Linchakin

AMD unveils exascale data-center accelerator at CES

 January 14, 2023     No comments   

The Consumer Electronics Show (CES) might be the last place you’d expect an enterprise product to debut, but AMD unveiled a new server accelerator among the slew of consumer CPUs and GPUs it launched at the Las Vegas show.

AMD took the wraps off its Instinct MI300 accelerator, and it’s a doozy.

The accelerated processing unit (APU) is a mix of 13 chiplets, including CPU cores, GPU cores, and high bandwidth memory (HBM). Tallied together, AMD's Instinct MI300 accelerator comes in at 146 billion transistors. For comparison, Intel’s ambitious Ponte Vecchio processor will be around 100 billion transistors, and Nvidia’s Hopper H100 GPU is a mere 80 billion transistors.

The Instinct MI300 has 24 Zen 4 CPU cores and six CDNA chiplets. CDNA is the data center version of AMD's RDNA consumer graphics technology. AMD has not said how many GPU cores per chiplet there are. Rounding off the Instinct MI300 is 128MB of HBM3 memory stacked in a 3D design.

The 3D design allows for tremendous data throughput between the CPU, GPU and memory dies. Data doesn’t need to go from the CPU or GPU to DRAM; it goes out to the HBM stack, drastically reducing latency. It also allows the CPU and GPU to work on the same data in memory simultaneously, which speeds up processing.

AMD CEO Lisa Su announced the chip at the end of her 90-minute CES keynote, saying MI300 is “the first chip that brings together a CPU, GPU, and memory into a single integrated design. What this allows us to do is share system resources for the memory and IO, and it results in a significant increase in performance and efficiency as well as [being] much easier to program.”

Su said the MI300 delivers eight times the AI performance and five times the performance per watt of the Instinct MI250. She mentioned the much-hyped AI chatbot ChatGPT and noted it takes months to train the models; the MI300 will cut the training time from months to weeks, which could save millions of dollars on electricity, Su said.

Mind you, AMD's MI250 is an impressive piece of silicon, used in the first exascale supercomputer, Frontier, at the Oak Ridge National Lab.

AMD's MI300 chip is similar to what Intel is doing with Falcon Shores, due in 2024, and Nvidia is doing with its Grace Hopper Superchip, due later this year. Su said the chip is in the labs now and sampling to select customers, with a launch expected in the second half of the year.

New AI accelerator on tap from AMD

The Instinct isn't the only enterprise announcement at CES. Su also introduced the Alveo V70 AI inference accelerator. Alveo is part of the Xilinx FPGA line AMD acquired last year, and it's built with AMD’s XDNA AI engine technology. It can deliver 400 million AI operations per second on a variety of AI models, including video analytics and customer recommendation engines, according to AMD.

Su said that in video analytics, the Alveo V70 delivers 70% more street coverage for smart-city applications, 72% more hospital bed coverage for patient monitoring, and 80% more checkout lane coverage in a smart retail store than the competition, but she didn’t say what the competition is.

All of this is within a 75-watt power envelope and a small form factor. AMD is going to take pre-orders for the V70 cards today, with availability this spring.

Next read this:

Adblock test (Why?)


You may be interested in:
>> Is a Chromebook worth replacing a Windows laptop?
>> Find out in detail the outstanding features of Google Pixel 4a
>> Top 7 best earbuds you should not miss

Related Posts:
>> Recognizing 12 Basic Body Shapes To Choose Better Clothes
>>Ranking the 10 most used smart technology devices
>> Top 5+ Best E-readers: Compact & Convenient Pen
Read More
  • Share This:  
  •  Facebook
  •  Twitter
  •  Google+
  •  Stumble
  •  Digg

SEC Saved Coinbase From The Fate That Befell Voyager, Celsius, BlockFi, and Gemini

 December 31, 2022     No comments   

The crypto industry’s biggest secret - the Shadow Banking System, where cryptocurrencies worth billions of dollars are borrowed & lent on an un-collateralized basis, between some of the industry’s biggest names, was exposed in recent months as the biggest driver of the spectacular bull market... as well the collapse & contagion that is still ongoing.

While the crypto shadow banks are going through their most difficult moments, it was the Securities and Exchange Commission’s (SEC’s) decision to declare a lending program an unregistered security offering might have unintentionally saved Coinbase from the same deadly blow that struck BlockFi, Celsius, Voyager, Gemini, and many others. 

Crypto shadow banks are companies that engage in bank-like activities such as borrowing & lending but obviously are not licensed banks, hence fall outside the regulatory constraints of fully licensed banks, which are required to have capital reserves to cover losses from bad loans or available liquidity in case of a bank run.

With the promise of “Less risk than a bank with better returns for customers.”, crypto shadow banks such as Celsius, BlockFi, Voyager & Gemini managed to attract billions of AUM from professional and retail investors, which got lent out further to the world’s biggest crypto whales, the likes of 3AC and Alameda Research.

In the midst of the 2021 bull market, the crypto industry’s second biggest player had its own plans to launch a lending program, namely Coinbase Lend.

While the details of Coinbase’s Lend program are no longer publicly available, I found out that the program would work by “matching lenders of the USDC stablecoin with qualified borrowers” and that “Coinbase would guarantee the principal creditors lend out”.

It is unclear whether Coinbase would match borrowers to lenders directly or simply create a pool out of which they could undertake lending activities.

While the semantics of Coinbase’s wording is of less importance for this story, the playbook was meant to be similar to that of the largest crypto shadow banks; borrow cryptos worth billions of dollars from clients already onboarded with Coinbase and lend out in the Shadow Debt Market to worlds largest proprietary trading firms, hedge funds, and market makers.

The details of Coinbase’s Lend program caught the attention of the SEC, and the US regulator reacted fiercely & aggressively by threatening to sue Coinbase if the program was launched.

Coinbase Lend program was immediately scrapped, with Coinbase noting SEC’s “unfair treatment” since many other crypto shadow banks were engaging in those same lucrative borrowing & lending activities.

The rest is now history.

SEC’s decision unintentionally saved Coinbase from the same catastrophic fate that struck BlockFi, Celsius, Voyager, Gemini, and many more - the collapse of Terra/LUNA, the blow-up of 3AC, the fiasco of FTX & Alameda Research, and the ongoing contagion.

In retrospect, it’s easy for crypto critics & skeptics to point fingers at crypto companies or praise regulators around the globe, but very few people understand the plumbing & infrastructure of the crypto ecosystem, with crypto shadow banking as the biggest mystery of them all.

My goal is to provide insider insights into the secretive workings and shed light to strengthen our industry which will be the backbone of infrastructure for the world's growth in the coming decades.

L O A D I N G
. . . comments & more!

Adblock test (Why?)


You may be interested in:
>> Is a Chromebook worth replacing a Windows laptop?
>> Find out in detail the outstanding features of Google Pixel 4a
>> Top 7 best earbuds you should not miss

Related Posts:
>> Recognizing 12 Basic Body Shapes To Choose Better Clothes
>>Ranking the 10 most used smart technology devices
>> Top 5+ Best E-readers: Compact & Convenient Pen
Read More
  • Share This:  
  •  Facebook
  •  Twitter
  •  Google+
  •  Stumble
  •  Digg

EarSpy – A New Attack on Android Devices Use Motion Sensors to Steal Sensitive Data

 December 30, 2022     No comments   

EarSpy Android

There has been a new eavesdropping attack developed by a team of security experts for Android devices which has been dubbed “EarSpy.” With the help of this attack, attackers can detect the following things:-

  • Caller’s gender
  • Caller’s identity to various degrees
  • Speech content

As part of its exploratory purpose, EarSpy aims to capture motion sensor data readings generated by the reverberations from the ear speaker in mobile devices in order to create new methods of eavesdropping.

Universities Involved in this Project

Cybersecurity researchers from five American universities have undertaken this academic project called EarSpy. These are all the names of the universities that are affiliated with this project:-

  • Texas A&M University 
  • New Jersey Institute of Technology
  • Temple University
  • University of Dayton
  • Rutgers University

Evolution of Smartphone Tech

Smartphone loudspeakers have been explored as a potential target for such attacks. As a result of this, the ear speakers are incapable of generating enough vibration to allow eavesdropping to be executed properly for the side-channel attack.

EHA

While the audio quality and vibrations of modern smartphones have improved greatly as a result of more powerful stereo speakers.

Even the tiniest resonance from a speaker can be measured by a modern device because it has more sensitive motion sensors and gyroscopes.

It is remarkable how little data is recorded on the spectrogram from the earphones of a 2016 OnePlus 3T, while a stereo ear speaker on the 2019 OnePlus 7T produces a significant amount of information.

Spectogram

As part of their experiments, the researchers used a OnePlus 7T device as well as a OnePlus 9 device. Both of these devices were used by the researchers to play pre-recorded audio through their ear speakers only using a variety of pre-recorded audio sets.

Although the results of the tests varied according to the dataset and device, they indicated that eavesdropping via ear speakers can be accomplished successfully.

Detection Performance

Based on the features in the time/frequency domain of the ML algorithm, the detection performance for the OnePlus 7T device has been tested, and here below we have mentioned the output chart:- 

Apart from the OnePlus 7T, the detection performance of the OnePlus 9 has been also assessed on the basis of the features in the time/frequency domain of the machine learning algorithm. And here below is the complete result chart:-

Recommendation

EarSpy’s effectiveness could be reduced by a factor, and it’s the “Volume” that users select for their ear speakers. It is also more comfortable for the ear to hear if the volume is lower; this could minimize the possibility of eavesdropping through this side-channel attack.

Additionally, the way in which the hardware components are arranged and the tightness with which the assembly is put together have an impact on how well the reverberations from the speakers are diffused.

It was found that the capture of digits spoken in a phone call with the highest accuracy was up to 56% when it came to actual speech. However, during a telephone conversation, the researchers recommend that manufacturers ensure that sound pressure remains constant and stable.

Managed DDoS Attack Protection for Applications – Download Free Guide

Adblock test (Why?)


You may be interested in:
>> Is a Chromebook worth replacing a Windows laptop?
>> Find out in detail the outstanding features of Google Pixel 4a
>> Top 7 best earbuds you should not miss

Related Posts:
>> Recognizing 12 Basic Body Shapes To Choose Better Clothes
>>Ranking the 10 most used smart technology devices
>> Top 5+ Best E-readers: Compact & Convenient Pen
Read More
  • Share This:  
  •  Facebook
  •  Twitter
  •  Google+
  •  Stumble
  •  Digg

Building a Relationship with your Fans will Mean Support, Even When Things are Tough

 December 30, 2022     No comments   

Accomplishment without assistance is the stuff of legends. Every success story I’ve interviewed over the years needed help at one point or another. Whether that was a loan, an internship, or just a shoulder to cry on, it was a necessary step along the way. 

A group of people with similar goals and values can be a powerful thing, providing accountability, collaboration, and a sense of camaraderie. When it comes to content creation, not only can you learn from your fellow creators – you can teach them too.

Recently on the Success Story Podcast, I spoke with Sophie Watts, Executive Chair at Metacurio, about how she cultivated success by working with and learning from others.

The artist and their art

Let’s first start with your idea. What do you want to do? What do you want to create?

There are many things to consider when you’re first starting. But, the most important thing is that you have a clear and concise idea of what you want to do. This will help you immensely when it comes time to start creating content. 

When you’ve come up with that brilliant idea – the one that keeps you up at night and dominates every moment of the day – you’ll need to find a target market. Without one, you won’t know what kind of language to use, what topics to focus on, or how to present your information. 

If you’re not sure who your target audience is, that’s okay! 

Take some time to research your topic and see who is talking about it online. Once you have a good understanding of who your target audience is, you can start creating content that appeals to them. 

Social networking

One of the earliest things Sophie touched on in our discussion was when she first learned of Facebook’s potential for creators. She reflected on her first experiments into its global reach and knew, then, that it would change everything.

Today, new social media platforms and networks are popping up every day. You might understand how YouTube works, but what about Snapchat? Greenroom? Clubhouse? Foxhole? Okay, I made that last one up. 

It can be easy to get overwhelmed by the different platforms and strategies, but if you want to succeed as a content creator, you’ll have to start somewhere.

The first step is identifying what kind of content you want to create. This could be anything from videos and podcasts to articles and blog posts. Once you know the kind of content you’ll be creating, it's time to start thinking about your audience. 

Who are you trying to reach? What kind of people are you hoping to connect with?

Answering these questions will help guide the rest of your content creation process. From there, it's time to start thinking about platforms. Which social media platforms are most popular with your target audience? Where do they spend the most time online?

There isn’t an answer key at the back of the book here. The answers to these questions will be unique to what you’re trying to do. But once you've selected a few platforms to focus on, the real work – and the fun – begins.

The fans

Consistent release schedule! Insert yourself into the conversation! Show your personality!

There’s one thing that all of these community-building guides seem to overlook: the fans. Supporters, readers, viewers, listeners – whatever you want to call them. 

The people who will be consuming your content are the most critical part of the equation. Not your thumbnail, not your soundtrack, not your partnerships. Your fans.

Without an audience, your content is worthless. So before you start creating, take some time to understand who your fans are and what they want.

Here are some questions to consider when you're cultivating a fanbase:

What does your target audience love?

What kind of content will they search out?

How can you make them fanatics?

As Sophie and I discussed, the platform that helps you engage with your friends is part of the formula. What determines your success as a creator is a connection between you and your fans. It doesn’t matter how your fans take in your content, but how they feel about your content. 

When it comes to criticism, the fans are the ones who will tell you what works and what doesn't. They're also the ones who will support you when you're struggling. If you want to be successful in content creation, you need to listen to your fans and take their feedback seriously – not just their viewership.

Fan criticism, however, is not your only resource for improvement.

Your community

Sophie’s defining success has not just been working with A-List celebrities but the talented teams around them. They are responsible for marketing projects, engaging with the community, and, most importantly, helping visionaries realize their dream without losing their unique spark.

A supportive, enthusiastic support system can be the difference between success and failure in content creation. Engaging with others in your field and being open to feedback can help you hone your skills and produce better work. 

Additionally, a strong community can provide encouragement and motivation when you’re feeling doubtful or burnt out.

Content creators that have found success often attribute much of it to the supportive communities they’ve been lucky enough to find. The trick is how to find them. 

Social media has played a critical role in the growth of content-creator communities. Platforms like YouTube and Instagram provide a space for people with similar interests to connect and share their work. 

But traditional social media – Twitter, Facebook, and the like – aren’t the only places where communities of content creators form. There are also online forums, like Reddit, where people can discuss their work and give feedback. These spaces provide a sense of belonging for creators who might otherwise feel isolated.

Of course, not everyone wants to be part of a community. Some prefer to work alone and don’t need social interaction. While there are certainly ways to make that work, I think criticism and comments are the whetstones of content – they keep it sharp. 

If you’re pursuing content creation as a career, or even just looking to improve your skills, consider seeking out or building a supportive community. The positive effects can be immeasurable.

Your wisdom

Across Sophie’s career, whether coaching A-List celebrities or visualizing success for her own companies, she knew what she was doing. She knew her skills and wisdom were of benefit to the people she worked with. 

What I’m saying, then, is this: learn from others, always. But you have something to offer too.

Sharing your experience is one of the most rewarding things you can do in content creation. Your passion and goals can inspire and help others reach their potential.

What made you successful can be a great source of content in itself. Share what worked for you, and how you overcame challenges. This type of content can be both motivating and helpful for your audience.

If you’re not sure where to start, try telling your story. What led you to content creation? What drives you to be successful? Everyone wants to hear a success story (shameless plug, confirmed). 

Wrapping up

Engaging with your community should be right up front in terms of priority. Get to know the people who follow you and show that you care about more than just promoting yourself and your work. Building a relationship with your fans will mean support, even when things are tough.

I know I poked fun at the consistency thing, but it shouldn’t be forgotten. It's not enough to create great content once in a while - you need to release high-quality material if you want people to keep coming back for more – even when life tries to get in the way.

So talk to me! Leave a comment, let me know about your new project, or tell me why you don’t like mine.

Let’s sharpen that content. 

L O A D I N G
. . . comments & more!

Adblock test (Why?)


You may be interested in:
>> Is a Chromebook worth replacing a Windows laptop?
>> Find out in detail the outstanding features of Google Pixel 4a
>> Top 7 best earbuds you should not miss

Related Posts:
>> Recognizing 12 Basic Body Shapes To Choose Better Clothes
>>Ranking the 10 most used smart technology devices
>> Top 5+ Best E-readers: Compact & Convenient Pen
Read More
  • Share This:  
  •  Facebook
  •  Twitter
  •  Google+
  •  Stumble
  •  Digg

The Cybersecurity Writing Contest: Final Round Results Announced!

 December 29, 2022     No comments   

Hackers, Assemble! The final round’s results announcement of the Cybersecurity Writing Contest by Twingate & HackerNoon are now live!

This contest is one of the most happening contests to date. The numbers speak for themselves:

  • We published total of 364 stories during the contest (the acceptance rate at HackerNoon is almost 50%)!
  • Total reads generated was > ONE MILLION (1,069,876 to be exact)
  • Total reading time generated so far: 4 months, 25 days, & 16 hours

The success of this contest is because of the whole HackerNoon community! Shoutout to our super-dope 35k+ contributors and millions of awesome readers!

As usual, we picked all the stories tagged with the #cybersecurity tag on HackerNoon, published in November 2022. Then we chose the top stories using 60:30:10 weightage respectively to:

  • Number of hours read
  • The number of people reached
  • The freshness of the content

The Cybersecurity Writing Contest: Nominations and Winners:

  1. Scanning 2.6 Million Domains for Exposed .Env Files by @sdcat

  2. Pros and Cons of Cybersecurity Automation by @zacamos

  3. Disinformation-as-a-Service: Content Marketing’s Evil Twin by @verasmirnoff

  4. Secure Coding Practices Every Developer Should Know by @gloriabradford

  5. Why You Should Avoid Using Public WiFi by @juxtathinka

  6. Your USB Gadget Could Be Weaponized by @fatman

  7. An Insecure Pillar in Cybersecurity by @hal9000

  8. Cybersecurity Myth-Perceptions by @shanni

  9. Top Emerging Cybersecurity Threats and How to Prevent Them From Happening to You by @induction

  10. America's Strangest Unsolved TV-Hack and The Story Behind It by @strateh76

Now let’s see who won 👀

FIRST place goes to

One only has to look at the top influencers on Instagram or TikTok to see how a group could be easily persuaded to buy the next cool gadget. An exploit that you can plug into your computer, like USB-based plasma balls, fans, Mini-fridge, coffee warmers, LEDs, or even a charging cable.

Well deserved, @fatman. You have won $600!

In SECOND place, we have

On November 22, 1987, Chicago sports commentator Dan Roan covered the best moments of an American football game between the Chicago Bears and the Detroit Lions. It was a regular newscast following the evening news on local WGN-TV, of which Roan hosted several hundred.

At 9:14 p.m., the reporter disappeared from the TV screens.

Congratulations @strateh76, on securing second place! You won 300 USD!

The third position and most-read story award goes to

Since almost every web application accesses a database or uses some APIs to communicate with, these credentials must be passed to the application. If this is done using the .env file, the credentials are in plain text in this file. When the web server is misconfigured and this .env file is delivered by the web server, anyone can query this data. To do this, one can visit just a URL with a browser, such as: https://example.com/.env.

The dangerous aspect is that the passwords and secrets are in unencrypted form in the .env file.

Excellent story, @sdcat; you have won $200!

Let’s wrap up the announcement! We will contact the winners shortly. Keep an eye on contests.hackernoon.com to see the current and upcoming writing contests!

L O A D I N G
. . . comments & more!

Adblock test (Why?)


You may be interested in:
>> Is a Chromebook worth replacing a Windows laptop?
>> Find out in detail the outstanding features of Google Pixel 4a
>> Top 7 best earbuds you should not miss

Related Posts:
>> Recognizing 12 Basic Body Shapes To Choose Better Clothes
>>Ranking the 10 most used smart technology devices
>> Top 5+ Best E-readers: Compact & Convenient Pen
Read More
  • Share This:  
  •  Facebook
  •  Twitter
  •  Google+
  •  Stumble
  •  Digg

How I Made Programming Flashcards A Thing

 December 27, 2022     No comments   

Three years ago, one cold evening, I began to think that just programming and occasionally writing about it was not enough for me. I wanted to find an idea for a new project that would combine my two main passions: programming and writing about programming. I've been working as a programmer on a daily basis for sixteen years.

So I wanted something new. But it's hard to find anything new to do. Lots of people run programming blogs, write articles, create courses, write books. I only knew one thing. If I'm going to do something, it has to be unique and give a new perspective on writing applications. Something that builds fascination for programming and attracts people who don't necessarily think about it, but have features that are able to introduce new value to a very square industry. Something like flashcards.

I know what you thought. It is better to write applications on a piece of whitespace in a jute sweatshirt than to use flashcards. This is how I came up with the craziest idea in my life and decided to commercialize it.

This is the story of how I managed the product and optimized the customer experience to occupy the niche of post-apocalyptic sci-fi flashcards for developers that are also a game. A niche that I have occupied before everyone else!

Don't get me wrong, it's great that there are so many ways to learn programming. However, many people get lost in all this. Should I learn through a course, go to a bootcamp or buy a book? What language to learn? Everyone responds differently. If you add to this the authors of texts and courses who pour water instead of writing specifically and clearly, entering the world of programming seems very chaotic and difficult.

That's why I found flashcards attractive, as opposed to the trend that discourages programming. You can fit very little information on a flashcard. However, this is still not interesting enough to reach for the flashcards. That's why I enriched them with sci-fi fantasy illustrations. In this way, they are beautiful and evoke Stoneheart or Magic The Gathering. Just look at this beautiful card:

I also enriched the cards with a game mode. The game mode is tricky because anyone can play Summon The JSON. Up to four players can play with one deck. So you can play with people and trick them into programming. Which, you have to admit, is a great career path.

This is how the idea for Summon The JSON was born, which I have been implementing for four years. I have flashcards for C#, C++, Python, Java, JavaScript, Git, React, PHP, TypeScript and HTML. Take a look at this mashup, aren’t they lovely?

You can of course buy them now on my Shopify store available here: Programming Flashcards.

However, I encourage you to read on because I'm here to tell you how I analyze project data and make decisions. Because you probably also have a cool idea for a project and need help with growth hacking.

Gathering information about your prospects is probably the most important thing if you want to sell stuff and make money. Over these three years I have learned that I don’t know anything about my customers often.

But I think that's great, because that's what this community listening thing is all about. At every stage, starting from the idea, I ask the community of developers for their opinions and ideas.

Very often what I think in my head differs from what others think. Let me give you an example:

Each deck contains five cards that are blank. I wanted customers to be able to supplement them with their own functions and even points and superpowers. However, it turned out that customers did not understand this. Once a customer even wanted to return the cards because she thought there had been an error in the printing house.

I often observe programmers and designers that they treat such cases with pity. Which is completely wrong, because it is the user who knows best how he perceives and experiences the application. Same as flashcards and anything else.

That's why I added a clear description to the cards that explains their meaning. What we imagine about people in our heads has nothing to do with reality. Only feedback verifies it. That's why I love asking for opinions. This is not only a way to improve the product, but also growth marketing. Because people can see that you really care about their opinion. Here is an example of such a card:

Now I'm going to write something controversial. This may prevent me from winning the competition for an article on growth marketing, for which I submitted this article. But I want to be honest with you. I don't think it's a good idea to use stats from the start.

My shop on Shopify gives me information about how many people visited the website, how many added the product to the cart, how many people bought the product. Google Analytics will tell you where your customers come from in aggregate, whether they come back.

The mParticle service, which sponsors this competition, combines data from various sources and, thanks to AI, extracts information from the data that will allow you to improve the customer experience. However, I believe that you should base your decisions on direct input from users in the beginning.

This is especially important when you have a lot of work ahead of you and little motivation. Setting up Shopify, preparing the products took three years in my case. Feedback from live users was something that allowed me to continue working on this project.

I started using statistics and analytics only on the way to verify my hypotheses and check whether the sales process was going well.

For example, thanks to this I know that it is better to offer free shipping instead of having to pay for it directly. Or that it's good to have a lot of payment methods and delivery and production.

What I like about mParticle is that it can tell you what promotion or coupon to create. He can also estimate how much it will increase profits.

An open secret that I discovered not so long ago is that people love promotions and coupons. Professional stores offer them non-stop. Thanks to this, their offer looks fresh, even if they offer the same thing all the time.

For years, I loved looking at all kinds of statistics. I still like it. However, it seems to me that the most important thing in selling is the product.

It is worth improving it, adding new products. Campaigns, analytics, store optimization are the things that draw me in as a programmer. However, sometimes it is worth going back to the products and improving them as well.

If you develop the product yourself after hours, I can tell you right away that you will not be able to deal with everything at once. For example, I spent the last 3 years developing products, learning Blender to create product renders, and creating a shop on Shopify. While supporting sales.

I've only recently started working on analytics, ad campaigns and experience optimization. This is a separate job that will consume my time for the next few months. In such a situation, you want to choose solutions that will save you problems and time. That's why, for example, I chose Shopify, Google Analytics, and other apps. I don't write everything from scratch, although I could.

For growth marketing I recommend you to:

  1. find a niche
  2. gather feedback
  3. share and improve your offering
  4. use technology
  5. allocate time wisely

The final tip is to share your story. I just gave this advice by example, because the beginning of the article shows just that. If you've read this far, it means it worked :)

If you like the article please vote for it, share and like. Cheers!

L O A D I N G
. . . comments & more!

Adblock test (Why?)


You may be interested in:
>> Is a Chromebook worth replacing a Windows laptop?
>> Find out in detail the outstanding features of Google Pixel 4a
>> Top 7 best earbuds you should not miss

Related Posts:
>> Recognizing 12 Basic Body Shapes To Choose Better Clothes
>>Ranking the 10 most used smart technology devices
>> Top 5+ Best E-readers: Compact & Convenient Pen
Read More
  • Share This:  
  •  Facebook
  •  Twitter
  •  Google+
  •  Stumble
  •  Digg

Hackers Using Automated Attack to Exploit Exchange Server and SQL Injection Vulnerabilities

 December 26, 2022     No comments   

Hackers Automated Exchange Server

Recently, cybersecurity analysts at Prodraft’s threat intelligence team detected that the hacker group FIN7 was actively exploiting vulnerabilities in Microsoft Exchange and SQL injection through an automated attack system in an attempt to perform the following illicit activities:-

  • Infiltrate corporate networks in order to steal information.
  • Data theft.
  • Adaptive ransomware attacks based on the financial size of the networks.

For years now, this security organization has closely followed the operations of FIN7. There are a number of details revealed by Prodaft about FIN7’s behind-the-scenes:-

  • The hierarchy at the internal level.
  • Affiliations with a variety of ransomware projects.
  • A new SSH backdoor system.

Attack Modes and Auto-attacking

FIN7 is a Russian-speaking threat group that has been active at least since 2012, and its motivations seem to be financial. 

A number of attacks have been linked to this threat group including:-

  • Attacks on ATMs.
  • The use of teddy bears to conceal malware-carrying USB drives.
  • Hiring pentesters to analyze ransomware attacks by setting up a false cybersecurity firm.
Attack Modes

There is a system for automatic attacks called Checkmarks that has been discovered by Prodaft. So, in this scenario Checkmarks works as a scanner that scans for vulnerabilities that could result in remote code execution or privilege elevation in Microsoft Exchange, including:-

Since June 2021 it’s actively using Checkmarks for finding the corporate networks’ vulnerable endpoints and exploiting them by using PowerShell to drop web shells which enabled FIN7 to gain access to corporate networks.

As part of its attack, FIN7 used multiple exploits, including its own custom code and publicly available Proof Of Concepts, to gain access to the target networks.

There are some other vulnerabilities that can be exploited with the Checkmarks attack platform in addition to the MS Exchange flaws. There is also a SQL injection module that uses SQLMap to scan for potential vulnerabilities on a website that may be exploited.

Following the scanning of over 1.8 million targets with FIN7’s Checkmarks platform, 8,147 companies have already been infiltrated. Here the most interesting thing is that all these companies are mainly based in the United States. 

Communications With the C&C Server

Apart from this, from the retrieved Jabber logs, the security analysts also found extensive evidence that multiple ransomware groups were in communication with FIN7, including:-

  • Darkside
  • REvil
  • LockBit

There is one particular detail that is noteworthy in these logs is that FIN7 is fond of keeping an SSH backdoor on the networks of victims who have been extorted by ransomware, even after paying the demanded ransom. 

While this might be done to sell access to other groups or to test a new attack in the future. As part of FIN7’s arsenal of backdoors, this SSH backdoor is an entirely new sophisticated addition.

As a part of the FIN7 group, Checkmarks is one of the sophisticated platforms that demonstrates just how easy it will be for threat actors to take advantage of public exploits to perform wide-scale attacks that could impact the entire world. 

Further, with the help of this type of platform threat actors are also actively industrializing public exploits.

Secure Web Gateway – Web Filter Rules, Activity Tracking & Malware Protection – Download Free E-Book

Adblock test (Why?)


You may be interested in:
>> Is a Chromebook worth replacing a Windows laptop?
>> Find out in detail the outstanding features of Google Pixel 4a
>> Top 7 best earbuds you should not miss

Related Posts:
>> Recognizing 12 Basic Body Shapes To Choose Better Clothes
>>Ranking the 10 most used smart technology devices
>> Top 5+ Best E-readers: Compact & Convenient Pen
Read More
  • Share This:  
  •  Facebook
  •  Twitter
  •  Google+
  •  Stumble
  •  Digg
Older Posts Home

Copyright © Linchakin | Powered by Blogger
Design by Hardeep Asrani | Blogger Theme by NewBloggerThemes.com | Distributed By Gooyaabi Templates