TechLetters #124 - Generative-AI for ads approaching. Dwell time goes down.
Security
Google to use generative AI to make on-the-fly, dynamic ads. This thing could generate tailored ads on the bidding/auction phase. Making transparency very complex, not mentioning data protection, cybersecurity, disinformation. It's great that elements of risk assessments are being done from the start. Not like the previous time.
Cryptography standards for 2023. "Putting cryptographic primitives together is a lot like putting a jigsaw puzzle together, where all the pieces are cut exactly the same way, but there is only one correct solution". Here.
The EU is mandating "cyber solidarity". Creating (pre-contracted) "EU Cybersecurity Reserve". €1.1 billion thrown at it. It will be possible to give support to third-countries, so like Ukraine. It is interesting whether also in war-time? The regulation is silent in this case, but Ukraine cyberwarfare is present in the explanation accompanying the proposal.
Ongoing disinformation operation targeting Poland/Lithuania/Ukraine. Impressively fast (but reliable!) attribution to Belarusian cyber group UNC1151. Only took one day! Sent to many people via emails, Telegram and SMS. About recruitment to an army group. Information operation targeting Poland/CEE using a pretext of "military recruitment campaign" (which is real).
Dwell time goes down. Median dwell time (days an attacker is present in a victim environment before they are detected) was 16 days in 2022. Still, sometimes it's 1000 days. Decrease in the percentage of intrusions involving ransomware. Also, what happens when an army physically invades a country? "compromise occurred after Russian military units physically accessed the network in early 2022. UNC3762 used this physical access to conduct network reconnaissance, harvest credentials, and move laterally".
In case you feel it's worth it to forward this content further:
If you’d like to share: