More stories

  • in

    Cloudflare was the target of a sophisticated phishing attack. Here's why it didn't work

    Image: Getty/gilaxia Cloudflare has detailed what it describes as a “targeted phishing attack” against its staff that was prevented from doing damage because all employees are required to use multi-factor authentication (MFA) in the form of physical security keys in order to access applications.  That meant that even with the correct usernames and passwords, the […] More

  • in

    China calls out US semiconductor bill as anti-competitive

    China’s trade and commerce associations have described the US government’s semiconductor bill as a barrier to global innovation and economic recovery. They further urge business communities to take measures to protect their interests and mitigate the impact of the new bill.Signed into law on Tuesday, the US Chips and Science Act seeks to boost the country’s semiconductor manufacturing industry and pump investment in research and development, science, and technology. It includes $52.7 billion in subsidies and funds aimed at fuelling the domestic manufacturing sector and strengthening the country’s footprint in emerging sectors, such as nanotechnology, quantum computing, and artificial intelligence (AI). Following US President Joe Biden’s signing of the bill this week, various market players have stepped up to announce plans to invest in the local market. According to the Biden administration, these included Micron’s $40 billion funds injection into memory chip manufacturing that was projected to create up to 40,000 jobs and push the US market share of memory chip production to 10%, up from less than 2%, over the next 10 years. Qualcomm and GlobalFoundries also unveiled a new partnership that included plans to invest $4.2 billion in the expansion of GlobalFoundries’ New York chip manufacturing site. Qualcomm said it would boost its domestic semiconductor production by up to 50% over the next five years. In advocating the role of the new bill, the US government said it would help cement the country’s leadership in a technology that was the “foundation of everything”, spanning automobiles, defence systems, and household appliances. “America invented the semiconductor, but today produces about 10% of the world’s supply and none of the most advanced chips. Instead, we rely on East Asia for 75% of global production,” said the White House. “The Chips and Science Act will unlock hundreds of billions more in private sector semiconductor investment across the country, including production essential to national defence and critical sectors.”The new bill also would ensure the US maintained and advanced its scientific and technological edge, the government said. Noting that federal investments in R&D was 2% of the country’s GDP in the mid-1960s, the Biden administration said this figure had dropped to less than 1% in 2020. “Economic growth and prosperity over the last 40 years has clustered in a few regions on the coasts, leaving far too many communities behind,” it said, adding that the Chips and Science Act would “unlock opportunities” in science and technology for those who had been left out.US bill unfair on global competitionChina, however, said the US bill would distort the global chip supply chain and disrupt international trade. The Chinese Ministry of Commerce last month said the Act contained provisions that restricted “normal economic, trade, and investment” activities of Chinese market players. The ministry said it would monitor the implementation of the bill and adopt “strong measures” to protect its legitimate rights and interests. In a joint statement released Wednesday, the China Council for the Promotion of International Trade and China Chamber of International Commerce reiterated the Chinese government’s criticisms, noting that the US bill would hold back global economic recovery and innovation.  The new law served to boost the US’s advantage in the chip market and triggered unfair competition against “any country of concern”, reported state-owned newspaper China Daily. The Chinese trade associations said the bill gave the US government power to force changes in the global semiconductor labour market, specifically, through subsidies and investment tax credits on equipment manufacturing to incentivise companies to build factories in the US. This would have adverse impact on international companies, including those in China and the US, the Chinese associations said. They added that such provisions were not in line with the World Trade Organisation’s “non-discrimination principles” and identified specific countries as key targets, forcing companies to adjust their global development strategies. The trade associations said pushing technologies to be produced in the US would restrict fair participation with international market players. They further urged the global business community to band together and mitigate the impact of the US bill as well as adopt measures when necessary to protect their legitimate rights and interests. In its note on the US Chips and Science Act, consulting firm PwC said subsidies provided under the bill offered a “necessary cushion” for semiconductor companies to plug the talent gap and and diversify their workforce as well as provide opportunities to make changes in digital manufacturing and relevant workforce skills. These potentially could play an integral role in reducing the size and power of chips while increasing performance.However, the funding carried new geographical manufacturing restrictions, PwC said, noting that the US bill prohibited companies from using the subsidies to fund chip manufacturing expansions in China and other countries identified as a potential national security threat.The consulting firm advised companies looking to tap the subsidies to assess their global operations and be mindful of key issues at play, including ensuring their global R&D and manufacturing activities complied with the Act’s geographical restrictions. They also might need to identify new partners in their supply chain, including backend assembly, testing, and device packaging, and determine if it would be more cost-efficient to expand their production capacity in the US, instead of establishing foundry partnerships. PwC said: “The Chips Act may present semiconductor companies with an opportunity, but realising its potential will require a rethinking of global strategy as well as a plan for digital transformation, capital project management, and financial planning. Geopolitical uncertainty, combined with recent dramatic shifts in the market, requires companies to make careful assessments about their place in the semiconductor value chain and how they can improve their position.”RELATED COVERAGE More

  • in

    This company didn't spot the flaw in their network. But three ransomware gangs did

    Hands typing on a laptop keyboard. Image: Getty If you thought being hit by one ransomware attack was bad, try getting hit by three different ransomware gangs at the same time and each one encrypting files, sometimes multiple times over. That’s what happened to one organisation, as detailed by cybersecurity researchers at Sophos, which fell […] More

  • in

    Microsoft's big Patch Tuesday fixes exploited zero-day flaw and 120 more bugs

    Image: Getty Microsoft has released patches for 141 flaws in its August 2022 Patch Tuesday update including two previously undisclosed (zero-day) flaws, of which one is actively being exploited.     The total patch count for the August 2022 Patch Tuesday Update actually includes 20 flaws in Edge that Microsoft had previously released fixes for, leaving 121 flaws […] More

  • in

    Google to add three APAC cloud regions as data demand climbs

    Google has unveiled plans to add another three cloud regions in Asia-Pacific, where it is seeing growing demand for data insights, open infrastructures, and online connectivity. When operational, the new sites in Malaysia, Thailand, and New Zealand will push the number in the region to 11 and 34 globally. The cloud vendor’s Asia-Pacific cloud regions include Singapore, Indonesia, Japan, South Korea, and India, each comprising three zones. The three new regions also will each have three zones to safeguard against service disruptions, and will be supported by Google’s existing interconnect locations in Auckland, Bangkok, as well as Kuala Lumpur and Cyberjaya. These provide direct connections between a customer’s on-premises network and Google’s global cloud network, according to Google Cloud’s Asia-Pacific vice president Karan Bajwa. Timelines for when the three new cloud regions would be ready for operations still were being firmed up, with details to be available in the coming months, Bajwa told ZDNet in an email interview. The cloud vendor also was working to identify specific cities in which the new sites would be located for each of the three markets and would provide more details in the coming months, he added. Asked about the size of Google’s cloud customer base across the three Asia-Pacific markets, he declined to share specific numbers but said its current clientele included Malaysia’s Axiata Group, JB Cocoa, and KPJ Healthcare, New Zealand’s Kami, Trade Me, and Vodafone, and Thailand’s Ananda Development, Krungthai Bank, and Siam Cement Group.He said Google was seeing growing demand in the three markets to extract more insights from data to drive business decisions and for “open and flexible” infrastructures that could adapt to changing business requirements. Organisations also were looking to transform the way their employees connected and collaborated amidst hybrid work environments as well as their engagement with customers. Bajwa noted that cloud adoption was growing across all verticals in the three three Asia-Pacific markets, including sectors such as financial services, retail, manufacturing, and telecommunications where demand was particularly robust. Pointing to organisations’ growing focus to secure their systems and users, he said these businesses needed cloud platforms that  facilitated data sovereignty and provided control over data location and operations to ensure regulatory compliance. He further stressed the need for “shared fate, not shared responsibility”. “Google Cloud operates with a mutually dependent shared-fate model: if our customers are not secure, then we’re collectively not successful,” he said. “It is our responsibility to be active partners in ensuring our customers deploy securely on our platform and not delineators of where our responsibility ends.”To facilitate this, he said the US vendor advocated security best practices for moving to and operating within its cloud environment, which included a command centre to provide visibility of vulnerabilities and tapping machine learning to help security administrators identify potential incidents. When ready, the new cloud regions would run fully on renewable energy on an annual basis, in line with how all its other sites currently operate, Bajwa said. The new sites also would be operated to meet Google’s target of running carbon-free energy by 2030. RELATED COVERAGE More

  • in

    Microsoft Edge adds a new security layer for browsing 'unfamiliar' sites

    Shutterstock Microsoft is adding more security to its Edge browser, which it said will provide an extra layer of protection when browsing the web and visiting “unfamiliar” sites.  Microsoft Edge automatically applies “more conservative” security settings in enhanced security mode on unfamiliar sites. ZDNet Recommends The Enhanced Security Mode gives users an extra protection by […] More

  • in

    How to find out if you are involved in a data breach — and what to do next

    Photon photo/Shutterstock Think you’ve been involved in a data breach? This guide will help you find out where and when, and it lists the steps you should take next. Data breaches are security incidents we now hear about every day. They strike every industry, every sector, every county; victim organizations can be everything from small, […] More

  • in

    Your cybersecurity staff are burned out – and many have thought about quitting

    A man looking tired and stressed out while sitting at his computer. Image: Getty/PeopleImages Cybersecurity staff are feeling burnout and stressed to the extent that many are considering leaving their jobs.  According to research by VMware, 47% of cybersecurity incident responders say they’ve experienced burnout or extreme stress over the past 12 months.   While […] More