AEWIN provides a series of performant Network Appliances and Edge Server powered by single AMD Zen 4c EPYC 8004 processor codenamed Siena. The latest AMD Siena CPU is produced with 5 nm manufacturing technology to have up to 64 cores (extreme density of 2CCX/CCD) and 225 W TDP with lower energy consumption compared to EPYC SP5. Siena SP6 CPU has the best performance per watt and is with the support of rich I/O and CXL 1.1.

SCB-1945 (1U) and SCB-1947A (2U) are two performant Network Appliances supporting 12x DDR5 sockets and 4x/8x PCIe Gen 5 slots for AEWIN self-design NICs with 1G to 100G copper/fiber interfaces (with/without bypass function) or other accelerators and NVMe SSDs. Both models provide the flexibility to change 2x front panel PCIe slots to 1x PCIe x16 slot for installing off-the-shelf add-on card for additional functions required. It can support 400G NIC card installed such as NVIDIA Mellanox PCIe 5.0 NIC.

Nations have long invested in domestic infrastructure to advance their economies, control their own data and take advantage of technology opportunities in areas such as transportation, communications, commerce, entertainment and healthcare. AI, the most important technology of our time, is turbocharging innovation across every facet of society. It's expected to generate trillions of dollars in economic dividends and productivity gains. Countries are investing in sovereign AI to develop and harness such benefits on their own. Sovereign AI refers to a nation's capabilities to produce artificial intelligence using its own infrastructure, data, workforce and business networks.

Why Sovereign AI Is Important
The global imperative for nations to invest in sovereign AI capabilities has grown since the rise of generative AI, which is reshaping markets, challenging governance models, inspiring new industries and transforming others—from gaming to biopharma. It's also rewriting the nature of work, as people in many fields start using AI-powered "copilots." Sovereign AI encompasses both physical and data infrastructures. The latter includes sovereign foundation models, such as large language models, developed by local teams and trained on local datasets to promote inclusiveness with specific dialects, cultures and practices. For example, speech AI models can help preserve, promote and revitalize indigenous languages. And LLMs aren't just for teaching AIs human languages, but for writing software code, protecting consumers from financial fraud, teaching robots physical skills and much more.

We have provided an update on the nation-state attack that was detected by the Microsoft Security Team on January 12, 2024. As we shared, on January 19, the security team detected this attack on our corporate email systems and immediately activated our response process. The Microsoft Threat Intelligence investigation identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as NOBELIUM. As we said at that time, our investigation was ongoing, and we would provide additional details as appropriate.

In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company's source code repositories and internal systems. To date we have found no evidence that Microsoft-hosted customer-facing systems have been compromised. It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found. Some of these secrets were shared between customers and Microsoft in email, and as we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures. Midnight Blizzard has increased the volume of some aspects of the attack, such as password sprays, by as much as 10-fold in February, compared to the already large volume we saw in January 2024.

IBM has announced the official opening of the new IBM X-Force Cyber Range in Washington, DC. The range includes new custom training exercises specifically designed to help U.S. federal agencies, their suppliers and critical infrastructure organizations more effectively respond to persistent and disruptive cyberattacks, and threats posed by AI. The state-of-the-art facility is designed to help everyone from legal and mission-critical leaders, to the C-Suite and technical security leaders prepare for a real-world cyber incident. According to IBM's 2023 Cost of a Data Breach report the global average cost of a data breach reached $4.45 million, with the US facing the highest breach costs across all regions. Organizations that formed an incident response (IR) team and tested their IR plan experienced faster incident response times and lower costs than organizations that did neither. In fact, the report found that high levels of IR planning and testing saved industry and government nearly $1.5 million in breach costs and 54 days from the data breach lifecycle.

"From national security threats to supply chain disruptions impacting the goods and services we rely on every day, cyberattacks on government and critical infrastructure can have ramifications that go far beyond the balance sheet," said Alice Fakir, Partner, Lead of Cybersecurity Services, US Federal Market for IBM Consulting. "The elite and highly customizable cyber response training we provide at our new DC range helps organizations and federal agencies better defend against existing and emerging threats, and also addresses federal mandates like those in the Biden Administration's Executive Order 14028 focused on improving the nation's cybersecurity."

Every country needs to own the production of their own intelligence, NVIDIA founder and CEO Jensen Huang told attendees Monday at the World Governments Summit in Dubai. Huang, who spoke as part of a fireside chat with the UAE's Minister of AI, His Excellency Omar Al Olama, described sovereign AI—which emphasizes a country's ownership over its data and the intelligence it produces—as an enormous opportunity for the world's leaders. "It codifies your culture, your society's intelligence, your common sense, your history - you own your own data," Huang told Al Olama during their conversation, a highlight of an event attended by more than 4,000 delegates from 150 countries.

"We completely subscribe to that vision," Al Olama said. "That's why the UAE is moving aggressively on creating large language models and mobilizing compute." Huang's appearance in the UAE comes as the Gulf State is moving rapidly to transform itself from an energy powerhouse into a global information technology hub. Dubai is the latest stop for Huang in a global tour that has included meetings with leaders in Canada, France, India, Japan, Malaysia, Singapore and Vietnam over the past six months. The Middle East is poised to reap significant benefits from AI, with PwC projecting a $320 billion boost to the region's economy by 2030.

IBM has announced IBM LinuxONE 4 Express, extending the latest performance, security and AI capabilities of LinuxONE to small and medium sized businesses and within new data center environments. The pre-configured rack mount system is designed to offer cost savings and to remove client guess work when spinning up workloads quickly and getting started with the platform to address new and traditional use cases such as digital assets, medical imaging with AI, and workload consolidation.

Building an integrated hybrid cloud strategy for today and years to come
As businesses move their products and services online quickly, oftentimes, they are left with a hybrid cloud environment created by default, with siloed stacks that are not conducive to alignment across businesses or the introduction of AI. In a recent IBM IBV survey, 84% of executives asked acknowledged their enterprise struggles in eliminating silo-to-silo handoffs. And 78% of responding executives said that an inadequate operating model impedes successful adoption of their multicloud platform. With the pressure to accelerate and scale the impact of data and AI across the enterprise - and improve business outcomes - another approach that organizations can take is to more carefully identify which workloads should be on-premises vs in the cloud.

In collaboration with Microsoft, Durabook today announced the availability of Windows 11 Secured-core PCs for its mobile rugged computing portfolio. The Durabook S15 Rugged Laptop and U11 Rugged Tablet with advanced Windows 11 security are immediately available to protect sensitive data for professionals on the move.

Mobile, Rugged, Secure for a Perilous World
Executives, military officers, and other professionals who work in potentially hazardous environments are often responsible for highly sensitive data such as financial information, classified intelligence, and intellectual property. They are also often on the road where their computing devices are exposed to abundant cybersecurity threats, including malware and firmware attacks. These attacks are in addition to the physical perils such as being dropped, exposed to dust and potentially combustible fine particulate in the air, extreme temperatures, high humidity and water intrusion.

IQM Quantum Computers (IQM), a global leader in building quantum computers, today announced a collaboration with NVIDIA to advance future hybrid quantum applications through NVIDIA CUDA Quantum, an open-source platform for integrating and programming quantum processing units in one system. As part of this collaboration, users of IQM's quantum processing units across enterprises and research institutions can program and develop the next generation of hybrid quantum-classical applications with NVIDIA CUDA Quantum.

The collaboration aims to accelerate the development and utilization of quantum computing in various applications, fostering innovation, collaboration, and potential breakthroughs in science and industry. Leading institutions, such as CSC - IT Centre for Science and the VTT Technical Research Centre of Finland, plan to utilise CUDA Quantum on VTT's 5-qubit quantum computer developed in co-innovation partnership by IQM and VTT.

Hardware cybersecurity pioneer and industrial NAND storage specialist, Flexxon, today announced the launch of its latest security product, Xsign. Now available globally, the Xsign provides enhanced security through an innovative approach to unlocking sensitive data reserved only for authorized personnel.

With the use of the Xsign hardware security key, organisations will be provided with a tailored software platform that syncs only with the Xsign key, thereby granting access to pre-defined users. Beyond its function as a security key, the Xsign also operates as a traditional storage card, equipped with Flexxon's industry leading reliability and performance. Key beneficiaries of the solution include industries that handle personal and sensitive data like the healthcare, finance, and government and defense sectors.

Fault-tolerant quantum computers that offer radical new solutions to some of the world's most pressing problems in medicine, finance and the environment, as well as facilitating a truly widespread use of AI, are driving global interest in quantum technologies. Yet the various timetables that have been established for achieving this paradigm require major breakthroughs and innovations to remain achievable, and none is more pressing than the move from merely physical qubits to those that are fault-tolerant.

In one of the first meaningful steps along this path, scientists from Quantinuum, the world's largest integrated quantum computing company, along with collaborators, have demonstrated the first fault-tolerant method using three logically-encoded qubits on the Quantinuum H1 quantum computer, Powered by Honeywell, to perform a mathematical procedure.

Earlier today Logitech International was invited and honored to participate in the US National Label for Consumer IoT Security launch at the White House in Washington DC. The event, sponsored by the National Security Council, was led by chairwoman of the FCC, Jessica Rosenworcel, and included members of both organizations, as well as other leading tech companies focused on and making strides in product security for consumers.

Logitech is an active contributor in industry efforts to integrate security into the core standards that its products use. Through its participation in the Product Security Working Group (PSWG) and Matter Working Group within the Connectivity Standards Alliance (CSA), the company continues to work with others in the industry to write and certify the standards by which next generation products will operate.

Today, U.S. Deputy National Security Advisor Anne Neuberger, Chairwoman of the Federal Communications Commission (FCC) Jessica Rosenworcel, and Laurie Locascio, Director of the National Institute of Standards and Technology (NIST) unveiled the U.S. national IoT security label at the White House.

Infineon Technologies AG supports this action to address the growing need for IoT security. The new label supports the IoT security requirements under NISTIR 8425, which resulted from an Executive Order to improve the nation's cybersecurity. This label will recognize products that meet these requirements by permitting them to display a U.S. government label and be listed in a registry indicating that these products meet U.S. cybersecurity standards.

MSI suffered a massive data breach at the start of April and the Taiwanese electronics company promptly alerted its customers about the cyberattack on its "information systems." A few days later it emerged that a relatively young ransomware group "Money Message" was behind the hacking effort - these cybercriminals stated that they had infiltrated MSI's internal network. Gang members proceeded to acquire sensitive company files, database information and source code. At the time, Money Message demanded that MSI pay them a ransom of $4 million, with the added threat of stolen data getting leaked to the general public on the internet (in the event of MSI failing to pay up).

Money Message has this week claimed that MSI has refused to meet their demands - as a result, an upload of stolen data started on Thursday with files appearing on the group's own website, and spreading to the dark web soon after. Binarly, a cybersecurity firm, has since analyzed the leaked files and discovered the presence of many private code signing keys within the breached data dump. Alex Matrosov, Binarly's CEO states via Twitter: "Recently, MSI USA announced a significant data breach. The data has now been made public, revealing a vast number of private keys that could affect numerous devices. FW Image Signing Keys: 57 products (and) Intel Boot Guard BPM/KM Keys: 166 products." Binary has provided a list of affected MSI devices (gaming laptops & mobile workstations) on their GitHub page.

Microsoft's Window Defender engineering team has finally found the time to address a long term bug within its anti-malware software - relating to performance issues with Mozilla's Firefox web browser. User feedback stretching back to five years ago indicates extremely sluggish web surfing experiences, caused by a Windows "Anti-malware Service Executable" occupying significant chunks of CPU utilization (more than 30%). The combination of Firefox and Windows Defender running in parallel would guarantee a butting of (software) heads - up until last week's bug fix. A Microsoft issued update has reduced the "MsMpEng.exe" Defender component's CPU usage by a maximum of 75%.

Microsoft and Mozilla developers have collaborated on addressing the disharmonious relationship between Defender and Firefox. A plucky member of the latter's softwareengineering team has been very transparent about the sluggish browser experience. Yannis Juglaret has provided a string of project updates via Mozilla's Bugzilla tracking system - one of his latest entries provide details about the fix: "You may read online that Defender was making too many calls to VirtualProtect, and that global CPU usage will now go down by 75% when browsing with Firefox. This is absolutely wrong! The impact of this fix is that on all computers that rely on Microsoft Defender's Real-time Protection feature (which is enabled by default in Windows), MsMpEng.exe will consume much less CPU than before when monitoring the dynamic behavior of any program through Event Tracing for Windows (ETW). Nothing less, nothing more."

MSI has issued a warning to its customers after the company detected it has suffered from a cyberattack on its "information systems". Although it's not clear exactly what was attacked, the company has detected what it calls anomalies on its network and has since kicked in "relevant defense mechanisms" which among other things included reporting the incident to local law enforcement agencies and cybersecurity units.

MSI states that the company has been gradually restoring its systems back to normal operations and that the attack has had negligible impact on its business. However, MSI is warning its customers not to download MSI BIOS/UEFI/firmware updates or drivers from any other source than MSI's official website, or any of its software. Although MSI doesn't state if whoever performed the attack might have gotten hold of any of its software, this seems to suggest such things and it's clear that MSI is worried that there might be software appearing in the near future that will be compromised in one way or another.

IBM today unveiled new single frame and rack mount configurations of IBM z16 and IBM LinuxONE 4, expanding their capabilities to a broader range of data center environments. Based on IBM's Telum processor, the new options are designed with sustainability in mind for highly efficient data centers, helping clients adapt to a digitized economy and ongoing global uncertainty.

Introduced in April 2022, the IBM z16 multi frame has helped transform industries with real-time AI inferencing at scale and quantum-safe cryptography. IBM LinuxONE Emperor 4, launched in September 2022, features capabilities that can reduce both energy consumption and data center floor space while delivering the scale, performance and security that clients need. The new single frame and rack mount configurations expand client infrastructure choices and help bring these benefits to data center environments where space, sustainability and standardization are paramount.

Microsoft Corp. on Tuesday announced it is bringing the next generation of AI to cybersecurity with the launch of Microsoft Security Copilot, giving defenders a much-needed tool to quickly detect and respond to threats and better understand the threat landscape overall. Security Copilot will combine Microsoft's vast threat intelligence footprint with industry-leading expertise to augment the work of security professionals through an easy-to-use AI assistant.

"Today the odds remain stacked against cybersecurity professionals. Too often, they fight an asymmetric battle against relentless and sophisticated attackers," said Vasu Jakkal, corporate vice president, Microsoft Security. "With Security Copilot, we are shifting the balance of power into our favor. Security Copilot is the first and only generative AI security product enabling defenders to move at the speed and scale of AI."

DFI, the global leader in embedded motherboards and industrial computers, has stepped into the electric vehicle (EV) market in recent years. Alongside VicOne, the automotive cybersecurity expert and the subsidiary of Trend Micro, they will demonstrate technologies related to vehicle software security application that enable more comprehensive network security protection for smart cities.

This year, to demonstrate the AI computing and vehicle-to-everything technology used in Connected Vehicles and Smart Poles, DFI has built an actual smart traffic intersection at the venue with road side units (RSU), digital signage, intelligent edge computers, onboard units (OBU), in-vehicle AI computers, and driver HMIs.

A pair of new vulnerabilities has been found in the TPM 2.0 library by cybersecurity company Quarkslab, that has security experts worried, as both of the flaws have potential far reaching implications. The two vulnerabilities go under the CVE identifiers of CVE-2023-1017 and CVE-2023-1018, where the first one allows for out-of-bounds writes, whereas the second one enables out-of-bounds reads, also known as buffer overflow vulnerabilities. This in itself might not sound particularly concerning, but as both can be triggered from user-mode applications, they're a pretty big deal, as it would enable malicious commands to be sent to a TPM 2.0 module, which could in turn enable malicious software to be installed on the device with the TPM 2.0 module.

According to Quarkslab, billions of devices could be affected, as TPM 2.0 authentication modules are used in everything from servers to IoT devices and has been the main hardware-based crypto solution for almost a decade by now. The attacker using the vulnerabilities would have to know what they're doing to be able to take advantage of these two flaws in TPM 2.0, but as it relies on the TPM command interface, there's no easy way to protect against an attack, if someone has gained user access to the system in question. The Trusted Computing Group (TCG) which is in charge of the TPM standard, has already issued an errata which includes instructions on how to address the two vulnerabilities and we're like to see updates from all major hardware vendors as they see fit.

Fortinet, the global cybersecurity leader driving the convergence of networking and security, today announced FortiSP5, the latest breakthrough in ASIC technology from Fortinet, propelling major leaps forward in securing distributed network edges. Building on over 20 years of ASIC investment and innovation from Fortinet, FortiSP5 delivers significant secure computing power advantages over traditional CPU and network ASICs, lower cost and power consumption, the ability to enable new secure infrastructure across branch, campus, 5G, edge compute, operational technologies, and more.

"With the introduction of FortiSP5, Fortinet once again sets new industry records for performance, cost, and energy efficiency. As the only cybersecurity vendor leveraging purpose-built ASICs, an over 20-year investment in innovation, Fortinet delivers the secure computing power that will support the next generation of secure infrastructure." Ken Xie, Founder, Chairman of the Board, and Chief Executive Officer at Fortinet

The UEFI Secure Boot feature is designed to prevent malicious code from executing during the system boot process, and has been a cybersecurity staple since the late-2000s, when software support was introduced with Windows 8. Dawid Potocki, a New Zealand-based IT student and cybersecurity researcher, discovered that as many as 300 motherboard models by MSI have a faulty Secure Boot implementation with certain versions of their UEFI firmware, which allows just about any boot image to load. This is, however, localized to only certain UEFI firmware versions, that are released as beta versions.

Potocki stumbled upon this when he found that his PRO Z790-A WiFi motherboard failed to verify the cryptographic signature boot-time binaries at the time of system boot. "I have found that my firmware was… accepting every OS image I gave it, no matter if it was trusted or not." He then began examining other motherboard models, and discovered close to 300 MSI motherboard models with a broken Secure Boot implementation. He clarified that MSI laptops aren't affected, and only their desktop motherboards are. Potocki says that affected MSI motherboards have an "always execute" policy set for Secure Boot, which makes the mechanism worthless, and theorized a possible reason. "I suspect this is because they probably knew that Microsoft wouldn't approve of it and/or that they get less tickets about Secure Boot causing issues for their users."

BBT.live, the Tel Aviv-based startup that has developed an all-in-one, tech-agnostic, software-defined connectivity solution, has announced a new technology innovation powered by NVIDIA. As a result, BBT.live, the software-defined connectivity platform, will run on NVIDIA BlueField data processing units (DPUs) to unlock the benefits of cloud-based connectivity solutions to businesses at every scale.

Modern workloads are experiencing an ever-growing need for network efficiency, privacy, and security. Businesses and enterprises that depend on solutions require additional hardware and integration, which introduces additional complexity and points of failure. BBT.live's proprietary technology, recognized by the Israel Innovation Authority, is device agnostic. It integrates with a variety of different hardware platforms (uCPE) without the need for time-consuming customization.

After a thorough investigation and verification process, QNAP Systems, Inc. (QNAP) today addressed vulnerability CVE-2021-36260 of Hikvision cameras and provides the following recommendations to QVR Pro and QVR Elite users who may be potentially affected. According to the security advisory by Hikvision, if these cameras are installed in the same LAN network, and this network cannot be accessed externally, attackers will NOT be able to exploit this vulnerability.

Although this vulnerability does not directly influence QNAP surveillance products, it is highly recommended to update the firmware of the cameras listed in the advisory to reduce the possibility of being exposed to potential risks. These risks include, but is not limited to, failure to record from cameras that stop working, or receiving forged data from cameras.

Intel improves software reliability by building silicon enhancements realized through logic inside the processor. Today, the company described a new technique to complement existing software mitigations for fault injection attacks. Tunable Replica Circuit (TRC) - Fault Injection Protection uses hardware-based sensors to explicitly detect circuit-based timing failures that occur as the result of an attack. TRC is first delivered in the 12th Gen Intel Core processor family. It adds fault injection detection technology to the Intel Converged Security and Management Engine (Intel CSME), where it is designed to detect non-invasive physical glitch attacks on the pins supplying clock and voltage. TRC is also designed to detect electromagnetic fault injections.

"Software protections have hardened with virtualization, stack canaries and code authentication before execution," said Daniel Nemiroff, senior principal engineer at Intel. "This has driven malicious actors to turn their attention to physically attacking computing platforms. A favorite tool of these attackers is fault injection attacks via glitching voltage, clock pins and electromagnetic radiation that cause circuit timing faults and may allow execution of malicious instructions and potential exfiltration of secrets."

Even as the Russo-Ukrainian war continues grassing with no end in sight, Microsoft has warned that Russia is increasing its cyberwarfare-based attacks against Ukraine and the countries that have vowed to support it against external aggressions. The Redmond-based company says that Russia is increasing the rate and complexity of its attacks not only on government agencies, but also on supporting infrastructures such as think thanks, telecommunications, energy, and defense companies. Even humanitarian groups, which have been tirelessly providing Ukraine's population with the resources needed for bare survival, have been in the sights of the former Soviet Union.

All in all, Microsoft has registered attacks 102 organizations from as many as 42 countries. Microsoft's numbers place around 60% of the attacks against NATO members - with the US being one of the favorite targets. Poland too has been particularly affected, being one of the distribution centers for provisions - and a hub for refugees to leave the embattled country. Despite that, Microsoft says only around 29% of the attacks have been successful - likely a testament to both Russia's technological difficulties and the overall reinforced networks and cybersecurity defenses of NATO countries. Even so, resources spent fighting Russia's attacks have an opportunity cost - they can't be spent elsewhere.