Black Hat was last week and Hacker Summer Camp never fails to disappoint. There were some big takeaways from the show, such as Moxie Marlinspike telling DevOps they’re the problem with security as well as a whole host of exploits, like the ones we’ve covered above. However, AI is king in 2024 and we knew everyone was going to be talking about it. This and more on The Rundown.
Apple Podcasts | Spotify | Overcast | Amazon Music | Audio | YouTube
1:13 – IBM Storage Scale using Blue Vela AI supercomputer
IBM needed a bigger, faster, and stronger supercomputer for AI so they turned to the Nvidia SuperPod architecture. The new Blue Vela AI supercomputer significantly expands GPU capacity, using Nvidia H100 GPUs interconnected with InfiniBand and Ethernet. The system leverages IBM Storage Scale appliances to achieve somewhat higher performance than similar setups, with nearly 3 PB of raw storage capacity.
Read More: IBM Storage Scale using Blue Vela AI supercomputer
4:46 – AMD Chips Hit with Sinkclose
Researchers at IOActive have discovered a vulnerability in AMD EPYC and Ryzen processors and it’s a big one. The issue, known as Sinkclose, is found in the part of the CPU that protects System Management Mode. This is simliar to another bypass found in Intel chips back in 2015. According to IOActive, Sinkclose is practically impossible to fix in systems that aren’t configured correctly. one of the potential outcomes for exploitation is a boot kit since attackers can bypass SMM lockouts. AMD has also announced that only chips made since 2020 will be getting a microcode fix, even though some CPUs going back to 2006 could be affected.
Read More: ‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections
8:24 – BMC Uses AI For Mainframe Operations
BMC is using machine learning to help modernize, operate, and explain mainframe systems. Their DevX Code Insights product can analyze and explain legacy COBOL applicaitons, and the broader AMI platform can help explain dependencies and failures.
Read More: BMC Software Presents at Tech Field Day Extra at SHARE KC 2024
12:38 – NIST Finalizes Post-Quantum Cryptography Standards
After 8 years, the National Institute of Standards and Technology (NIST) has finalized their picks for a post-quantum cryptography suite. As we’ve discussed on the Rundown previously, NIST has been working on encryption that is more difficult for quantum computers to defeat. While the candidate names were awesomely named Kyber, Dilithium, and Sphincs, the NIST process has given them boring numbers like FIPS 203 and 204. The standards use a concept known as lattice cryptography, which was rumored to be vulnerable to quantum attacks but survived to be incorporated into the standard.
Read More: NIST Announces Post-Quantum Cryptography Standards
17:00 – RedHat’s OpenShift Gets GenAI
Red Hat has introduced generative AI capabilities for its OpenShift platform, enabling IT teams to manage Kubernetes clusters more efficiently. The new feature, OpenShift Lightspeed, integrates with various large language models to assist users with tasks through a chat interface. This AI-driven approach is expected to reduce the cognitive load on DevOps teams by simplifying operations, making Kubernetes management accessible to a broader range of IT professionals.
Read More: Red Hat Previews Generative AI Capabilities for OpenShift
20:32 – Pliops Kalray Merger Falls Through
DPU maker Pliops has called off their merger with supplier Kalray. In a statement from CEO Ido Bukspan, Pliops says that financial market trends aren’t favorable for a capital-intensive merger at this time. The statement also says that the two management teams are continuing to explore ways to work together. Pliops is in the news because they are adding AI functions to their Extreme Data Processor (XDP) card to help accelerate AI workloads. While announced, the hardware isn’t quite ready yet but demos are expected soon.
Read More: Pliops and Kalray merger is off
23:14 – Announcements and Takeaways from Black Hat
Black Hat was last week and Hacker Summer Camp never fails to disappoint. There were some big takeaways from the show, such as Moxie Marlinspike telling DevOps they’re the problem with security as well as a whole host of exploits, like the ones we’ve covered above. However, AI is king in 2024 and we knew everyone was going to be talking about it.
Read More: MY TAKE: Black Hat USA 2024’s big takeaway – GenAI factors into the quest for digital resiliency
23:48 – HPE Leverages AI for Security
From our own Futurum Group Research Director Ron Westfall, HPE is expanding their security-first networking portfolio with behavioral NDR capabilities.The goal is to use generative AI to identify patterns of behavior and protect resources before they can be exploited.
Read More: Black Hat 2024: HPE Aruba Networking Enlists AI to Fortify Cyber Defenses
28:18 – Copilot Insecure by Design
Zenity decided to show how Copilot was insecure by default and they delivered. In a talk, CTO Michael Bargury showed how the default settings for creating a Copilot bot was riddle with holes. Not only that, but once you use Microsoft’s Copilot studio to build said bot you can get into a system and wreak havoc with it. In full disclosure, Zenity provides security for the bot creation process.
Read More: If you give Copilot the reins, don’t be surprised when it spills your secrets
38:20 – The Weeks Ahead
AI Field Day 5 – September 11 – 12
Edge Field Day 3 – September 18 – 19
Networking Field Day Exclusive with Nokia – September 24
AI Data Infrastructure Field Day 1 – October 2 – 3
Gestalt IT and Tech Field Day are now part of The Futurum Group.
The Gestalt IT Rundown is your look at the IT news of the week. Be sure to subscribe to Gestalt IT on YouTube for even more weekly video content.
