8.6 C
New York
Thursday, March 20, 2025
Home Blog Page 16

iOS BGProcessingTask File AWS S3 Add Limits

codesanitize
-
0
iOS BGProcessingTask File AWS S3 Add Limits


I’ve BGProcessingTask & BGAppRefreshTask working effective. The principle objective of my use of BGProcessingTask is to add a file to AWS S3 utilizing multipart/form-data. I’ve discovered that any file above about 2.5MB instances out after operating nearly 4 minutes. If I run the identical RESTful api utilizing curl or Postman, I can add a 25MB file in 3 seconds or much less.

I’ve tried to intentionally set .earliestBeginDate to 01:00 or 02:00 native time on the iPhone, however that doesn’t appear to assist.

I exploit the delegate (sure, I’m writing in Goal C) – URLSession:job:didSendBodyData:totalBytesSent:totalBytesExpectedToSend: and discover that the iOS system uploads about 140kB each 15 seconds or so.

I’m on the lookout for suggestions or perception into how I would allow uploads of 25MB recordsdata. I’d be comfortable it I might do only one a day for my use case.

I present code on how I arrange the NSURLSession and NSURLSessionDownloadTask, as it’s my guess that if there’s something that must be modified it’s there.
I’ve to imagine there’s a resolution for this since I learn in lots of posts right here and in Apple Developer how builders are utilizing this performance for importing many, many recordsdata.

NSURLSessionConfiguration *sConf            =   [NSURLSessionConfiguration backgroundSessionConfigurationWithIdentifier:bkto.taskIdentifier];
    sConf.URLCache                          =   [NSURLCache sharedURLCache];
    sConf.waitsForConnectivity              =   YES;
    sConf.allowsCellularAccess              =   NO;
    sConf.networkServiceType                =   NSURLNetworkServiceTypeVideot;
    sConf.multipathServiceType              =   NSURLSessionMultipathServiceTypeNone;
    sConf.discretionary                     =   YES;
    sConf.timeoutIntervalForResource        =   kONEHOURINTERVAL;
    sConf.timeoutIntervalForRequest         =   kONEMINUTEINTERVAL;
    sConf.allowsExpensiveNetworkAccess      =   NO ;
    sConf.allowsConstrainedNetworkAccess    =   NO;
    sConf.sessionSendsLaunchEvents          =   YES;
    myURLSession = [NSURLSession sessionWithConfiguration:sConf delegate:self delegateQueue:nil];

and later

NSMutableURLRequest *request        =   [NSMutableURLRequest requestWithURL:[NSURL URLWithString:pth]];
    request.HTTPMethod              =   kHTTPPOST;
    request.HTTPBody                =   [NSData my body data];
    request.timeoutInterval         =   60;                                                                             
    [request setValue:@"*/*" forHTTPHeaderField:@"Accept"];
    [request setValue:@"en-us,en" forHTTPHeaderField:@"Accept-Language"];
    [request setValue:@"gzip, deflate, br" forHTTPHeaderField:@"Accept-Encoding"];
    [request setValue:@"ISO-8859-1,utf-8" forHTTPHeaderField:@"Accept-Charset"];
    [request setValue:@"600" forHTTPHeaderField:@"Keep-Alive"];                                                                 
    [request setValue:@"keep-alive" forHTTPHeaderField:@"Connection"];
    NSString *contType              =   [NSString stringWithFormat:@"multipart/form-data; boundary=%@",bnd];
    [request setValue:contType forHTTPHeaderField:@"Content-Type"];
    [request addValue:[NSString stringWithFormat:@"%lu",(unsigned long)myData.length] forHTTPHeaderField:@"Content material-Size"];

    NSURLSessionDownloadTask *downloadTask          =   [myURLSession downloadTaskWithRequest:request];
    downloadTask.countOfBytesClientExpectsToSend    =   bd.size + 500;
    downloadTask.countOfBytesClientExpectsToReceive =   5000;
    NSLog(@"%s: downloadTask = %@,  time  %@",__FUNCTION__,downloadTask,[NSDate date]);
    [downloadTask resume];

and listed here are logs exhibiting the rare uploads of small information chunks:

-[BKSessionManager URLSession:task:didSendBodyData:totalBytesSent:totalBytesExpectedToSend:]: job = BackgroundDownloadTask <76A81A80-4703-4686-8742-A0048EB65108>.<2>, time  Fri Mar  7 16:25:21 2025
-[BKSessionManager URLSession:task:didSendBodyData:totalBytesSent:totalBytesExpectedToSend:]: bytesSent = 393,216
-[BKSessionManager URLSession:task:didSendBodyData:totalBytesSent:totalBytesExpectedToSend:]: totalBytesSent = 393,216
-[BKSessionManager URLSession:task:didSendBodyData:totalBytesSent:totalBytesExpectedToSend:]: job = BackgroundDownloadTask <76A81A80-4703-4686-8742-A0048EB65108>.<2>, time  Fri Mar  7 16:25:27 2025
-[BKSessionManager URLSession:task:didSendBodyData:totalBytesSent:totalBytesExpectedToSend:]: bytesSent = 131,072
-[BKSessionManager URLSession:task:didSendBodyData:totalBytesSent:totalBytesExpectedToSend:]: totalBytesSent = 524,288
-[BKSessionManager URLSession:task:didSendBodyData:totalBytesSent:totalBytesExpectedToSend:]: job = BackgroundDownloadTask <76A81A80-4703-4686-8742-A0048EB65108>.<2>, time  Fri Mar  7 16:25:42 2025
-[BKSessionManager URLSession:task:didSendBodyData:totalBytesSent:totalBytesExpectedToSend:]: bytesSent = 131,072
-[BKSessionManager URLSession:task:didSendBodyData:totalBytesSent:totalBytesExpectedToSend:]: totalBytesSent = 655,360
-[BKSessionManager URLSession:task:didSendBodyData:totalBytesSent:totalBytesExpectedToSend:]: job = BackgroundDownloadTask <76A81A80-4703-4686-8742-A0048EB65108>.<2>, time  Fri Mar  7 16:25:56 2025
-[BKSessionManager URLSession:task:didSendBodyData:totalBytesSent:totalBytesExpectedToSend:]: bytesSent = 131,072
-[BKSessionManager URLSession:task:didSendBodyData:totalBytesSent:totalBytesExpectedToSend:]: totalBytesSent = 786,432

5 Id Risk Detection & Response Should-Haves for Tremendous SaaS Safety

codesanitize
-
0
5 Id Risk Detection & Response Should-Haves for Tremendous SaaS Safety


Mar 19, 2025The Hacker InformationSaaS Safety / Risk Detection

5 Id Risk Detection & Response Should-Haves for Tremendous SaaS Safety

Id-based assaults are on the rise. Attackers are focusing on identities with compromised credentials, hijacked authentication strategies, and misused privileges. Whereas many risk detection options concentrate on cloud, endpoint, and community threats, they overlook the distinctive dangers posed by SaaS identification ecosystems. This blind spot is wreaking havoc on closely SaaS-reliant organizations large and small.

The query is, what can safety groups do about it?

Haven’t any concern, as a result of Id Risk Detection and Response (ITDR) is right here to save lots of the day. It is important to have the visibility and response mechanisms to cease assaults earlier than they turn out to be breaches.

Here is the tremendous lineup that each crew must cease SaaS identification threats.

The Hacker News

#1 Full protection: cowl each angle

Like Cap’s defend, this protection ought to cowl each angle. Conventional risk detection instruments similar to XDRs and EDRs fail to cowl SaaS purposes and go away organizations susceptible. SaaS identification risk detection and response (ITDR) protection ought to embrace:

  • ITDR ought to lengthen past conventional cloud, community, IoT, and endpoint safety to incorporate SaaS purposes like Microsoft 365, Salesforce, Jira, and Github.
  • Seamless integrations with IdPs like Okta, Azure AD, and Google Workspace to verify no logins slip by way of the cracks.
  • Deep forensic investigation of occasions and audit logs for an in depth report of logging and historic evaluation of all identity-related incidents.

#2 Id-centric: let nobody slip by way of the threads

Spidey’s internet ensnares enemies earlier than they strike, and nobody slips by way of the threads. When safety occasions are solely listed in chronological order, irregular exercise by a single identification can go undetected. It is essential to verify your ITDR detects and correlates threats in an identity-centric timeline.

What identity-centric in ITDR means:

  • You’ll be able to see the whole assault story by one identification throughout your complete SaaS atmosphere, mapping lateral actions from infiltration to exfiltration.
  • Authentication occasions, privilege modifications, and entry anomalies are structured into assault chains.
  • Consumer and Entity Conduct Analytics (UEBA) are leveraged to determine deviations from regular identification exercise so you do not have to hunt by way of occasions to search out the suspicious ones.
  • Each human and non-human identities like service accounts, API keys, and OAuth tokens are constantly monitored and flagged for irregular exercise.
  • Uncommon privilege escalations or lateral motion makes an attempt inside your SaaS environments are detected so you’ll be able to examine and reply quickly.

#3 Risk intelligence: detect the undetectable

Professor X can see every part with Cerebro, and full ITDR ought to have the ability to detect the undetectable. ITDR risk intelligence ought to:

  • Classify any darknet exercise for straightforward investigation by safety groups.
  • Embrace IP geolocation and IP privateness (VPNs) for context.
  • Enrich risk detection with Indicators of Compromise (IoCs) like compromised credentials, malicious IPs, and different suspicious markers.
  • Map assault phases utilizing frameworks like MITRE ATT&CK to assist determine identification compromise and lateral motion.

#4 Prioritization: concentrate on the true threats

Alert fatigue is actual. Daredevil’s heightened senses enable him to filter by way of overwhelming noise, detect hidden risks, and concentrate on the true threats—identical to ITDR prioritization cuts by way of alert fatigue and highlights essential dangers. SaaS ITDR risk prioritization ought to embrace:

  • Dynamic threat scoring in real-time to scale back false positives and spotlight essentially the most essential threats.
  • A whole incident timeline that connects identification occasions right into a cohesive assault story, turning scattered alerts into high-fidelity, actionable alerts.
  • Clear alert context with affected identities, impacted purposes, assault stage within the MITRE ATT&CK framework, and key occasion particulars like failed logins, privilege escalation, and behavioral anomalies.

#5 Integrations: Be unstoppable

Identical to the Avengers mix their powers to be unstoppable, an efficient SaaS ITDR ought to have integrations for automated workflows, making the crew extra environment friendly and lowering heavy lifting. ITDR integrations ought to embrace:

  • SIEM & SOAR for automated workflows.
  • Step-by-step mitigation playbooks and coverage enforcement guides for each software and each stage of the MITRE ATT&CK framework

#6 Posture administration: Leverage the dynamic duo (BONUS TIP!)

Black Widow and Hawkeye are a dynamic duo, and a complete ITDR depends on SaaS Safety Posture Administration (SSPM) to reduce the assault floor as the primary layer of safety. A complimentary SSPM ought to embrace:

  • Deep visibility into all SaaS purposes, together with Shadow IT, app-to-app integrations, person permissions, roles, and entry ranges.
  • Misconfiguration & coverage drift detection, aligned to the SCuBA framework by CISA, to determine misconfigured authentication insurance policies like lack of MFA, weak password insurance policies, and extreme role-based permissions to make sure insurance policies are persistently enforced
  • Dormant and orphaned account detection to flag inactive, unused, or orphaned accounts that pose a threat.
  • Monitoring of person lifecycle occasions to stop unauthorized entry.

With nice energy comes nice accountability

This lineup of must-haves totally equips organizations to face any SaaS identity-based risk that comes their method. Not all heroes put on capes… some simply have unstoppable ITDR.

Be taught extra about Wing Safety’s SaaS identification risk detection and response right here.

Discovered this text attention-grabbing? This text is a contributed piece from certainly one of our valued companions. Comply with us on Twitter and LinkedIn to learn extra unique content material we publish.



Adobe Introduces 10 Objective-Constructed AI Brokers for Buyer Expertise

codesanitize
-
0
Adobe Introduces 10 Objective-Constructed AI Brokers for Buyer Expertise


Adobe launched Expertise Platform Agent Orchestrator and introduced new enterprise capabilities for Adobe Categorical at its annual Adobe Summit convention in Las Vegas on Tuesday. The brand new choices intention to assist companies orchestrate AI brokers for buyer experiences and streamline content material creation processes amid rising calls for for personalised engagement.

The bulletins mark Adobe’s strategic shift from Buyer Expertise Administration (CXM) to AI-enabled Buyer Expertise Orchestration (CXO), reflecting how advertising and marketing, creativity and AI are converging to reinforce capabilities for companies. This comes as an Adobe survey discovered 89% of enterprises count on content material demand to at the very least double this 12 months, with half anticipating it to triple or extra, creating challenges for advertising and marketing groups with restricted assets.

Powering Objective-Constructed AI Brokers

The brand new Adobe Expertise Platform Agent Orchestrator supplies the information basis for companies to construct, handle and orchestrate purpose-built AI brokers that may interact instantly with clients and assist work throughout Adobe functions and third-party ecosystems.

“With over one trillion experiences per 12 months now being activated by Adobe Expertise Platform, Adobe Expertise Platform Agent Orchestrator is rooted in a deep, semantic understanding of enterprise information, content material and buyer journeys,” in keeping with the corporate announcement.

Adobe unveiled 10 purpose-built AI brokers, together with:

  • Account qualification agent for evaluating B2B gross sales alternatives
  • Viewers agent for analyzing cross-channel engagement information to create optimized viewers segments
  • Content material manufacturing agent for producing and assembling content material based mostly on model tips
  • Information insights agent for deriving insights from indicators throughout a corporation
  • Information engineering agent for high-volume information administration duties
  • Experimentation agent for hypothesizing and simulating new personalization concepts
  • Journey agent for orchestrating cross-channel experiences
  • Product advisor agent for supporting model engagement by personalised product discovery
  • Web site optimization agent for robotically detecting and fixing web site points
  • Workflow optimization agent for monitoring mission well being and streamlining approvals

The corporate additionally launched Adobe Model Concierge, described as “the primary brand-centric agent” that represents the evolution from transactional chatbots to richer agent experiences. This new utility, constructed on AEP Agent Orchestrator, permits companies to configure AI brokers that information shoppers from exploration to buy choices utilizing personalised, conversational experiences throughout textual content, voice or photographs.

Adobe studies a 1,200% improve in site visitors to U.S. retail websites from generative AI sources between July 2024 and February 2025, indicating rising shopper curiosity in AI-guided buy help.

The Agent Orchestrator ecosystem contains partnerships with Acxiom, Amazon Internet Companies, SAP, Genesys, IBM, Microsoft, RainFocus, SAP, and Workday, in addition to expanded company relationships with Accenture, Deloitte Digital, EY and IBM.

Adobe’s purpose-built AI brokers (Adobe)

Adobe Categorical Will get Enterprise-Stage Enhancements

Adobe additionally introduced new enterprise capabilities coming to Adobe Categorical this summer time, addressing what the corporate calls “content material chaos” – the place distributed advertising and marketing, social, gross sales, HR and different groups flip to unauthorized functions on account of restricted assets.

“Whether or not it is a regional marketer charged with localizing and launching a full marketing campaign or a gross sales rep who must customise a deck for a next-day assembly, Adobe Categorical helps enterprise professionals create high-quality content material and offers model and expertise stewards peace of thoughts,” stated Govind Balakrishnan, SVP and Basic Supervisor, Adobe Categorical.

The brand new capabilities embody:

  • Adobe Workfront integration for unified assessment and approval workflows
  • Native evaluations and approval processes inside Adobe Categorical
  • Personalized house pages guaranteeing quick access to branded templates
  • One-click model set-up that robotically extracts and organizes model logos, colours and fonts

Sakura Martin, World Head of Model & Design at Dentsu, which makes use of Adobe Categorical throughout roughly 120 markets, acknowledged: “Adobe Categorical is filling a crucial hole for our distributed advertising and marketing groups, enabling them to leverage branded templates from our inventive studio to localize. This enables them to activate social content material, newsletters, posters, and digital advertising and marketing property 70% quicker than earlier than whereas liberating up 20% extra time for our inventive group to deal with strategic work.”

Adobe Categorical is now built-in into Adobe GenStudio for Efficiency Advertising and marketing, Firefly Artistic Manufacturing, Adobe Journey Optimizer, Marketo Interact, and Adobe Acrobat. The platform’s add-on market has quadrupled within the final 12 months to incorporate over 225 instruments, with new platform partnerships together with Miro, Raksul, One Profession and Field, becoming a member of present companions like Slack, Google, ChatGPT, Hubspot, Webflow and Wix.

Further Enhancements Throughout Adobe’s Portfolio

Adobe introduced a number of different product enhancements on the Summit, together with:

  • Journey Optimizer Experimentation Accelerator to assist groups determine high-impact alternatives and pinpoint profitable methods
  • Expertise Supervisor Websites Optimizer for bettering net site visitors acquisition by automated situation analysis
  • GenStudio Basis offering a unified interface for Adobe’s content material provide chain options
  • Updates to GenStudio for Efficiency Advertising and marketing, together with asset creation for ads served by Microsoft Promoting Platform and Google Marketing campaign Supervisor 360, and expanded collaboration with LinkedIn Adverts for B2B use circumstances

The brand new Adobe Categorical enterprise capabilities will probably be obtainable this summer time, whereas the opposite introduced merchandise and options are usually obtainable now as a part of Adobe’s Expertise Platform.

Hackers Exploit Azure App Proxy Pre-Authentication to Entry Personal Networks

codesanitize
-
0
Hackers Exploit Azure App Proxy Pre-Authentication to Entry Personal Networks


Hackers are exploiting a vulnerability in Microsoft’s Azure App Proxy by manipulating the pre-authentication settings to realize unauthorized entry to personal networks.

The Azure App Proxy is designed to securely publish on-premises functions to the general public web with out requiring firewall port openings, leveraging Microsoft Entra ID for authentication,.

How Azure App Proxy Works

For organizations to make use of Azure App Proxy, a personal community connector should be put in on a system inside their personal community.

Azure App Proxy WorksAzure App Proxy Works
Azure App Proxy Works

This connector establishes an outbound connection to Azure, permitting functions to be revealed by the proxy.

Based on the TrustedSec report, the pre-authentication setting is essential right here, because it determines how customers are authenticated earlier than accessing revealed functions.

Pre-AuthenticationPre-Authentication
Pre-Authentication

Pre-Authentication Settings

Azure App Proxy gives two pre-authentication choices: Microsoft Entra ID and Passthrough. 

Azure App Proxy offers two pre-authentication optionsAzure App Proxy offers two pre-authentication options
Azure App Proxy gives two pre-authentication choices

Microsoft Entra ID is the default, offering sturdy authentication by redirecting customers to Microsoft’s authentication providers earlier than accessing the appliance.

This ensures that each one paths inside the utility are protected by Entra ID authentication.

Alternatively, Passthrough doesn’t require authentication earlier than forwarding requests to the appliance.

Whereas this feature might sound helpful for publicly accessible functions, it leaves them susceptible to unauthorized entry.

Microsoft’s documentation warns that Passthrough doesn’t shield towards nameless assaults, just like exposing a server port on to the web.

Dangers and Exploits

In an illustration setup utilizing a Home windows Server 2022 VM internet hosting a fundamental HTTP web site, two functions have been configured with totally different pre-authentication settings:

  • MSENTRAID-redactedoutlook.msappproxy.internet used Microsoft Entra ID for authentication, requiring customers to authenticate earlier than accessing the appliance.
  • PASSTHROUGH-redactedoutlook.msappproxy.internet, as anticipated, didn’t require authentication, permitting direct entry to the appliance and its assets.

When utilizing the Passthrough possibility, not solely is the supposed public utility accessible, however so are different assets on the server. This could result in unintentional publicity of delicate personal community assets.

AccessAccess
Entry

For example, if a gross sales quoting utility on the root of the positioning makes use of Entra ID for authentication, whereas a buyer portal at a unique path is meant to be publicly accessible, utilizing Passthrough may inadvertently make all the server accessible.

Compelled Shopping and Brute-Pressure Assaults

Hackers can simply exploit this vulnerability by participating in compelled searching for content material discovery.

 Every request to the Passthrough URL reveals responses immediately from the VM, together with doubtlessly delicate functions or directories that weren’t supposed to be public.

shown some errorsshown some errors
proven some errors

Within the situation the place a path prompts for HTTP Fundamental authentication, attackers can use instruments like Burp Suite’s Intruder to brute-force widespread default credentials comparable to admin:admin.

If weak credentials are used, unauthorized entry to information or functions can happen, offering an entry level for malicious actions.

intruder attackintruder attack
intruder assault

Whereas the Azure App Proxy is a robust device for securing distant entry to functions, misconfiguring pre-authentication settings can have extreme penalties.

Organizations should rigorously consider their use of Passthrough, guaranteeing that they perceive the dangers concerned and take extra measures to safe functions and assets that aren’t supposed for public entry.

Common safety audits and powerful authentication practices are essential to mitigating these vulnerabilities and defending delicate personal community assets.

By adopting these practices, organizations can successfully use Azure App Proxy whereas safeguarding their personal community assets towards unauthorized entry.

Examine Actual-World Malicious Hyperlinks & Phishing Assaults With Risk Intelligence Lookup - Strive for Free

HPE, Nvidia broaden AI infrastructure lineup

codesanitize
-
0
HPE, Nvidia broaden AI infrastructure lineup



“Accelerated by 2 NVIDIA H100 NVL, [HPE Private Cloud AI Developer System] contains an built-in management node, end-to-end AI software program that features NVIDIA AI Enterprise and HPE AI Necessities, and 32TB of built-in storage offering every part a developer must show and scale AI workloads,” Corrado wrote.

As well as, HPE Non-public Cloud AI contains help for brand new Nvidia GPUs and blueprints that ship confirmed and functioning AI workloads like information extraction with a single click on, Corrado wrote.

HPE information cloth software program

HPE has additionally prolonged help for its Knowledge Cloth expertise throughout the Non-public Cloud providing. The Knowledge Cloth goals to create a unified and constant information layer that spans throughout various places, together with on-premises information facilities, public clouds, and edge environments to offer a single, logical view of knowledge, no matter the place it resides, HPE stated.

“The brand new launch of Knowledge Cloth Software program Cloth is the info spine of the HPE Non-public Cloud AI information Lakehouse and gives an iceberg interface for PC-AI customers to information hosed all through their enterprise. This unified information layer permits information scientists to connect with exterior shops and question that information as iceberg compliant information with out shifting the info,” wrote HPE’s Ashwin Shetty in a weblog put up. “Apache Iceberg is the rising format for AI and analytical workloads. With this new launch Knowledge Cloth turns into an Iceberg finish level for AI engineering. This makes it easy for AI engineering information scientists to simply level to the info lakehouse information supply and run a question instantly towards it. Knowledge Cloth takes care of metadata administration, safe entry, becoming a member of information or objects throughout any supply on-premises or within the cloud within the world namespace.”

As well as, HPE Non-public Cloud AI now helps pre-validated Nvidia blueprints to assist clients implement help for AI workloads. 

AI infrastructure optimization 

Aiming to assist clients handle their AI infrastructure, HPE enhanced its OpsRamp administration bundle which screens servers, networks, storage, databases, and purposes. To OpsRamp the corporate added help for GPU optimization which implies the platform can now handle AI-native software program stacks to ship full-stack observability to observe the efficiency of coaching and inference workloads working on massive Nvidia accelerated computing clusters, HPE acknowledged. 

1...151617...3,843Page 16 of 3,843

ABOUT US

Welcome to CodeSanitize, your number one source for all things coding and technology. We’re dedicated to providing you the very best of software development tutorials, tips, and resources, with a focus on clarity, practical examples, and up-to-date content.

© Copyright 2024 - codesanitize.com. All rights reserved