WEF The Global Risks Reprot 2024 - 19th Edition.pdf
12.6 MB
WEF The Global Risks Report 2024 - 19th Edition
1. Misinformation and Disinformation
2. Extreme weather events
3. Social Polarisation
4. Cyber insecurity
5. Interstate armed conflict
6. Lack of economic opportunity
7. Inflation
8. Involuntary migration
9. Economic downturn
10. Pollution
@OUPNarith
1. Misinformation and Disinformation
2. Extreme weather events
3. Social Polarisation
4. Cyber insecurity
5. Interstate armed conflict
6. Lack of economic opportunity
7. Inflation
8. Involuntary migration
9. Economic downturn
10. Pollution
@OUPNarith
This media is not supported in your browser
VIEW IN TELEGRAM
The visualization of the MGM Resorts Cyber Attack.
The MGM Resorts Cyber Attack was a complex and sophisticated attack that involved multiple techniques. The attackers employed a series of tactics, starting with scanning LinkedIn to identify MGM employees likely to have privileged access, particularly to Okta, a critical identity management service. Next, they used impersonation techniques to deceive the IT help desk vendor, who believed they were dealing with a privileged MGM user. As a result, the help desk was tricked into resetting Multi-Factor Authentication (MFA) for a privileged user, giving the attackers access to Okta.
With privileged access, the attackers were able to compromise more administrative accounts and move laterally through the MGM network. They gained control over Domain Admins on the domain controllers, implemented org-to-org authentication using inbound federation, and the new Identity Provider (IdP) gained full access to MGM's authorization systems. Through the IdP, the attackers obtained Global Admin rights in Azure.
The attackers also employed an extensive system of encryption and ransomware. Around 100 ESXi servers were encrypted, disrupting critical applications, while critical systems were locked down with ransomware, and files were exfiltrated. The impact of the attack was significant and required an extensive response effort to contain and remediate.
Overall, the MGM Resorts cyber attack was a highly coordinated and sophisticated attack that employed a wide range of techniques to bypass security measures and gain access to sensitive systems. The attack serves as a reminder of the importance of maintaining strong security protocols and staying vigilant against the ever-evolving threat landscape.
Credit: Reco.ai
@OUPNarith
The MGM Resorts Cyber Attack was a complex and sophisticated attack that involved multiple techniques. The attackers employed a series of tactics, starting with scanning LinkedIn to identify MGM employees likely to have privileged access, particularly to Okta, a critical identity management service. Next, they used impersonation techniques to deceive the IT help desk vendor, who believed they were dealing with a privileged MGM user. As a result, the help desk was tricked into resetting Multi-Factor Authentication (MFA) for a privileged user, giving the attackers access to Okta.
With privileged access, the attackers were able to compromise more administrative accounts and move laterally through the MGM network. They gained control over Domain Admins on the domain controllers, implemented org-to-org authentication using inbound federation, and the new Identity Provider (IdP) gained full access to MGM's authorization systems. Through the IdP, the attackers obtained Global Admin rights in Azure.
The attackers also employed an extensive system of encryption and ransomware. Around 100 ESXi servers were encrypted, disrupting critical applications, while critical systems were locked down with ransomware, and files were exfiltrated. The impact of the attack was significant and required an extensive response effort to contain and remediate.
Overall, the MGM Resorts cyber attack was a highly coordinated and sophisticated attack that employed a wide range of techniques to bypass security measures and gain access to sensitive systems. The attack serves as a reminder of the importance of maintaining strong security protocols and staying vigilant against the ever-evolving threat landscape.
Credit: Reco.ai
@OUPNarith
ប្រភេទទាំង ៣ នៃប្រព័ន្ធកុំព្យូទ័រក្លោដ
#Cambodia4point0 #CloudComputing #Cloud #ប្រព័ន្ធកុំព្យូទ័រក្លោដ
@OUPNarith
#Cambodia4point0 #CloudComputing #Cloud #ប្រព័ន្ធកុំព្យូទ័រក្លោដ
@OUPNarith
👍3❤2
Exploring Software Testing Approaches: White-Box vs. Black-Box vs. Grey-Box
In the dynamic realm of software development, quality assurance plays a pivotal role in ensuring robust, reliable applications. Let's delve into three prominent testing approaches and understand how they shape the software testing landscape.
@OUPNarith
In the dynamic realm of software development, quality assurance plays a pivotal role in ensuring robust, reliable applications. Let's delve into three prominent testing approaches and understand how they shape the software testing landscape.
@OUPNarith
👍2
Audio
ទម្លាប់ ៧ យ៉ាងរបស់បុគ្គលដែលមានប្រសិទ្ធភាពខ្ពស់ l សង្ខេប l 7 Habits l
១. ទម្លាប់បុរេសកម្ម
២. ទម្លាប់គិតមុនគូ
៣.ទម្លាប់ធ្វើរឿងសំខាន់មុន
៤. ទម្លាប់គិតឈ្នះ-ឈ្នះ
៥. ទម្លាប់រៀនយល់ពីគេ មុនឲ្យគេយល់ពីយើង
៦. ទម្លាប់សហកម្ម
៧. ទម្លាប់សំលៀងខ្លួនឲ្យកាន់តែល្អ
Source: Author's Own
@OUPNarith
១. ទម្លាប់បុរេសកម្ម
២. ទម្លាប់គិតមុនគូ
៣.ទម្លាប់ធ្វើរឿងសំខាន់មុន
៤. ទម្លាប់គិតឈ្នះ-ឈ្នះ
៥. ទម្លាប់រៀនយល់ពីគេ មុនឲ្យគេយល់ពីយើង
៦. ទម្លាប់សហកម្ម
៧. ទម្លាប់សំលៀងខ្លួនឲ្យកាន់តែល្អ
Source: Author's Own
@OUPNarith
❤12👍4
Chinese state-sponsored hackers are targeting old vulnerabilities in Cisco routers in new attacks apparently aimed at government entities in the US, UK, and Australia, cybersecurity firm SecurityScorecard reports.
As part of the observed attacks, the adversaries exploited CVE-2019-1653 and CVE-2019-1652, two critical-severity bugs in discontinued Cisco small business RV320/325 VPN routers, which have been targeted by Chinese hackers before and are also featured in CISA’s KEV catalog.
https://www-securityweek-com.cdn.ampproject.org/c/s/www.securityweek.com/china-linked-volt-typhoon-hackers-possibly-targeting-australian-uk-governments/amp/
@OUPNarith
As part of the observed attacks, the adversaries exploited CVE-2019-1653 and CVE-2019-1652, two critical-severity bugs in discontinued Cisco small business RV320/325 VPN routers, which have been targeted by Chinese hackers before and are also featured in CISA’s KEV catalog.
https://www-securityweek-com.cdn.ampproject.org/c/s/www.securityweek.com/china-linked-volt-typhoon-hackers-possibly-targeting-australian-uk-governments/amp/
@OUPNarith
❤1
The Ministry of Industry, Science, Technology & Innovation (MISTI) has just released the report on ‘Blockchain Technology Readiness for Cambodia’ with a strategic focus on Cambodia’s adoption of blockchain technology as a key development priority.
In a bold move towards a tech-driven future, the government aims to transform its industrial structure.
The nation plans to shift from labour-intensive industries to a skill-driven economy by 2025, capitalising on regional and global value chains to cultivate interconnected production clusters and bolster domestic industry competitiveness and productivity.
https://www.khmertimeskh.com/501420460/mistis-report-focuses-on-blockchain-adoption-for-cambodias-future-growth/
@OUPNarith
In a bold move towards a tech-driven future, the government aims to transform its industrial structure.
The nation plans to shift from labour-intensive industries to a skill-driven economy by 2025, capitalising on regional and global value chains to cultivate interconnected production clusters and bolster domestic industry competitiveness and productivity.
https://www.khmertimeskh.com/501420460/mistis-report-focuses-on-blockchain-adoption-for-cambodias-future-growth/
@OUPNarith
👍4
This media is not supported in your browser
VIEW IN TELEGRAM
What Elephants Can Teach Us About Human Freedom
Don't allow failure to stop you from achieving the goals you set for yourself. Don't even call it failure like Zig Zigler says “It’s not how far you fall, but how high you bounce that counts.” Stay positive, focused and learn from your experiences to move ahead.
@OUPNarith
Don't allow failure to stop you from achieving the goals you set for yourself. Don't even call it failure like Zig Zigler says “It’s not how far you fall, but how high you bounce that counts.” Stay positive, focused and learn from your experiences to move ahead.
@OUPNarith
❤2👍1
Audio
❤3
Blockchain Adoption Ecosystem
Integration of blockchain technology by businesses for supply chain management, logistics, identity verification, and more. This involves collaboration with blockchain solution providers and consortia.
Based on my experience so far..Blockchain needs 10 Things to succeed -
1. Right Use cases at enterprises and Consortium ( Blockchain is not an immediate solution for all problem statements)
2. Ease Of Development, Test Tools and skills around Blockchain
3. Cost-Effective Deployment and Infrastructure; Today it might be very costly engagement for even small use cases.
4. Future Focused Mindset ( Leadership)
5. Technology Maturity around Scale, Security , Interoperability
6. Developer Community Push
7. Government Support for Large Use cases and Policy
8. Rapid Development and Deployment Platform
9. Community and Developer Involvement
10. Regulatory Environment based on use case types
"Blockchain technology is not just a tool; it's a new way of thinking about trust, transparency, and collaboration in the digital age. Its potential to revolutionize industries and empower individuals is only limited by our imagination and commitment to harnessing its true capabilities." - Prasanna Lohar
@OUPNarith
Integration of blockchain technology by businesses for supply chain management, logistics, identity verification, and more. This involves collaboration with blockchain solution providers and consortia.
Based on my experience so far..Blockchain needs 10 Things to succeed -
1. Right Use cases at enterprises and Consortium ( Blockchain is not an immediate solution for all problem statements)
2. Ease Of Development, Test Tools and skills around Blockchain
3. Cost-Effective Deployment and Infrastructure; Today it might be very costly engagement for even small use cases.
4. Future Focused Mindset ( Leadership)
5. Technology Maturity around Scale, Security , Interoperability
6. Developer Community Push
7. Government Support for Large Use cases and Policy
8. Rapid Development and Deployment Platform
9. Community and Developer Involvement
10. Regulatory Environment based on use case types
"Blockchain technology is not just a tool; it's a new way of thinking about trust, transparency, and collaboration in the digital age. Its potential to revolutionize industries and empower individuals is only limited by our imagination and commitment to harnessing its true capabilities." - Prasanna Lohar
@OUPNarith
❤3👍1
Forwarded from សន្តិសុខសាយប័រ (ISAC-Cambodia)
បទល្មេីសបច្ចេកវិទ្យាថ្មីប្លែកៗ ក្នុងយុគ្គសម័យឌីជីថល
ព័ត៌មានលំអិត
https://secudemy.com/cambodia-cybercrime-in-digital-economy-era/
* JOIN សន្តិសុខបច្ចេកវិទ្យា *
----------------------
Cyber Aware: @OUPNarith
#SecuDemy
#StaySafeOnlineCambodia
#CyberYouthCambodia
#ISACCambodia
#DigitalEconomyKH
ព័ត៌មានលំអិត
https://secudemy.com/cambodia-cybercrime-in-digital-economy-era/
* JOIN សន្តិសុខបច្ចេកវិទ្យា *
----------------------
Cyber Aware: @OUPNarith
#SecuDemy
#StaySafeOnlineCambodia
#CyberYouthCambodia
#ISACCambodia
#DigitalEconomyKH
❤2👍1
ChatGPT Prompting Techniques Unveiled
The secrets of ChatGPT Prompting Techniques, including the dynamic CLEAR (Challenge-Limitation-Effect-Action-Result).
The true magic unfolds when you seamlessly integrate it with PAR, STAR, SWOT, AIDA, and PEAS:
𝗖𝗟𝗘𝗔𝗥 (𝗖𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲-𝗟𝗶𝗺𝗶𝘁𝗮𝘁𝗶𝗼𝗻-𝗘𝗳𝗳𝗲𝗰𝘁-𝗔𝗰𝘁𝗶𝗼𝗻-𝗥𝗲𝘀𝘂𝗹𝘁):
Craft crystal-clear prompts for ChatGPT. Navigate Challenges, explore Limitations, understand Effects, guide Action, and observe Results. Ensure precision in responses with the CLEAR technique.
𝗣𝗔𝗥 (𝗣𝗿𝗼𝗯𝗹𝗲𝗺-𝗔𝗴𝗶𝘁𝗮𝘁𝗲-𝗦𝗼𝗹𝘂𝘁𝗶𝗼𝗻):
Elevate prompts using PAR. Identify Problems, agitate their impact, present Solutions. Guide ChatGPT for comprehensive responses.
𝗦𝗧𝗔𝗥 (𝗦𝗶𝘁𝘂𝗮𝘁𝗶𝗼𝗻-𝗧𝗮𝘀𝗸-𝗔𝗰𝘁𝗶𝗼𝗻-𝗥𝗲𝘀𝘂𝗹𝘁):
Structure prompts with STAR. Break down into Situation, Task, Action, Result for detailed responses.
𝗦𝗪𝗢𝗧 (𝗦𝘁𝗿𝗲𝗻𝗴𝘁𝗵𝘀-𝗪𝗲𝗮𝗸𝗻𝗲𝘀𝘀𝗲𝘀-𝗢𝗽𝗽𝗼𝗿𝘁𝘂𝗻𝗶𝘁𝗶𝗲𝘀-𝗧𝗵𝗿𝗲𝗮𝘁𝘀):
Analyse and strategize with SWOT prompts. Use ChatGPT to assess Strengths, Weaknesses, Opportunities, and Threats.
𝗔𝗜𝗗𝗔 (𝗔𝘁𝘁𝗲𝗻𝘁𝗶𝗼𝗻-𝗜𝗻𝘁𝗲𝗿𝗲𝘀𝘁-𝗗𝗲𝘀𝗶𝗿𝗲-𝗔𝗰𝘁𝗶𝗼𝗻):
Create engaging prompts with AIDA. Capture Attention, spark Interest, generate Desire, prompt Action.
𝗣𝗘𝗔𝗦 (𝗣𝗲𝗿𝗳𝗼𝗿𝗺𝗮𝗻𝗰𝗲 𝗺𝗲𝗮𝘀𝘂𝗿𝗲-𝗘𝗻𝘃𝗶𝗿𝗼𝗻𝗺𝗲𝗻𝘁-𝗔𝗰𝘁𝘂𝗮𝘁𝗼𝗿𝘀-𝗦𝗲𝗻𝘀𝗼𝗿𝘀):
Tailor prompts with the PEAS model. Understand Performance measures, Environment, Actuators, Sensors for varied responses.
@OUPNarith
The secrets of ChatGPT Prompting Techniques, including the dynamic CLEAR (Challenge-Limitation-Effect-Action-Result).
The true magic unfolds when you seamlessly integrate it with PAR, STAR, SWOT, AIDA, and PEAS:
𝗖𝗟𝗘𝗔𝗥 (𝗖𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲-𝗟𝗶𝗺𝗶𝘁𝗮𝘁𝗶𝗼𝗻-𝗘𝗳𝗳𝗲𝗰𝘁-𝗔𝗰𝘁𝗶𝗼𝗻-𝗥𝗲𝘀𝘂𝗹𝘁):
Craft crystal-clear prompts for ChatGPT. Navigate Challenges, explore Limitations, understand Effects, guide Action, and observe Results. Ensure precision in responses with the CLEAR technique.
𝗣𝗔𝗥 (𝗣𝗿𝗼𝗯𝗹𝗲𝗺-𝗔𝗴𝗶𝘁𝗮𝘁𝗲-𝗦𝗼𝗹𝘂𝘁𝗶𝗼𝗻):
Elevate prompts using PAR. Identify Problems, agitate their impact, present Solutions. Guide ChatGPT for comprehensive responses.
𝗦𝗧𝗔𝗥 (𝗦𝗶𝘁𝘂𝗮𝘁𝗶𝗼𝗻-𝗧𝗮𝘀𝗸-𝗔𝗰𝘁𝗶𝗼𝗻-𝗥𝗲𝘀𝘂𝗹𝘁):
Structure prompts with STAR. Break down into Situation, Task, Action, Result for detailed responses.
𝗦𝗪𝗢𝗧 (𝗦𝘁𝗿𝗲𝗻𝗴𝘁𝗵𝘀-𝗪𝗲𝗮𝗸𝗻𝗲𝘀𝘀𝗲𝘀-𝗢𝗽𝗽𝗼𝗿𝘁𝘂𝗻𝗶𝘁𝗶𝗲𝘀-𝗧𝗵𝗿𝗲𝗮𝘁𝘀):
Analyse and strategize with SWOT prompts. Use ChatGPT to assess Strengths, Weaknesses, Opportunities, and Threats.
𝗔𝗜𝗗𝗔 (𝗔𝘁𝘁𝗲𝗻𝘁𝗶𝗼𝗻-𝗜𝗻𝘁𝗲𝗿𝗲𝘀𝘁-𝗗𝗲𝘀𝗶𝗿𝗲-𝗔𝗰𝘁𝗶𝗼𝗻):
Create engaging prompts with AIDA. Capture Attention, spark Interest, generate Desire, prompt Action.
𝗣𝗘𝗔𝗦 (𝗣𝗲𝗿𝗳𝗼𝗿𝗺𝗮𝗻𝗰𝗲 𝗺𝗲𝗮𝘀𝘂𝗿𝗲-𝗘𝗻𝘃𝗶𝗿𝗼𝗻𝗺𝗲𝗻𝘁-𝗔𝗰𝘁𝘂𝗮𝘁𝗼𝗿𝘀-𝗦𝗲𝗻𝘀𝗼𝗿𝘀):
Tailor prompts with the PEAS model. Understand Performance measures, Environment, Actuators, Sensors for varied responses.
@OUPNarith