Kategorie

A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to open an archive file attachment. The archive ("Bank Handlowy w Warszawie

A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to open an archive file attachment. The archive ("Bank Handlowy w Warszawie Newsroomhttp://www.blogger.com/profile/[email protected]

Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months. This includes the threat actor known as Mustang Panda, which has been recently linked to cyber attacks against Myanmar as well as

Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months. This includes the threat actor known as Mustang Panda, which has been recently linked to cyber attacks against Myanmar as well as Newsroomhttp://www.blogger.com/profile/[email protected]

Microsoft is reuniting management of its Windows operating system and its Surface devices, as the leader of its Windows and Web Experiences team has quit his current role and may leave the company.

The move is one of the repercussions of Microsoft’s appointment of a former Google artificial intelligence (AI) leader to run its new AI division.

Mikhail Parakhin, who as Microsoft’s CEO of advertising and web services was also responsible for Windows and web experiences, is seeking new opportunities, potentially outside of Microsoft, according to an internal memo seen by Computerworld and sent by Microsoft’s head of experiences and devices, Rajesh Jha.

Parakhin was also in charge of the team responsible for the development of Bing, Edge and Copilot — formerly Bing Chat — and now a key product for the company’s client-side AI strategy.

In that capacity, he was placed under former Google employee Mustafa Suleyman, who recently joined Microsoft as EVP and CEO of AI. Suleyman also now leads Microsoft’s generative AI (GenAI) team, which is run by Microsoft corporate vice president Misha Bilenko.

Leading Microsoft into AI

Jha wished Parakhin well in his new endeavors but did not specify whether they would be inside or outside of Microsoft.

“Satya [Nadella, Microsoft CEO] and I are grateful for Mikhail’s contributions and leadership and want to thank him for all he has done to help Microsoft lead in the new AI wave,” he wrote in the memo.

Those contributions include leading the consumer AI strategy by integrating Copilot into Microsoft products such as Bing Search, Office, and other services and devices as part of Microsoft’s push into AI since unveiling its partnership last year with OpenAI, the creator of ChatGPT.

Parakhin also had a reputation for being transparent about Microsoft’s plans for its products with the company’s vast community of users and maintaining an open dialogue with them about their needs and concerns.

As he mulls his next move, Parakhin will report to Kevin Scott, CTO and EVP of AI, who will continue in his role for the new division.

Windows and Surface reunited

With Parakhin’s move, Microsoft also merged the Windows Experiences and Windows + Devices teams as a core part of the Experiences + Devices (E+D) division to streamline its AI client strategy, according to Jha’s memo.

“This will enable us to take a holistic approach to building silicon, systems, experiences, and devices that span Windows client and cloud for this AI era,” he wrote, announcing direct report Pavan Davuluri as the leader of Microsoft’s Windows and Surface team, which “will continue to work closely with the Microsoft AI team on AI, silicon, and experiences.”

Indeed, this alignment of Microsoft’s client teams will help the company shore up its position moving forward as it carves out its space in the burgeoning AI market, noted John Gallagher, Vice President of Viakoo Labs at Viakoo, a provider of automated IoT cyber hygiene.

“Having Windows and Surface under one leader makes a lot more sense than having those roles split,” he said. “Recombining these functions signals that Microsoft will be more aggressive in how they optimize hardware and software to create a user experience.” 

Streamlined approach

Suleyman co-founded the DeepMind AI lab — one of the pioneers in the space — in London in 2010; Google acquired the lab in 2014. He department Google in 2022 to co-found and lead another AI startup, Inflection AI. Along with Suleyman, another Inflection alum Karén Simonyan also joined Microsoft AI as chief scientist, as did several other former Inflection employees.

Microsoft is tightening up its consumer AI strategy and gearing up for a major push. Indeed, the organizational changes are aimed at helping the company “double down on this innovation,” Nadella wrote in a blog post of the memo sent to employees unveiling Suleyman’s appointment.

The newly formed Microsoft AI group will focus on developing the Copilot chatbot and furthering its integration into various Microsoft products, as well as overseeing consumer AI products and research.

Generative AI, Microsoft Surface, Windows 11

Threat hunters have identified a suspicious package in the NuGet package manager that's likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing. The package in question is SqzrFramework480, which ReversingLabs said was first published on January 24, 2024. It has been downloaded 

Threat hunters have identified a suspicious package in the NuGet package manager that's likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing. The package in question is SqzrFramework480, which ReversingLabs said was first published on January 24, 2024. It has been downloaded Newsroomhttp://www.blogger.com/profile/[email protected]

Posted by Eugene Rodionov and Ivan Lozano, Android Team

With steady improvements to Android userspace and kernel security, we have noticed an increasing interest from security researchers directed towards lower level firmware. This area has traditionally received less scrutiny, but is critical to device security. We have previously discussed how we have been prioritizing firmware security, and how to apply mitigations in a firmware environment to mitigate unknown vulnerabilities.

In this post we will show how the Kernel Address Sanitizer (KASan) can be used to proactively discover vulnerabilities earlier in the development lifecycle. Despite the narrow application implied by its name, KASan is applicable to a wide-range of firmware targets. Using KASan enabled builds during testing and/or fuzzing can help catch memory corruption vulnerabilities and stability issues before they land on user devices. We've already used KASan in some firmware targets to proactively find and fix 40+ memory safety bugs and vulnerabilities, including some of critical severity.

Along with this blog post we are releasing a small project which demonstrates an implementation of KASan for bare-metal targets leveraging the QEMU system emulator. Readers can refer to this implementation for technical details while following the blog post.

Address Sanitizer (ASan) overview

Address sanitizer is a compiler-based instrumentation tool used to identify invalid memory access operations during runtime. It is capable of detecting the following classes of temporal and spatial memory safety bugs:

• out-of-bounds memory access
• use-after-free
• double/invalid free
• use-after-return

ASan relies on the compiler to instrument code with dynamic checks for virtual addresses used in load/store operations. A separate runtime library defines the instrumentation hooks for the heap memory and error reporting. For most user-space targets (such as aarch64-linux-android) ASan can be enabled as simply as using the -fsanitize=address compiler option for Clang due to existing support of this target both in the toolchain and in the libclang_rt runtime.

However, the situation is rather different for bare-metal code which is frequently built with the none system targets, such as arm-none-eabi. Unlike traditional user-space programs, bare-metal code running inside an embedded system often doesn’t have a common runtime implementation. As such, LLVM can’t provide a default runtime for these environments.

To provide custom implementations for the necessary runtime routines, the Clang toolchain exposes an interface for address sanitization through the -fsanitize=kernel-address compiler option. The KASan runtime routines implemented in the Linux kernel serve as a great example of how to define a KASan runtime for targets which aren’t supported by default with -fsanitize=address. We'll demonstrate how to use the version of address sanitizer originally built for the kernel on other bare-metal targets.

KASan 101

Let’s take a look at the KASan major building blocks from a high-level perspective (a thorough explanation of how ASan works under-the-hood is provided in this whitepaper).

The main idea behind KASan is that every memory access operation, such as load/store instructions and memory copy functions (for example, memmove and memcpy), are instrumented with code which performs verification of the destination/source memory regions. KASan only allows the memory access operations which use valid memory regions. When KASan detects memory access to a memory region which is invalid (that is, the memory has been already freed or access is out-of-bounds) then it reports this violation to the system.

The state of memory regions covered by KASan is maintained in a dedicated area called shadow memory. Every byte in the shadow memory corresponds to a single fixed-size memory region covered by KASan (typically 8-bytes) and encodes its state: whether the corresponding memory region has been allocated or freed and how many bytes in the memory region are accessible.

Therefore, to enable KASan for a bare-metal target we would need to implement the instrumentation routines which verify validity of memory regions in memory access operations and report KASan violations to the system. In addition we would also need to implement shadow memory management to track the state of memory regions which we want to be covered with KASan.

Enabling KASan for bare-metal firmware KASan shadow memory

The very first step in enabling KASan for firmware is to reserve a sufficient amount of DRAM for shadow memory. This is a memory region where each byte is used by KASan to track the state of an 8-byte region. This means accommodating the shadow memory requires a dedicated memory region equal to 1/8th the size of the address space covered by KASan.

KASan maps every 8-byte aligned address from the DRAM region into the shadow memory using the following formula:

shadow_address = (target_address >> 3 ) + shadow_memory_base where target_address is the address of a 8-byte memory region which we want to cover with KASan and shadow_memory_base is the base address of the shadow memory area.

Implement a KASan runtime

Once we have the shadow memory tracking the state of every single 8-byte memory region of DRAM we need to implement the necessary runtime routines which KASan instrumentation depends on. For reference, a comprehensive list of runtime routines needed for KASan can be found in the linux/mm/kasan/kasan.h Linux kernel header. However, it might not be necessary to implement all of them and in the following text we focus on the ones which were needed to enable KASan for our target firmware as an example.

Memory access check

The routines __asan_loadXX_noabort, __asan_storeXX_noabort perform verification of memory access at runtime. The symbol XX denotes size of memory access and goes as a power of 2 starting from 1 up to 16. The toolchain instruments every memory load and store operations with these functions so that they are invoked before the memory access operation happens. These routines take as input a pointer to the target memory region to check it against the shadow memory.

If the region state provided by shadow memory doesn’t reveal a violation, then these functions return to the caller. But if any violations (for example, the memory region is accessed after it has been deallocated or there is an out-of-bounds access) are revealed, then these functions report the KASan violation by:

• Generating a call-stack.
• Capturing context around the memory regions.
• Logging the error.
• Aborting/crashing the system (optional)

Shadow memory management

The routine __asan_set_shadow_YY is used to poison shadow memory for a given address. This routine is used by the toolchain instrumentation to update the state of memory regions. For example, the KASan runtime would use this function to mark memory for local variables on the stack as accessible/poisoned in the epilogue/prologue of the function respectively.

This routine takes as input a target memory address and sets the corresponding byte in shadow memory to the value of YY. Here is an example of some YY values for shadow memory to encode state of 8-byte memory regions:

• 0x00 -- the entire 8-byte region is accessible
• 0x01-0x07 -- only the first bytes in the memory region are accessible
• 0xf1 -- not accessible: stack left red zone
• 0xf2 -- not accessible: stack mid red zone
• 0xf3 -- not accessible: stack right red zone
• 0xfa -- not accessible: globals red zone
• 0xff -- not accessible

Covering global variables

The routines __asan_register_globals, __asan_unregister_globals are used to poison/unpoison memory for global variables. The KASan runtime calls these functions while processing global constructors/destructors. For instance, the routine __asan_register_globals is invoked for every global variable. It takes as an argument a pointer to a data structure which describes the target global variable: the structure provides the starting address of the variable, its size not including the red zone and size of the global variable with the red zone.

The red zone is extra padding the compiler inserts after the variable to increase the likelihood of detecting an out-of-bounds memory access. Red zones ensure there is extra space between adjacent global variables. It is the responsibility of __asan_register_globals routine to mark the corresponding shadow memory as accessible for the variable and as poisoned for the red zone.

As the readers could infer from its name, the routine __asan_unregister_globals is invoked while processing global destructors and is intended to poison shadow memory for the target global variable. As a result, any memory access to such a global will cause a KASan violation.

Memory copy functions

The KASan compiler instrumentation routines __asan_loadXX_noabort, __asan_storeXX_noabort discussed above are used to verify individual memory load and store operations such as, reading or writing an array element or dereferencing a pointer. However, these routines don't cover memory access in bulk-memory copy functions such as memcpy, memmove, and memset. In many cases these functions are provided by the runtime library or implemented in assembly to optimize for performance.

Therefore, in order to be able to catch invalid memory access in these functions, we would need to provide sanitized versions of memcpy, memmove, and memset functions in our KASan implementation which would verify memory buffers to be valid memory regions.

Avoiding false positives for noreturn functions

Another routine required by KASan is __asan_handle_no_return, to perform cleanup before a noreturn function and avoid false positives on the stack. KASan adds red zones around stack variables at the start of each function, and removes them at the end. If a function does not return normally (for example, in case of longjmp-like functions and exception handling), red zones must be removed explicitly with __asan_handle_no_return.

Hook heap memory allocation routines

Bare-metal code in the vast majority of cases provides its own heap implementation. It is our responsibility to implement an instrumented version of heap memory allocation and freeing routines which enable KASan to detect memory corruption bugs on the heap.

Essentially, we would need to instrument the memory allocator with the code which unpoisons KASan shadow memory corresponding to the allocated memory buffer. Additionally, we may want to insert an extra poisoned red zone memory (which accessing would then generate a KASan violation) to the end of the allocated buffer to increase the likelihood of catching out-of-bounds memory reads/writes.

Similarly, in the memory deallocation routine (such as free) we would need to poison the shadow memory corresponding to the free buffer so that any subsequent access (such as, use-after-free) would generate a KASan violation.

We can go even further by placing the freed memory buffer into a quarantine instead of immediately returning the free memory back to the allocator. This way, the freed memory buffer is suspended in quarantine for some time and will have its KASan shadow bytes poisoned for a longer period of time, increasing the probability of catching a use-after-free access to this buffer.

Enable KASan for heap, stack and global variables

With all the necessary building blocks implemented we are ready to enable KASan for our bare-metal code by applying the following compiler options while building the target with the LLVM toolchain.

The -fsanitize=kernel-address Clang option instructs the compiler to instrument memory load/store operations with the KASan verification routines.

We use the -asan-mapping-offset LLVM option to indicate where we want our shadow memory to be located. For instance, let’s assume that we would like to cover address range 0x40000000 - 0x4fffffff and we want to keep shadow memory at address 0x4A700000. So, we would use -mllvm -asan-mapping-offset=0x42700000 as 0x40000000 >> 3 + 0x42700000 == 0x4A700000.

To cover globals and stack variables with KASan we would need to pass additional options to the compiler: -mllvm -asan-stack=1 -mllvm -asan-globals=1. It’s worth mentioning that instrumenting both globals and stack variables will likely result in an increase in size of the corresponding memory which might need to be accounted for in the linker script.

Finally, to prevent significant increase in size of the code section due to KASan instrumentation we instruct the compiler to always outline KASan checks using the -mllvm -asan-instrumentation-with-call-threshold=0 option. Otherwise, the compiler might inline

__asan_loadXX_noabort, __asan_storeXX_noabort routines for load/store operations resulting in bloating the generated object code.

LLVM has traditionally only supported sanitizers with runtimes for specific targets with predefined runtimes, however we have upstreamed LLVM sanitizer support for bare-metal targets under the assumption that the runtime can be defined for the particular target. You’ll need the latest version of Clang to benefit from this.

Conclusion

Following these steps we managed to enable KASan for a firmware target and use it in pre-production test builds. This led to early discovery of memory corruption issues that were easily remediated due to the actionable reports produced by KASan. These builds can be used with fuzzers to detect edge case bugs that normal testing fails to trigger, yet which can have significant security implications.

Our work with KASan is just one example of the multiple techniques the Android team is exploring to further secure bare-metal firmware in the Android Platform. Ideally we want to avoid introducing memory safety vulnerabilities in the first place so we are working to address this problem through adoption of memory-safe Rust in bare-metal environments. The Android team has developed Rust training which covers bare-metal Rust extensively. We highly encourage others to explore Rust (or other memory-safe languages) as an alternative to C/C++ in their firmware.

If you have any questions, please reach out – we’re here to help!

Acknowledgements: Thank you to Roger Piqueras Jover for contributions to this post, and to Evgenii Stepanov for upstreaming LLVM support for bare-metal sanitizers. Special thanks also to our colleagues who contribute and support our firmware security efforts: Sami Tolvanen, Stephan Somogyi, Stephan Chen, Dominik Maier, Xuan Xing, Farzan Karimi, Pirama Arumuga Nainar, Stephen Hines.

Přesně před 25 lety, 26. března 1999, vypustil David L. Smith do té doby nejrychleji se šířící počítačový virus Melissa. Do světa si našel cestu přes usenetovou diskuzní skupinu alt.sex, kam Smith publikoval nevinně vyhlížející soubor list.doc. Měl obsahovat seznam s přístupovými údaji k 80 ...

The challenge to build a more sustainable enterprise is high on the business agenda these days, in part to meet government-mandated climate goals, in part because consumers demand it, and — perhaps — simply because turning a business into a sustainable business is the right thing to do.

Businesses are taking a multitude of approaches to becoming more sustainable.

Apple CEO Tim Cook in China explained part of the strategy being followed by his company — to put a little AI (artificial intelligence) in sustAInability.

As he sees it, AI “provides an enormous toolkit for every company that’s wishing to be carbon neutral or to lower their emissions by a substantial amount,” he said.

Sustainable business is good business

We know Apple is working hard to build a more sustainable consumer tech business. The company isn’t there yet, of course, but it continues to make more use of recycled materials, has its first claimed carbon-neutral product in the form of the Apple Watch, and is on a drive to develop circular manufacturing tech across its business by 2030. It is already carbon neutral across its own internal operations (including stores and offices).

The company also wants all companies to be required to be more transparent about their carbon output.

Its most recently released Mac, the MacBook Air, boasts new records for sustainability, as it is the first Apple product to be made with 50% recycled content. The company has a track record that puts it far ahead of competitors on this, and while no one is perfect, it has won praise from environmental activists for at least trying to do the right thing.

Cook echoes industry thinking

But Cook’s determination that AI has a part to play in delivering more sustainable business practises echoes emerging thinking across enterprises concerned with polishing their corporate social responsibility (CSR) credentials.

Microsoft’s AI for Earth program offers AI tools for ecosystem monitoring and management; Google’s DeepMind uses AI to improve energy management in data centers, delivering a 40% reduction in cooling costs; Nokia has its own AI aimed at carriers that is designed to reduce the cost and carbon emissions from network related energy consumption; the list goes on.

Just this month at Mobile World Congress, Cisco and European carrier Orange signed an agreement to work together toward Net Zero, including information sharing between both firms to help measure and mitigate those all-important Scope 3 emissions.

So, how might Cook’s Apple already be making use of AI to help manage its own emissions?

As I don’t keep any surveillance equipment in or near the CEO’s office, I can only speculate, but there are two clear ways in which AI could easily contribute to Apple’s Environmental CSR:

Reporting: AI can deliver far more accurate reporting from across complex supply chains than human workers can. Not only can it measure and track goods in transit, but it can estimate the environmental costs of manufacture, distribution, and final use.

The more accurate such estimates become, the easier it becomes to identify key areas in which changes can deliver difference. This is particularly important to manufacturers attempting to assess more complex “Scopes.”

Recycling: Tech can help manage tech. Used in waste management and recycling, AI can mitigate contamination and optimize the recycling process. This is one of the ways Apple is making use of AI to boost sustainability.

AI is fundamental to Apple’s recycling plans

“We would not be able to recover the level of material that we do today for recycling without AI,” Cook said, speaking at the China Development Forum. “I mean, it’s already fundamental in our calculation.”

He believes AI provides a set of tools that should help any company on a mission to become carbon neutral or to make significant sustainability improvements.

We don’t quite know how Apple uses AI in recycling, but I’m willing to take an educated guess that at least one component consists of machine vision intelligence-driven systems on waste-sorting lines.

We already know machines do a better/faster job than humans can or want to do on such challenges, and the health and safety concerns of handling recycled materials, particularly harmful materials, are reduced by getting machines to do the work. Not only this, but smart recycling systems can also provide real-time waste analytics.

Apple has a family of recycling robots already diligently tearing old iPhones apart. Its Daisy robots each process up to 1.2 million of these each year.

The big problem with automated recycling systems is training, but Apple’s recent investment in Darwin AI, in tandem with the features of visionOS, hint at future innovations in machine intelligence learning models.

What a difference an AI makes

While I remain sceptical that AI alone can tackle the challenges of carbon reduction and sustainability, Cook is correct that AI has a part to play.

A Microsoft-sponsored PwC report estimated that applied AI could reduce worldwide greenhouse gas (GHG) emissions by 4% in 2030, equivalent to the annual emissions of Australia, Canada, and Japan combined. This matters, given that the World Bank predicts global waste will increase by 70% by 2050.

“Put simply, AI can enable our future systems to be more productive for the economy and for nature,” said Celine Herweijer, Global Innovation and Sustainability Leader, PwC.

Further out, of course, one day your Mac will tell you when it needs repair before it actually breaks down. Indeed, in terms of Apple services, it’s reasonable to imagine that if you have Apple Care or Apple Business Manager, it may even book itself in for maintenance.

Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Apple, Green IT, iPhone, Mobile, Technology Industry

The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years. The defendants include Ni Gaobin (倪高彬), Weng Ming (翁明), Cheng Feng (程锋), Peng Yaowen (彭耀文), Sun Xiaohui (孙小辉), Xiong Wang (熊旺), and Zhao Guangzong (

The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years. The defendants include Ni Gaobin (倪高彬), Weng Ming (翁明), Cheng Feng (程锋), Peng Yaowen (彭耀文), Sun Xiaohui (孙小辉), Xiong Wang (熊旺), and Zhao Guangzong (Newsroomhttp://www.blogger.com/profile/[email protected]

Minecraft, with over 500 million registered users and 166 million monthly players, faces significant risks from distributed denial-of-service (DDoS) attacks, threatening server functionality, player experience, and the game’s reputation. Despite the prevalence of DDoS attacks on the game, the majority of incidents go unreported, leaving a gap in awareness and protection. This article explains

Minecraft, with over 500 million registered users and 166 million monthly players, faces significant risks from distributed denial-of-service (DDoS) attacks, threatening server functionality, player experience, and the game’s reputation. Despite the prevalence of DDoS attacks on the game, the majority of incidents go unreported, leaving a gap in awareness and protection. This article explains The Hacker Newshttp://www.blogger.com/profile/[email protected]

The Southern California Linux Expo (SCALE) 21x is a massive community-run open-source and free software conference. This year's event showcased various workshops, presentations, and networking events.

Canonical has announced extending Ubuntu's long-term support (LTS) to 12 years, providing security coverage from the initial release. While regular LTS releases receive 5 years of standard security updates, subscribing to Ubuntu Pro adds 5 years.

With companies shifting gears when it comes to the skills they want in new hires and current employees, online education providers are quickly compiling lists of generative AI (genAI) courses to meet demand.

While there are still more tech job openings than tech workers available to fill them, job-seeking technologists need to tweak their industry knowledge to get hired. Internally, enterprises are upskilling and reskilling workforces to address a flurry of genAI projects, even as most are still pilots. Not surprisingly, creating, training and securing genAI is becoming a top skill to possess.

AI and machine learning engineers, AI research assistants, data scientists, prompt engineers, are all positions key to genAI rollouts. Beyond that, skills related to organizing, cleaning, and classifying data to ensure AI models are ready for learning continue to be an important skill set in 2024.

Freelance employment platform Upwork recently released a study of freelance worker earnings for all of 2023 and found genAI and data science and analytics skills are seeing “unprecedented” growth in importance.

Along with colleges and universities, online education providers such as Coursera, edX and Udemy have been rolling out new programs to meet employer needs.

Scott Rogers, senior vice president of Instructor and Content Strategy at Udemy, said his company’s online learning platform has seen an explosion of enrollments in genAI courses. This year, Udemy had more than three million genAI-related course enrollments, higher than any other curriculum.

That’s with good reason. Up to 30% of working hours in the US could be automated by 2030 with employees across various professional fields using genAI tools to complete repetitive tasks and redirect their efforts toward more strategic initiatives, according to Rogers.

The company’s 2024 Global Learning and Skills Trends Report revealed that ChatGPT was the most consumed skill on a global scale.

Udemy just launched a GenAI Skills Pack aimed at providing professionals across software engineering, data science, sales, marketing, finance, and HR with dedicated learning paths so they can upskill on genAI content specific to their job duties for immediate impact.

Scott Rogers, senior vice president of Instructor & Content Strategy at Udemy.

Udemy/Scott Rogers

Computerworld spoke with Rogers about why tech layoffs have been increasing while job openings remain high and what employers are seeking in new hires. The following are excerpts from that interview:

A lot of tech workers laid off over the past six months have struggled to find work, regardless of what unemployment figures lead us to believe. Why is that happening? “The job market has become increasingly competitive as companies like Apple, Google, and IBM, which place an emphasis on technical skills and experience, are vying for talent that has kept up with the pace of industry change. The decreasing shelf life of technical skills and emergence of genAI has resulted in many technology professionals who are currently navigating the job market needing to further invest in continuous upskilling — not only to land their next role, but to remain competitive in the years to come. 

“Additionally, the onset of genAI is changing existing job roles and responsibilities. Up to 30% of working hours in the U.S. can be automated by 2030 with employees across various professional fields using genAI to complete repetitive tasks and redirect their efforts toward more strategic initiatives. Professionals, regardless of role, need to navigate which tasks to automate, what new skills to cultivate, and how to enhance existing skills.” 

What skills are employers seeking for genAI enablement? “Since ChatGPT launched in 2022, we’ve seen massive demand for genAI content across the Udemy platform. The first ChatGPT course was published on Udemy just 11 days after the technology launched. In 2023, we had more than 3.2 million learners enrolled across 1,700 genAI courses on the Udemy platform. Interest has grown 60% year-over-year with ChatGPT, Midjourney, and Prompt Engineering among the most popular genAI training content.

“Overall, we’ve seen a dramatic shift over the past few months with professionals and organizations transitioning from learning about what genAI is to how they can effectively use it within their particular job function or industry.”

What roles are you seeing as the most needed? “While highly technical roles like data scientists, machine learning engineers, AI researchers, and product managers were the first area of investment for many companies — given the deep understanding they’ll require for AI algorithms, data analysis, and model development — genAI skills are becoming a critical focus for all companies across all job functions.

“For example, we’re seeing financial services professionals focused on course content around genAI for financial modeling and analysis, while HR leaders are exploring how to leverage this technology to create better job descriptions.

“To help address this growing need, our new GenAI Skills Pack provides professionals across software engineering, data science, sales, marketing, finance, and HR with dedicated learning paths so they can easily skill up on genAI content specific to their job functions for immediate impact.”

How has the tech employment industry shifted from requiring computer science degrees to taking more of a skills-based approach to hiring and why? “Companies have long regarded practical skills, experience, and industry certifications as key factors in hiring decisions. With the rise of the skills-based organization focus, more companies are putting greater emphasis on skills development and validation, being more flexible with formal degree requirements. In short, skills remain the currency in today’s workforce.

“In fact, Udemy has seen 10 million IT certification enrollments across our platform in the past 12 months, across both business and individual learners. Many of these certifications and badges validate emerging skills in the tech space such as DevOps, cloud, modern programming, and cybersecurity.”

How important are skills compared to degrees? “A focus on skills is more important than ever, given the widening skills gaps in many organizations. An astonishing 87% of executives say they are already facing, or expect to face, critical skills gaps within their organization by 2025. At the same time, the pace of innovation –– with the rise of genAI and other technologies –– has caused the skills required for all jobs to increase by 10% annually, meaning that constant upskilling is required to keep up with the pace of change. 

“In the last year alone, our enterprise customer segment grew by 27% as we continue to help more than 15,700 global organizations — including more than 50% of the Fortune 100 — make the transition to skills-based organizations, keeping pace with change and remaining ahead of their competition.”

While genAI is expected by many to create more net new jobs than it eliminates, what kinds of jobs do you see AI creating? “We totally agree –– genAI is transforming how we work and redefining the skills professionals and organizations need to succeed. And we firmly believe that AI can serve as a powerful tool to help increase productivity, close widening skills gaps, and create new job opportunities for workers.

“New technologies can be disruptive. For instance, 3.5 million jobs are estimated to have been lost due to the Internet and PC revolution, but none of us would want to go back to the pre-internet days. The World Economic Forum estimates that while 85 million jobs will be displaced by AI, 97 million new, higher-earning jobs will be created in its place. We’ll see if this is how it plays out, or if AI simply changes that many roles, and individuals who embrace AI skills can thrive in them.

“In many ways, genAI comes as a solution to the widening skills gap, which is projected to cost businesses a whopping $8.5 trillion over the next six years if a course correction is not made. While it’s too soon to tell what specific jobs will be created in the wake of this new technology, it is already providing organizations with a solution that can enable employees to free up 60-70% of their time, allowing them to refocus away from mundane tasks toward more strategic, innovative work –– elevating themselves and their organizations to the tune of $2.6 to $4.4 trillion in annual economic gains.”

What kinds of enrollment rates are you seeing for genAI courses, and how has that grown over the past two years? “At Udemy, we’ve seen an explosion of enrollments in genAI courses. In fact, in our 2024 Global Learning & Skills Trends Report, it was revealed that ChatGPT was the most consumed skill on a global scale. In 2023, Udemy had more than 3.2 million enrollments — which means 6 learners are enrolling in genAI courses on Udemy every single minute. We’ve seen more than 79 million minutes of genAI course consumption.

“Increasingly, companies and individuals are embracing the fact that genAI will be a disruptive technology — and are upskilling to ensure that this disruption is a positive in their careers.”

Emerging Technology, Generative AI, IT Jobs, IT Skills

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned three cryptocurrency exchanges for offering services used to evade economic restrictions imposed on Russia following its invasion of Ukraine in early 2022. This includes Bitpapa IC FZC LLC, Crypto Explorer DMCC (AWEX), and Obshchestvo S Ogranichennoy Otvetstvennostyu Tsentr Obrabotki Elektronnykh Platezhey (

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned three cryptocurrency exchanges for offering services used to evade economic restrictions imposed on Russia following its invasion of Ukraine in early 2022. This includes Bitpapa IC FZC LLC, Crypto Explorer DMCC (AWEX), and Obshchestvo S Ogranichennoy Otvetstvennostyu Tsentr Obrabotki Elektronnykh Platezhey (Newsroomhttp://www.blogger.com/profile/[email protected]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities added are as follows - CVE-2023-48788 (CVSS score: 9.3) - Fortinet FortiClient EMS SQL Injection Vulnerability CVE-2021-44529 (CVSS score: 9.8) - Ivanti