"At home, Maggie is the odd one out. Her parents are preoccupied with the new baby they're expecting, and her younger brothers are twins and always in their own world. Maggie thinks a new puppy is the answer, but when she goes to select one on her birthday, she breaks out in hives and rashes. She's severely allergic to anything with fur! Can Maggie outsmart her allergies and find the perfect pet?." -- Description provided by publisher.

Tenable®, the exposure management company, today released its 2024 Tenable Cloud Risk Report, which examines the critical risks at play in modern cloud environments. Most alarmingly, nearly four in 10 organizations globally are leaving themselves exposed at the highest levels due to the “toxic cloud trilogy” of publicly exposed, critically vulnerable and highly privileged cloud workloads. Each of these misalignments alone introduces risk to cloud data, but the combination of all three drastically elevates the likelihood of exposure access by cyber attackers.

Security gaps caused by misconfigurations, risky entitlements and vulnerabilities combine to dramatically increase cloud risk. The Tenable Cloud Risk Report provides a deep dive into the most pressing cloud security issues observed in the first half of 2024, highlighting areas such as identities and permissions, workloads, storage resources, vulnerabilities, containers and Kubernetes. It also offers mitigation guidance for organizations seeking ways to limit exposures in the cloud.

Publicly exposed and highly privileged cloud data lead to data leaks. Critical vulnerabilities exacerbate the likelihood of incidents. The report reveals that a staggering 38% of organizations have cloud workloads that meet all three of these toxic cloud trilogy criteria, representing a perfect storm of exposure for cyber attackers to target. When bad actors exploit these exposures, incidents commonly include application disruptions, full system takeovers, and DDoS attacks that are often associated with ransomware. Scenarios like these could devastate an organization, with the 2024 average cost of a single data breach approaching $5 million.¹ 

Additional key findings from the report include: 

• 84% of organizations have risky access keys to cloud resources: The majority of organizations (84.2%) possess unused or longstanding access keys with critical or high severity excessive permissions, a significant security gap that poses substantial risk. 
• 23% of cloud identities have critical or high severity excessive permissions: Analysis of Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure reveals that 23% of cloud identities, both human and non-human, have critical or high severity excessive permissions. 
• Critical vulnerabilities persist: Notably, CVE-2024-21626, a severe container escape vulnerability that could lead to the server host compromise, remained unremediated in over 80% of workloads even 40 days after its publishing. 
• 74% of organizations have publicly exposed storage: 74% of organizations have publicly exposed storage assets, including those in which sensitive data resides. This exposure, often due to unnecessary or excessive permissions, has been linked to increased ransomware attacks. 
• 78% of organizations have publicly accessible Kubernetes API servers: Of these, 41% also allow inbound internet access. Additionally, 58% of organizations have cluster-admin role bindings — which means that certain users have unrestricted control over all the Kubernetes environments.

“Our report reveals that an overwhelming number of organizations have access exposures in their cloud workloads of which they may not even be aware,” said Shai Morag, chief product officer, Tenable. “It’s not always about bad actors launching novel attacks. In many instances, misconfigurations and over-privileged access represent the highest risk for cloud data exposures. The good news is, many of these security gaps can be closed easily once they are known and exposed.”

The report reflects findings by the Tenable Cloud Research team based on telemetry from millions of cloud resources across multiple public cloud repositories, analyzed from January 1 through June 30, 2024.

To download the report today, please visit: https://www.tenable.com/cyber-exposure/tenable-cloud-risk-report-2024 

¹ IBM Security Cost of a Data Breach Report 2024

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Ce document présente une analyse des chaînes de valeur agroalimentaires de manioc, de riz, de lait et de poisson le long du corridor économique entre les capitales provinciales de Bukavu (Sud-Kivu) et Kalemie (Tanganyika) situées dans la partie orientale de la République démocratique du Congo (RDC). Les principales données utilisées pour cette étude proviennent d’enquêtes menées en 2021 auprès d’environ 3000 acteurs conomiques familiaux, y compris des agriculteurs, des transformateurs et des intermédiaires, actifs dans une ou plusieurs des quatre filières ciblées.

Enhancing milk quality in Uganda: Challenges and innovations in the dairy value chain

Improving market incentives.

The post Enhancing milk quality in Uganda: Challenges and innovations in the dairy value chain appeared first on IFPRI.

Travel writer and Michigan native Paul Vachon shares his expert perspective on the Great Lakes State, guiding you on a memorable and unique experience.

Event Begins: Wednesday, November 13, 2024 7:00pm
Location: Earl V. Moore Building
Organized By: School of Music, Theatre & Dance

Kristen Pellegrino, recipient of the 2024 Christopher Kendall Award from the SMTD Alumni Board, presents a guest lecture with support from the Department of Music Education.

Many researchers have found connections between (a) developing a strong teacher identity; (b) building connections among themselves, their subject, and their students; and (c) positively affecting student learning and teacher satisfaction/ resilience. I will briefly share how I became interested in studying music teacher identity and my process of reframing how to study it. Then, I will spend most of the session sharing what I have learned about college music education majors’ music teacher identity development, and public-school string teachers’ and music teachers’ experiences, beliefs, teaching practices, and identities.

KRISTEN PELLEGRINO, Professor of Music Education at the University of Texas at San Antonio and Past-President of American String Teachers Association, has 40 scholarly publications. In addition to international and national research journal articles and book chapters, Kristen was co-editor of two Oxford University Press books (2019, 2023). She is currently co-authoring a third book, Conway Publications’ *Journeys of Becoming and Being Music Teachers* (forthcoming, 2025). Pellegrino’s degrees are from the University of Michigan (Ph.D. in music education; M.M. in violin/chamber music performance) and the Eastman School of Music (B.M. in music education; B.M. in violin performance).

Event Begins: Wednesday, November 13, 2024 6:00pm
Location: Electrical Engineering and Computer Science Building
Organized By: Michigan Computer Graphics

At Michigan Computer Graphics (MCG), our goal is to offer all interested campus members a unique platform to explore, learn, discuss, and engage with the various disciplines of computer graphics (CG). You'll have the opportunity to collaborate on exciting projects, develop creative skills, and expand your network within the industry and beyond.

This is MCG's weekly general meeting. Join us for a variety of content and events, including introductory presentations, hands-on projects, and guest speakers!

https://michigancg.org/

Satellite images show devastation in Sudan 1 year since conflict began (ABC News)

"Satellite imagery shows the reduction in green vegetation cover, the increased aridity points to the neglect or destruction of previously irrigated fields” Oliver Kirui told ABC News.

The post Satellite images show devastation in Sudan 1 year since conflict began (ABC News) appeared first on IFPRI.

The mouse multi-organ proteome from infancy to adulthood  Nature.com

Cross-link assisted spatial proteomics to map sub-organelle proteomes and membrane protein topologies  Nature.com

Single-tissue proteomics in Caenorhabditis elegans reveals proteins resident in intestinal lysosome-related organelles  pnas.org

Spatial proteomics of single cells and organelles on tissue slides using filter-aided expansion proteomics  Nature.com

Planet Money's Supply Chain Holiday Extravaganza Did the supply chain wreck your holiday shopping? Planet Money comes to the rescue. | Subscribe to our weekly newsletter here.

Learn more about sponsor message choices: podcastchoices.com/adchoices

NPR Privacy Policy

The term can refer to a double, a ghost, a shadow. But it can mean much more. From our online mirror world, to digital simulators, to the Earth's twin--TED speakers learn from the uncanny second self. Guests include author Naomi Klein, aerospace engineer Karen Willcox, planetary scientist Sarah T. Stewart and psychologist Nancy Segal.

TED Radio Hour+ subscribers now get access to bonus episodes, with more ideas from TED speakers and a behind the scenes look with our producers. A Plus subscription also lets you listen to regular episodes (like this one!) without sponsors. Sign-up at plus.npr.org/ted.

Learn more about sponsor message choices: podcastchoices.com/adchoices

NPR Privacy Policy

World Health Organization Launches Collaborating Centre for Governance, Accountability and Transparency in the Pharmaceutical Sector at University of TorontoToronto, ON – The University of Toronto and the World Health Organization are proud to launch the WHO Collaborating Centre for Governance, Accountability and Transparency for the Pharmaceutical Sector with a policy workshop and celebration at the Leslie […]

Toronto, ON – Organizations and researchers whose work has had an impact on Canadian competitiveness in the areas of science, technology and commerce have been honoured with the third annual awards presented by the Creative Destruction Lab (CDL) at the University of Toronto’s Rotman School of Management. The awards are designed around the primary ingredients in […]

Apple leaders need deep expertise, immersion in details, and collaborative debate.

When Apple was smaller, it may have been reasonable to expect leaders to be experts on pretty much everything going on in their organizations. However, they now need to exercise greater discretion regarding where and how they spend their effort.

When Steve Jobs arrived back at Apple in 1997, he laid off general managers of all business units and combined disparate functional departments into one functional organization.

This is not a side issue: it’s time to adopt a more systematic, coherent approach to D&I.

Recently a discussion centered on organizational empowerment, its relationship to employee self-determination, and the impact on opportunity. The following is a summary of a recent conversation with one of our readers.

An organization should be at least at level 3, Defined Systems Approach, of the Management System Maturity Model to reap the rewards of a culture of excellence.

Industry 4.0, or Technology 4.0, signifies the shift towards automation, data exchange, and advanced technologies like AI and IoT in manufacturing and beyond. Its value lies in aligning with organizational goals and strategic plans and enhancing employee efficiency, offering a comprehensive approach to modernizing operations across the board.

In today's tech-driven world, companies use software to collect data, but the analysis can be flawed. Charts with only specification limits, arbitrarily chosen warning and action limits, and misused Process Behavior Charts contribute to misinterpretation.

Lugano by Kerry Hallam is a(n) Limited Edition. The Edition is Limited to pcs

Flores de la Elegancia by Lee Bogle is a(n) Limited Edition. The Edition is Limited to Limited Edition of 250 pcs

Splendid Elegance by Brian Davis is a(n) Limited Edition. The Edition is Limited to 5 pcs

Michigan’s share of the federal Home Efficiency Rebates funding totals nearly $211 million.

A living wall biofilter is an active filter system that removes contaminants and volatile organic compounds (VOCs) from indoor air.

Hunter Industrial, a division of the Hunter Fan Company, has donated and installed two HVLS fans to DCI Logistics.

This Michigan home is proof that even when achieving high-level green building standards, more can be done to improve sustainability.

Throughout March, voters will help the staff at Peterman Brothers select four charity partner organizations for 2023.

In this episode Eberhard Wolff speaks with Jürgen Höller, the co-found of the Spring framework. Spring is a tremendously successful Java framework so they discuss the design of large frameworks and the issues that arise in the evolution. Jürgen explains the management of dependencies in the framework, how to structure such a framework, how to offer compatibility for the existing user base while evolving the framework and the role of metrics during development.

This time we have John Wiegand on the mic for an episode on architectures and agile software development. We talk about the role of architectures in an agile world and why architectures change and need to change over time. We discuss the characteristics of those living architectures, using the Eclipse and the Jazz projects as examples, and the surrounding development methods for such environments.

Johannes Thönes talks with Erich Gamma, Ralph Johnson and Richard Helm from the Gang of Four about the 20th anniversary of their book Design Patterns. They discuss the following topics: the definition of a design pattern and each guest’s favorite design pattern; the origins of the book in architecture workshops; the writing of the book […]

Morgan Wilde talks with SE Radio’s Jeff Meyerson about the LLVM compiler toolchain. They begin with a discussion of how a compiler works and how compiled code executes against different processor architectures. Using the JVM as a model for interoperability, they move on to how LLVM is a system that optimizes an intermediate representation (IR), which is similar to the Java bytecode: every programming language that compiles down to IR can leverage the same optimizations of that IR. The conversation concludes with a discussion of applications of LLVM and the future of the ecosystem.

Travis Kimmel and Kevin Goldsmith discuss the correspondence between organizational design and software architecture. Their conversation covers: what Conway’s Law is; Kevin’s experiences in different organizational structures (e.g., Avvo, Spotify, Adobe, and Microsoft) and how those structures influenced the software architecture; what the “Reverse Conway Maneuver” is and how organizations can leverage it; how organizations can evolve existing architectures.

Travis Kimmel talks with Lara Hogan and Deepa Subramaniam about evidence-based tactics that product and engineering leaders can use to can use to diagnose problems that are holding back their teams, and build healthier, high-performing organizations.

Randy Shoup talks with SE-Radio’s Travis Kimmel about how to scale technology and organizations together, so that an organization can move faster as they grow (and not slow down). Their discussion covers how to effectively scale culture, process...

Host Kanchan Shringi speaks with Venky Naganathan,Sr. Director of Engineering at Conga specializing in Artificial Intelligence and Chatbots about the Conversational UI paradigm for Enterprise Apps as well as the enablers and business use cases suited...

Randy Shoup of eBay discusses the evolution of eBay's tech stack. SE Radio host Jeremy Jung speaks with Shoup about eBay's origins as a single C++ class with an Oracle database, a five-year migration to multiple Java services, sharing a database...

Ganesh Datta, CTO and cofounder of Cortex, joins SE Radio's Priyanka Raghavan to discuss site reliability engineering (SRE) vs DevOps. They examine the similarities and differences and how to use the two approaches together to build better software...

William Morgan, founder of the Linkerd service mesh and CEO of Bouyant, joins SE Radio’s Robert Blumen for a discussion of sidecars, service mesh, and a forthcoming enhancement to kubernetes to support sidecars natively. The conversation explores the origin of sidecars, sidecars and service mesh, and migrating service mesh to kubernetes. They take a deep dive into some aspects of running service mesh on kubernetes, the difficulties in running a sidecar container in a pod, and Kubernetes Enhancement Proposal (KEP) 753, which is intended to provide better native support for sidecar containers. William also gives some thoughts on the continuing relevance of service mesh.

Han Yuan, an accomplished Chief Product and Technology Officer, joins host Priyanka Raghavan to discuss reorganizations. The conversation starts with a broad discussion of reorganizations and reasons that companies choose to undertake them. They then consider organizational behavior and topics such as Conway's law and the theory of constraints. Han offers some advice on key steps to take when planning for a reorg, including how software teams could organize themselves based on technology, frameworks, or user journeys. The episode ends with some discussion of metrics and lessons learned. Brought to you by IEEE Computer Society and IEEE Software magazine.

Sage Regenerative Kitchen’s executive chef explains why she added meat to the menu—and why she believes so deeply in regenerative farming.

How will Donald Trump’s re-election impact the Gaza genocide? And did Kamala Harris fail to win over Arab American votes?

Despite conservative efforts to criminalize medication abortion using the 1873 Comstock Act, organizers continue to expand access to this necessary health care.

A journalist takes us inside UAW’s “Stand Up” strike strategy, an innovative spin-off of 1930’s era “sit down” strikes.

Online resource suitable for English, Media and PSHEE at KS3 and KS4 encouraging personal and critical reflection on characters, relationships and ideas.