Home Blog Page 130

Pearson appoints Dave Treat as Chief Technology Officer

Naushad K. Cherrayil
-
0
Pearson appoints Dave Treat as Chief Technology Officer
  • Treat joins Pearson from Accenture where he most recently served as a Senior Managing Director.

Pearson, the world’s lifelong learning company, has appointed Dave Treat as Chief Technology Officer. Dave will report to CEO Omar Abbosh.

Working in close partnership with Pearson’s Chief Product and Chief Information Officers, Treat will lead technology innovation and architecture across the company, including enhancing the company’s presence in the AI and tech community, driving strategic technology partnerships, and engaging with emerging technology and ed tech start-ups.

Treat brings 27 years of expertise and industry leadership in technology, financial services, and strategic business transformation. He joins Pearson from Accenture where he most recently served as a Senior Managing Director.

There he led Accenture’s Innovation Incubation Group, focused on helping clients implement new technologies like Generative AI, Digital Identity, Spatial Computing, Blockchain, Web 3, and Quantum Computing.

Growing opportunity

Treat also served in other Accenture leadership roles including as Global Technology Lead for Capital Markets, Co-chair of the New York Fintech Innovation Lab, Global Technology Incubation Lead and Global Blockchain Practice Lead.

Prior to Accenture, Dave was a Director at Deloitte and an Executive Director at UBS Investment Bank, working across technology innovation and transformation in both roles.

Omar Abbosh, Pearson CEO said: “Dave is an established expert and leader in the technology community. With AI moving at breathtaking speed, his experience will help us seize the growing opportunity in the learning space. As we increase the intensity of our technology efforts, Dave will be a critical member of the team working to ensure we lead on innovation for our customers.”

Dave Treat said: “Coming from a family of educators and with my own background in education, I’m excited to combine my love of learning with my expertise in the tech space. Human experience is defined by how we learn, what we know, and how we apply knowledge. Now, it’s all up for reinvention. I’ve dedicated my career to the development and application of innovative technologies and I’m looking forward to doing that in service of education and learning.”

G42 releases 70b parameter LLM for Arabic NLP

TCN Bureau
-
0
G42 releases 70b parameter LLM for Arabic NLP
  • JAIS 70B, built on Llama2 model, leverages an existing English knowledge base to create a more efficient and sustainable solution.
  • Developed by Inception, the extensive suite of AI models sets a new benchmark in Arabic text processing and reasoning to empower the next generation of AI solutions. 

Inception, a G42 company specialising in advanced AI solutions, has released JAIS 70B, a 70 billion parametre large language model (LLM) designed specifically for Arabic natural language processing (NLP).

The release signifies a significant step forward in democratising access to AI for Arabic-speaking communities.

JAIS 70B boasts  Arabic-English bilingual capabilities for the open-source community. Trained on a massive dataset of 370 billion tokens, including 330 billion Arabic tokens, it surpasses previous models in its ability to handle complex tasks and datasets. The model’s development utilized continuous training techniques, fine-tuning a pre-trained model for optimal performance.

Inception has also launched a comprehensive suite of 20 JAIS foundation and fine-tuned models, ranging from 590 million to 70 billion parameters. These models are tailored for various applications, including chat, and offer diverse sizes to cater to both individual and enterprise needs.

The extensive release addresses a critical gap in the Arabic NLP landscape, providing developers with tools ranging from small, compute-efficient models for targeted applications to advanced models for enterprise-grade precision.

“JAIS 70B reinforces our commitment to delivering the highest quality AI foundation model for Arabic speaking nations,” Dr. Andrew Jackson, CEO of Inception, said.

“We are excited to extend our expertise in training and adapting models to other underserved languages.”

Building upon the Llama2 model, JAIS 70B leverages an existing English knowledge base to create a more efficient and sustainable solution. According to Inception, the model’s design significantly reduces the computational complexity and environmental impact associated with training from scratch.

With JAIS 70B, Inception continues to push the boundaries of Arabic-centric AI, providing a powerful tool for developers and researchers to advance NLP applications and empower Arabic-speaking communities.

Alphabet halves stake in Crowdstrike before global outage

Mohammed Fahad
-
0
Alphabet halves stake in Crowdstrike before global outage
  • Timing of Alphabet’s decision, coupled with the subsequent fallout from the outage, has fueled speculation and raised critical questions about the future of CrowdStrike and the broader cybersecurity landscape.
  • Investors are re-evaluating their security strategies and expressing concerns about the potential risks associated with complex software entrusted to large companies.

The legal challenge adds another layer of complexity to the company’s already strained situation.

Amidst the recent outage, Google-parent Alphabet has drawn attention for its decision to significantly reduce its stake in CrowdStrike, a move that has been interpreted by many as a sign of waning confidence in the company.

According to a regulatory filing on Friday, Alphabet cut its holdings in CrowdStrike to 427,895 Class A shares, down from 855,789 shares, as of June 30th.

The divestment occurred well before the July 19th outage, which crippled computer systems globally across various sectors, from healthcare and banking to aviation. The timing of Alphabet’s decision, coupled with the subsequent fallout from the outage, has fueled speculation and raised critical questions about the future of CrowdStrike and the broader cybersecurity landscape.

The outage has had a profound impact on CrowdStrike’s stock price, with shares plummeting nearly 35 per cent since the incident.

Investors, grappling with the repercussions of the disruption, are re-evaluating their security strategies and expressing concerns about the potential risks associated with complex software entrusted to large companies.

The global nature of the outage has also ignited regulatory scrutiny, prompting a debate on the safety and security implications of having critical software in the hands of a single entity.

Further exacerbating the situation, CrowdStrike has been hit with a shareholder lawsuit alleging misleading and false assurances about its software, directly contributing to the global outage. The legal challenge adds another layer of complexity to the company’s already strained situation.

The lawsuit underscores the growing pressure on tech companies to be transparent about their products and services, especially when they are critical to the functioning of essential infrastructure.

The outage has also had tangible financial consequences for affected businesses. Delta CEO, for example, reported a staggering $500 million loss due to the disruption and has taken the unusual step of hiring a law firm to pursue compensation from Microsoft and CrowdStrike.

The move signals a shift in the landscape, where companies are increasingly seeking recourse for financial damages caused by software failures, regardless of the source.

The decision by Alphabet to reduce its CrowdStrike stake before the outage has been widely interpreted as a strategic move, although the exact reasons remain unclear. It is possible that the company identified potential risks within CrowdStrike’s operations or detected a shift in its long-term investment strategy. R

egardless of the reasoning, the timing of the divestment has fueled speculation about Alphabet’s confidence in CrowdStrike’s future.

The  event serves as a critical reminder of the interconnected nature of modern technological infrastructure and the potential for significant disruption caused by even minor software glitches.

The ripple effect of the CrowdStrike outage, reaching far beyond the tech industry, has forced a re-evaluation of cybersecurity practices and the crucial need for robust resilience measures.

As companies navigate this evolving landscape, it is essential to prioritize transparency, accountability, and the development of safeguards to mitigate risks and ensure the stability of critical systems.

Related Posts:

Ola garners only 35% IPO subscription on first day

Ana Mary Joseph
-
0
Ola garners only 35% IPO subscription on first day
  • Retail portion of the IPO was subscribed 1.57 times, the non-institutional investor category saw a tepid 20% subscription, and qualified institutional bidders (QIBs) showed little interest.
  • The current market sentiment is cautious due to global economic uncertainties and rising interest rates.

Ola Electric Mobility, the leading electric two-wheeler company in India, has encountered a muted response from investors in its initial public offering (IPO).

The Rs6,145 crore issue, the largest since LIC’s IPO in May 2022, has garnered only 35 per cent subscription on the first day, indicating a degree of investor hesitancy despite the company’s ambitious growth plans.

The IPO, open for subscription from August 2nd to August 6th, comprises a fresh issue of equity shares worth Rs5,500 crore and an offer for sale (OFS) of 8.49 crore equity shares worth Rs645.56 crore by promoters and investors.

This includes a significant 3.8 crore share sell-off by Ola Electric founder Bhavish Aggarwal. While the retail portion of the IPO was subscribed 1.57 times, the non-institutional investor category saw a tepid 20 per cent subscription, and qualified institutional bidders (QIBs) showed little interest.

Subdued response

The subdued response, despite the company’s strong brand recognition and the promise of growth in the electric vehicle market, can be attributed to several factors. The current market sentiment is cautious due to global economic uncertainties and rising interest rates.

Additionally, concerns over Ola’s profitability and its dependence on subsidies for growth have likely contributed to investor hesitancy.

While the company aims to utilise the proceeds for capacity expansion, research and development, and debt repayment, these plans are not yet translating into demonstrable financial stability, prompting investors to exercise caution.

However, the IPO’s success hinges on attracting substantial participation from institutional investors, a segment that has displayed significant disinterest.

Lack of strong bids from QIBs

The lack of strong bids from QIBs underscores the potential for a lower-than-expected final subscription rate. Hyundai Motor Company’s  $99 million investment, representing a 2.95 per cent stake, offers some reassurance regarding the company’s future prospects, but it remains to be seen whether this will be sufficient to sway larger institutional players.

Ola’s IPO is a crucial milestone in the company’s journey, as it seeks to solidify its position as a leader in the nascent electric vehicle market.

However, the initial lukewarm response from investors highlights the importance of building a robust business model that can navigate the challenges of a volatile market.

The company needs to demonstrate a clear path to profitability, reduce its reliance on subsidies, and effectively address investor concerns regarding its financial performance.

The next few days will be critical for Ola Electric Mobility as it seeks to attract enough subscriptions to ensure a successful IPO.

The company’s ability to overcome the current investor hesitancy and secure the necessary capital will determine its future trajectory and its ability to capitalise on the growing potential of the electric vehicle market.

Hackers abuse Cloudfare Tunnels to deliver malware

Naushad K. Cherrayil
-
0
Hackers abuse Cloudfare Tunnels to deliver malware
  • Some campaigns deliver multiple malware payloads, with different Python scripts leading to the installation of distinct malicious software.
  • Campaigns’ success hinges on effective social engineering tactics, using lures that often mimic legitimate business-related communications, such as invoices, document requests, or package deliveries.

A recent trend observed by cybersecurity firm Proofpoint highlights the increasing exploitation of Cloudflare Tunnels, specifically the “TryCloudflare” feature, for malware distribution.

The exploitation of Cloudflare Tunnels emerged in February 2024, with a marked surge in activity between May and July. The trend is particularly alarming due to the use of TryCloudflare, which enables attackers to establish temporary, one-time tunnels without needing to create an account.

This allows them to leverage the platform’s global network infrastructure for malicious purposes, effectively concealing their activities and establishing ephemeral command and control (C&C) channels.

The most prevalent malware delivered through these Cloudflare-based campaigns has been Xworm, a remote access Trojan (RAT) that grants attackers full control over compromised systems. The attack chain typically involves social engineering tactics, often employing phishing emails that entice users to open attachments or click on links.

Use of Python scripts

These attachments may be internet shortcut files (.URL), which, upon execution, connect to an external file share, typically via WebDAV, to download LNK or VBS files.

These files, in turn, execute BAT or CMD files responsible for downloading a Python installer package and associated scripts, ultimately leading to the installation of Xworm.

The use of Python scripts is significant in this context. By packaging Python libraries and an executable installer alongside the scripts, attackers ensure the malware can be downloaded and executed on systems that do not have Python pre-installed.

This approach further facilitates the distribution of malware to a wider range of victims, as it bypasses the requirement of specific software pre-installation.

However, the threat actors responsible for these campaigns are not limited to Xworm delivery. They have also been observed deploying other malicious payloads, including AsyncRAT, VenomRAT, GuLoader, and Remcos, in previous campaigns.

Notably, some campaigns deliver multiple malware payloads, with different Python scripts leading to the installation of distinct malicious software. This versatility underlines the adaptability and sophistication of these actors.

Obfuscation techniques

To further evade detection, the threat actors have implemented various techniques, such as obfuscating their scripts and leveraging the “search-ms” protocol handler to retrieve files from WebDAV shares.

While initial campaigns exhibited minimal obfuscation and often included descriptive comments within their scripts, the actors have since incorporated obfuscation techniques, making the analysis and identification of malicious code more challenging.

In recent months Proofpoint has observed campaigns delivering Java-based malware that bundle a JAR and the Java Runtime Environment (JRE) inside a ZIP to ensure the correct software is installed before executing the downloader or dropper. 

The use of Cloudflare Tunnels presents a significant challenge for traditional security measures. The ephemeral nature of the tunnels and the dynamic generation of subdomains within the “trycloudflare.com” domain make it difficult for security solutions relying on static blocklists or signatures to effectively detect and mitigate these attacks.

Adopt a proactive approach

The sheer volume of these campaigns, affecting thousands of organisations globally across various languages, further underscores the scale of the threat.

The campaigns’ success hinges on effective social engineering tactics, using lures that often mimic legitimate business-related communications, such as invoices, document requests, or package deliveries.

In response to this evolving threat, organisations must adopt a proactive approach to security.

  • Restrict the use of Python: Limit access to Python to individuals whose job functions require it. This mitigates the risk of unintentional malware installation through Python packages.
  • Implement robust email security solutions: Organizations should invest in advanced email security solutions that can detect and block phishing emails and malicious attachments.
  • Educate users: User education and awareness programs are crucial to prevent social engineering attacks. Users should be trained to identify suspicious emails and attachments.
  • Monitor network traffic: Implement network monitoring solutions that can detect unusual traffic patterns and suspicious connections to Cloudflare domains.
  • Adopt a layered security approach: Utilize a combination of security controls, including endpoint protection, network segmentation, and threat intelligence, to create a multi-layered defense against malware attacks.

Related Posts:

Traffic pole defeats “indestructible” Cybertruck

Ana Mary Joseph
-
0
Traffic pole defeats “indestructible” Cybertruck
  • Crumple zone strategy sacrifices overall structural integrity, leading to significant damage in the event of a collision.

The internet, particularly platforms like TikTok and X, has become a breeding ground for viral content, and the recent crash of a Tesla Cybertruck in Savannah, Georgia, has sparked a heated debate about the vehicle’s claimed durability.

The incident, captured in a video that went viral, shows a Cybertruck, after a collision with a traffic light pole, lying in a heap, its front end seemingly crushed like a tin can.

The stark contrast to Tesla CEO Elon Musk’s pronouncements of the Cybertruck’s “indestructible” and “apocalypse-proof” nature has led to a flurry of discussions, questioning the veracity of these claims.

Crumble zone

The video, uploaded by TikTok user ‘PilotJennie,’ shows a Cybertruck in an undeniably sorry state. The front end, where the vehicle appears to have taken the brunt of the impact, is severely damaged, with the hood crumpled, the front wheel almost detached, and what appears to be debris strewn around the vehicle.

The seemingly stark lack of structural integrity sparked a wave of online commentary, with users questioning the supposed strength of the Cybertruck.

The initial reaction, fuelled by the dramatic visuals, pointed to a lack of crumple zones – a common feature in vehicles designed to absorb impact and protect occupants in a crash.

The sentiment was echoed by Samer Hamdar, a professor of Civil and Environmental Engineering at George Washington University, who previously expressed concerns about the Cybertruck’s lack of crumple zones.

However, a closer look at the damage and the subsequent online discussions revealed a more nuanced story.

Structural integrity

It turns out that the Cybertruck does, in fact, have a crumple zone, but its design and function differ from traditional crumple zones.

As explained by a user on X, the Cybertruck’s crumple zone is designed to “break into small pieces” during a high-speed collision, effectively absorbing and dispersing energy to minimise impact on the occupants.

The video itself provided evidence of this design feature, with small pieces of the Cybertruck’s underbody casting visible around the crash site.

The explanation, while seemingly counterintuitive, highlights a potential limitation of the Cybertruck’s design.

While effective in protecting occupants, the crumple zone strategy sacrifices overall structural integrity, leading to significant damage in the event of a collision.

The trade-off between passenger safety and vehicle durability is a complex one, and the Cybertruck’s approach, while seemingly effective in protecting occupants, raises concerns about the vehicle’s ability to withstand significant impact.

Beyond this specific incident, the Cybertruck’s performance in other scenarios has also been called into question.

Reports of a Cybertruck getting stuck in a river while attempting to utilise its “Wade Mode” and another being damaged after rolling down a steep hill raise concerns about the vehicle’s off-road capabilities.

Even though these instances might be isolated cases, they contribute to the growing narrative of the Cybertruck being more vulnerable than advertised.

It is important to note that the Cybertruck has also shown its potential in specific situations. A report of a Cybertruck successfully protecting its cargo from animal theft demonstrates its inherent strength and resilience in certain scenarios.

However, this single success story does not erase the growing concerns regarding the Cybertruck’s durability and its ability to withstand significant impacts.

1...129130131...273Page 130 of 273