think that Deep Seq is not the only example. It's one of the examples that we just shed a bit light upon. And on the other side, failures in the world of security for this month have not only stopped with the Deep seek, but we also have PayPal. What has happened with them? They were basically fined for a big cybersecurity failure. What happened is that PayPal just learned, I can say an Expensive lesson about cybersecurity negligence. New York's Department of Financial Services slapped the company with $2 million of fine due to security failures that led to to this breach of exposing customers, their most important and expensive assets, especially for the customers in the US which is their Social Security numbers. So many people's Social Security numbers was out there in the wild for all the hackers and the malicious actors to act upon and take advantage of the situation. And this breach of dates dates back to the late 20, 20,000. But it's only now that these regulators have come down really, really hard. And in response, PayPal of course had to say their part and have to give their share. And they said that since they had implemented multifactor authentication, they've been acting with stronger security protocols. But I think that it's a start that it's a reminder that fintech companies, especially those handling sensitive financial data, can't afford to cut corners on cybersecurity. And other than that, I am really interested to not. I see that you have a smirk in your face and I know that you are the guy to talk on this topic and I would really appreciate your knowledge and I know that it would be really beneficial for the viewers to know what you think on this matter.
[00:07:50] Speaker A: Okay, so actually I don't think I can comment too much because on that period I was in PayPal and I was part of the oversight team over the security.
So as I like to say, first we will see what's going to happen. It look like a lovely news and hopefully for the future it's going to look nicer.
[00:08:20] Speaker C: I couldn't find any politically correct or answer that.
[00:08:27] Speaker A: Sorry. This time I cannot definitely, I can.
[00:08:31] Speaker B: See, I can see the conflict of interest and I would love to say wrap it up for this month with another news that comes from far Russia. Russian hackers have been impersonating IT staff. This is something that's been happening over the years. It's a kind of attack. I could say that we have noticed coming from a lot of different actors, especially ones that have nations behind them. But you wonder what happened with this specific one and why it really sparked my attention to share it with all of you guys. So basically what happened is the most important factor of this attack and this news as a whole is the large scale of it. I think that this seems like a cybersecurity thriller movie. Russian hackers have been posing as IT staff on Microsoft Teams, a tool that I think most of the administrative workers use and people all over the spheres of live use and how they've been reaching this, how they've been targeting these Microsoft Team users. Basically they've been tricking employees into handing over access to corporate networks. From there, the attack starts with massive spam email waves and then it escalates as the hackers use of course teams to convince employees that they're legitimate tech supports.
This is very tricky one. It seems very innocent in the beginning. And I think that we should also raise attention because it's something that people who are not really aware of this kind of attacks might fall prey towards. I think that the attack continued and once they gained access, the ransomware follows as usual, the locking up of the data and the demanding of a certain payment. It's really frighteningly effective, as I mentioned, and it's a really effective form of social engineering. I think that Microsoft is planning to roll out as of lately, phishing alerts for the next months to come to raise awareness, as I said, on the professionals that use this kind of tools, but also people who do not, who are not really tech savvy. And I think that organizers should also already be looking down to their team settings. And an advice for me, maybe perhaps train more the employees to spot the scams so we can see that for the month of January, cybersecurity has been evolving so fast. And these are just a few stories that I'm trying to prove and push this point forward. And I see that us as professionals in security, we need to really stay ahead of the game. If we are in security or we just are people who care to protect our data and care to keep it safe. I think that we should also make sure to keep up with these developments and with the hackers that act a bit faster than the rest of us.
[00:11:28] Speaker A: Yeah, I, if it's okay, I want to give like three tips, I think from security awareness.
Okay. So first of all, it's basic social engineering and there are three things that can be done as, let's say, mere mortals. Yeah. The ones that doesn't understand it, the ones that doesn't understand technology.
First of all, always ask yourself, did I ask for this service? If you didn't ask for this service, just deny it. This is one thing. Second, do I know the person that approached me in the it? So let's take a huge company, one of the biggest banks, which is Citibank. You're not supposed to know who is the person in the other side of your IT support, but you can always ask him or here, what do you want? Why did you approach and never provide your credentials meaning your personal pii, your password, your email, your information. If they want something they should have it. You should not provide it, not to it, not to anyone. This is called private information. Keep it to yourself.
Third one, if someone asks you let's do a remote session and take over your computer.
I would always ask to authenticate personally. Can we open a zoom? Can I see you? Why do you want to do that? Which type of actions? I would be very curious. And again it's going to be the last action that it supposed to do to take over your computer. Most of the time they will not need to do that unless you will request for that. So this is like three tips from my previous security awareness program.
[00:13:28] Speaker C: Definitely it's I would say there's no replacement for for regular security awareness programs in any type of organization, regardless of the size. I mean because usually I'm looking at the technology side of things like read vendor documentation, see how you can harden the teams configuration or the IT machine configuration, whatever IT is. But at the end of the day there's no really a good replacement for a security awareness program.
[00:14:00] Speaker A: Agree. So what's next Angie?
[00:14:04] Speaker B: I wrapped it up with the news for this month and I would love to hear what we have from Eyal.
[00:14:11] Speaker C: Okay, so I try to mix and match between the large cloud providers and between different technologies from mixing AI and security and some infrastructure related news.
So let's jump into them. The first one alphabetically AWS Luma AI's Ray 2, a new video generating AI foundation model is now available on Amazon Bedrock, making AWS the first and only cloud provider to offer fully managed models for Luma AI. Ray 2 can create realistic 5 and 9 second video clips with fluid movement and ultra realistic details using natural language forms. Eliminate eliminating the need for technical prompt engineering. So great, great news. If you're about to use Luma AI, this is really great announcement.
Other than this, and this is something that many people who work with cloud providers were looking for this type of solution at least within the Amazon domain for a very long time. So AWS has introduced multi session support for AWS Management Console, allowing customers to simultaneously accept up to five AWS accounts within a single browse. So far, if I was using the AWS console again for the non sophisticated type of IT personnel, I had to log in once and if I wanted to switch to a different role or switch to a different AWS account within the same organization, I had to log out or I had to use some sort of, I don't know, different browser or maybe in icognito mode or something like this. So now they're offering up to five different session different identities using the same browser. It enable users to sign in to any combination of root, IAM or even federated roles across different accounts or within the same account.
This multi session capability streamline resource management and troubleshooting process for customers. We use multiple accounts for various environments such as development, testing and production. So this is something it doesn't sound like huge announcement but for whoever works on a regular basis and had to switch roles during the same working day. So this is a really helpful feature Moving on to Azure so Microsoft has announced the General availability of 11 new identity score recommendation designed to enhance organization and security posture. These recommendations, accessible through the Microsoft Entra Admin center, covers various aspects such as requiring multi factor authentication for administrative roles, enabling policies to block legacy authentication and protecting users with risk based policies.
The update allows update also introduce two new features, a secure Score trend chart for tracking security progress over time, and a detailed list of users and titles for precise risk identification and mitigation. So if you are in the security incident response type of personnel, you probably find these new features or new capability. The Security Score Recommendation very very helpful.
Moving on we talked about AI on aws. We talked about let's call it usefulness on aws. Now we talked about security on Azure. Let's talk about AI in Azure. So Microsoft has expanded its Data zone to support Azure OpenAI Service Bench, offering enhanced control over data privacy and residency for enterprises in the United States and Europe.
Datazone batch deployments utilize Azure Global infrastructure to dynamically route traffic within Microsoft defined data zones, ensuring high availability for each request. So now we have the combination of security, AI and data residency over different regions. Interesting feature no doubt.
Moving on to Google Cloud so Google announced its general availability of C4A virtual machines powered by their first Google Axion processor along with the titanium SSDs. These new VMs offer significant improvements in performance and efficiency, providing up to 65% better price performance and 60% better energy efficiency compared to current generation of x86 based instances.
So new generation, more efficiency, probably more sustainable. Interesting announcement.
Moving on in Google Cloud, Google introduced Cloud based Abuse Event Logging, a new feature that allows customers to track and manage security incidents more effectively.
This system provides structured log notifications for events such as leaked service accounts, crypto mining incidents and malware. In addition to email notification. For instance, users can create automated process to deprovision VMs detected with crypto mining activity.
The logs are accessible through the cloud logging the regular the standard way of Google logging capabilities enabling enhanced automations, historical trend analysis and integration with existing security monitoring and incident response systems. So again if you're part of this of the SOC team, you will find this capability highly valuable.
So these are all the news I found on January 2025 relates to cloud services.
[00:20:35] Speaker A: Thank you Eyal.
I think the last one with the incident response always need new stuff and I fully suggest let's try it, let's see how does it work because it's so complex how the logging over there in the cloud and just to wrap up I want to say thank you to both of you and Gnal and as always you're welcome to follow us on social media at GlobalTechTV. Feel free please to write us, ask question or suggest any future topics for discussion.
I prefer always YouTube because then you can see us. But if you want to just listen during your commute, you can open your radio, go into Spotify and you're gonna hear our voices. So have a lovely month, we will see you soon. Thank you. Bye.
