July 22, 2014

Backup your data now: New, more powerful ransomware using Tor spotted in the wild
Critoni “seems to be a strong, well thought piece of malware,” according to French security researcher "Kafeine," who has a good write-up and several screenshots. Kafeine reported that Critoni can be delivered by the Angler exploit kit, but attackers using different vectors have also been spotted in the wild. Basically that means this is not a one-size-fits-all attack; there is not just one way to end up getting infected. “Early detection is not possible,” according to the advertised list of “pros.”


RSA's security utopia requires China, US to be friends
RSA Executive Chairman Art Coviello urged the need for greater cooperation between nations and establish national and global policies that are appropriate for the current interdependent economy. He noted that while most governments and businesses recognize the world is more connected today than ever, they continue to behave as if they are not.  "We haven't really advanced that much in our thinking beyond where we were 100 years ago in the run-up to World War I. We pretend that geography, national identity, and incorporation are still the most meaningful dividing lines, ignoring the fact that the digital world has blurred those lines beyond recognition," Coviello said.


Whitepaper - Creating a Data Quality Strategy
In the 21st century, the majority of data managers and consumers understand the importance of accurate robust data. We know that our data warehouses, CRM systems, ERP systems, and business intelligence reports are compromised if the data we feed them is suspect. To realize the full benefits of their investments in enterprise computing systems, organizations must have a plan how to monitor, cleanse, and maintain their data in a quantified state.


7 considerations when moving on-premise software to cloud
To cloud or not to cloud is the question that many software vendors are currently facing. Should they continue to offer their software as on-premise or move to a cloud-based model? A move to cloud computing is a win-win scenario for cloud vendor and customers alike. As a cloud vendor, you get to benefit from the economies of scale, while your customer gets to benefit from additional capabilities that cloud brings at a lower cost of shared infrastructure. ... When you’ve made up your mind to migrate on-premise Software business to cloud based model, below are some key focus areas and challenges that you should consider:


Top 10 worst big data practices
The idea of the data lake is being sold by vendors to substitute for real use cases. (It’s also a way to escape the constraints of departmental funding.) The data-lake approach can be valid, but you should have actual use cases in mind. It isn’t hard to come up them in most midsize to large enterprises. Start by reviewing when someone last said, “No, we can’t, because the database can’t handle it.” Then move on to “duh.” For instance, “business development” isn’t supposed to be just a titular promotion for your top salesperson; it’s supposed to mean something.


The BYOD Revolution: A Dream of Efficiency or a Security Nightmare?
"Bring your own device" phenomenon is becoming more and more prevalent in IT today. Employees tend to use their own devices whether IT departments allow or know about it or not. So what do you need to know to keep up with this trend? In this webinar, hear a panel of experts discuss how BYOD is transforming the workplace and its benefits in improving efficiency and productivity of your business as well as discover the security concerns to look out for like data breaches, mobile malware and hacking.


A Tough Corporate Job Asks One Question: Can You Hack It?
Chief information security officers have one of the toughest jobs in the business world: They must stay one step ahead of criminal masterminds in Moscow and military hackers in Shanghai, check off a growing list of compliance boxes and keep close tabs on leaky vendors and reckless employees who upload sensitive data to Dropbox accounts and unlocked iPhones. They must be skilled in crisis management and communications, and expert in the most sophisticated technology, though they have come to learn the hard way that even the shiniest new security mousetraps are not foolproof.


Stealthy Web tracking tools pose increasing privacy risks to users
"The tracking mechanisms we study are advanced in that they are hard to control, hard to detect and resilient to blocking or removing," they wrote. Although the tracking methods have been known about for some time, the researchers showed how the methods are increasingly being used on top-tier, highly trafficked websites. One of the techniques, called canvas fingerprinting, involves using a Web browser's canvas API to draw an invisible image and extract a "fingerprint" of a person's computer.


Leadership Caffeine—In Praise of Mistakes Made for the Right Reasons
Remember, character always gets a positive vote. After a certain age, character is formed and nothing you can do will alter someone’s core character. You cannot change someone. Assess character carefully. Look for behavioral examples around values, and if the view is dissonant, it’s a non-starter. Passion and desire are powerful reasons to take a chance on someone, even if others around you suggest this person isn’t right for a role. I like betting on the underdog if I’ve done my homework on the individual. Taking chances on people who show that extra spark is part of the essence of leadership. Much like character, you cannot teach passion, you can only help it emerge.


Unusual Ways to Create a Mobile App
RoboVM is a new open-source project with the ambition to solve this problem without compromising on neither developer nor app-user experience. The goal of the RoboVM project is to bring Java and other JVM languages, such as Scala, Clojure and Kotlin, to iOS devices. Unlike other similar tools, RoboVM doesn’t impose any restrictions on the Java platform features accessible to the developer, such as reflection or file I/O, and lets the developer reuse the vast ecosystem of Java 3rd party libraries. It is also unique in allowing the developer to access the full native iOS APIs through a Java to Objective-C bridge.



Quote for the day:

"Our character is what we do when we think no one is looking." -- H. Jackson Brown Jr.