Immutable Copies Are Only As Good As Your Validation


May 23, 2022

Stan Wilkins

A system can always be replaced, but the files and objects that comprise the application and the data that makes it useful can fall victim to all sorts of decay, neglect, or abuse in a modern system. And that is why we did backups to tape subsystems, or even tape libraries and then virtual tape libraries based on disk drives for so many years. And for those who cannot afford to have downtime or lost data, the IBM i base has been fortunate to have some of the best high availability clustering ever invented.

With ransomware and malware attacks on the rise, it is more important than ever to create immutable copies of data – a snapshot of the information in the machine that cannot be tampered with. This capability is built into IBM’s FlashSystem arrays, and is increasingly used by IBM i customers to create snapshots of their data that can be used in the event of an attack or some other kind of data corrupting event.

We have talked to a lot of IBM i customers who are interested in or are making immutable copies using their FlashSystem arrays, and they think it is fine to do an immutable copy of the system every hour and stack them up. And if they get hacked and someone, for instance, tries to encrypt their archived data – a common attack method these days – then the practice is to keep going back into the archive of immutable copies by hand until one of them works, until one of the copies is not infected.

We don’t like that approach. And that is why we have come up with a safe guarded copy methodology that we call CopyAssure. With CopyAssure, we are perfectly happy that customers make lots of immutable copies of their key data. But we believe that as you make these immutable copies, you have to perform the extra set of steps and make sure that this immutable copy is valid and can be put back onto a recovered system in the event of a disaster or an attack.

This means every immutable that gets taken is validated at the time it was taken, automatically made available, added to a partition and the IBM i OS booted up and then the integrity of the database and…

Source…

Battle against the hackers: Councils across Northern Ireland step up online security after recent attempted cyber attacks


Councils across Northern Ireland are acting to combat the current “heightened” threat of cyber attacks.

ne council has admitted it is dealing with “daily” attempted attacks on its computer systems.

Source…

Elon Musk deep fakes promote new cryptocurrency scam


Elon Musk

Cryptocurrency scammers are using deep fake videos of Elon Musk and other prominent cryptocurrency advocates to promote a BitVex trading platform scam that steals deposited currency.

This fake BitVex cryptocurrency trading platform claims to be owned by Elon Musk, who created the site to allow everyone to earn up to 30% returns on their crypto deposits.

This scam campaign started earlier this month with threat actors creating or hacking existing YouTube accounts to host deep fake videos of Elon Musk, Cathie Wood, Brad Garlinghouse, Michael Saylor, and Charles Hoskinson.

These videos are legitimate interviews modified with deep fake technology to use the person’s voice in a script provided by the threat actors.

An example of one of the scam videos can be seen below, where Elon promotes the new scam site and says he invested $50 million into the platform.

However, if you look carefully, you will see that the deep fake synchronizes the person’s talking to the threat actor’s script, which is so silly as to be comical.

How do we know this is a scam?

While it is obvious that the interviews have been altered to simulate Elon Musk’s voice to promote the BitVex trading platform, numerous other clues show that this is a scam.

Many YouTube channels promoting this trading platform have been hacked to suddenly show YouTube videos or YouTube Shorts that promote the BitVex trading site.

For example, a YouTube channel that displayed gaming videos in Arabic suddenly began showing a series of YouTube Shorts that promoted the BitVex scam. In addition, BleepingComputer has found dozens of other YouTube channels hijacked similarly to promote this scam.

YouTube Shorts promoting BitVex on hacked YouTube channels
YouTube Shorts promoting BitVex on hacked YouTube channels
Source: BleepingComputer

Once you visit the BitVex trading site itself, it becomes more apparent that this is a scam.

For example, the site claims that Elon Musk is the CEO of the trading platform and contains endorsements from Ark Invest’s Cathie Wood and Binance CEO Changpeng Zhao.

Site claiming that Elon Musk is the CEO
Site claiming that Elon Musk is the CEO
Source: BleepingComputer

To use the BitVex platform, users must register an account at bitvex[.]org or bitvex[.]net to access the investment platform.

Once you log in, the…

Source…

Career paths in cybersecurity: Key skills, salary expectations and job description


We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!


Cybersecurity professionals are in increasingly high demand, especially since society is so digital and data-driven. Businesses and individuals must take decisive and defensive actions to avoid becoming future targets as cyberattacks become more common and well-orchestrated. 

Table of contents

[ Learn more: What is cybersecurity: Definition, importance, threats and best practices ]

The following information about cybersecurity careers and salaries will help you know what to expect and which skills are most beneficial for people in the industry. It will also give you a rundown of potential roles and responsibilities. 

Key skills for cybersecurity professionals

One of the most common questions people have about cybersecurity before getting into the field is whether it’s a good career. However, no single option is universally ideal for everyone. It all depends on what skills people have and what they want to achieve as working professionals. 

Cybersecurity careers are like others in that people are most likely to succeed in them by having certain skills. That doesn’t mean individuals should give up on cybersecurity career paths if they don’t have all the capabilities yet. However, specific skills are undoubtedly valuable for anyone aiming to thrive in a cybersecurity career. Here are some of the main areas to focus on. 

Problem-solving skills

Some people say every part of cybersecurity involves problem-solving to some degree. Professionals working in the field must frequently tackle issues with unknown outcomes. Consider cases where cybersecurity teams face new kinds of ransomware or zero-day vulnerabilities. They don’t get through those situations without excellent problem-solving skills. 

Having the willingness to examine issues from all angles will also help. When people analyze situations thoroughly, they’re more likely to discover things others may overlook. That’s especially important in cybersecurity since the attack methods malicious…

Source…