November 25, 2014

'Less' is more to malware authors targeting Linux users
Less does not allow file editing, which is a job for file editors like the widely used vi, but has the benefit of displaying data on the fly without needing to load an entire file into memory. This is useful when dealing with large files. Less is frequently used to view text files, but on many Linux distributions, including Ubuntu and CentOS, it supports many more file types including archives, images and PDF. That's because, on these systems, less is extended through a script called lesspipe that relies on different third-party tools to process files with various extensions.

Web services vs. cloud services: Are they the same?
The short answer is, "no," they are not the same. However, they are increasingly dependent on each other if users want the full speed and ease of use effect that such services offer. Technically, organizations can have a Web service without a cloud service or vice versa, but one gets greater business efficiency when the services are combined. Web services are the tools that allow users to interact with software over the Internet.Cloud services are the servers that store the data, security and other infrastructure pieces needed to allow Web services to provide unique value as Web-accessible applications.

The Art Of Being Consistently Less Wrong
The key concept to focus on is not to be exact but to be LESS WRONG. The only way you can be less wrong is to learn. The only way to learn is to do. In my opinion letting go of the concept of correctness in agile and embracing the desire to be less wrong can help a team change what they normally consider to be a painful, drawn out meeting into a quick, focused and collaborative discussion. Get past the estimation and get back to delivering features. So, how do we learn to be consistently less wrong? Here are a few things to consider:

Thwarting Attackers with Threat Intelligence
Intelligence and understanding are crucial to any defensive strategy. Cybersecurity teams are trying to learn more about malicious actors, including why and how they are attacking. This is where the extended network provides unexpected value, delivering a depth of intelligence that cannot be attained anywhere else in the computing environment. Much like in counterterrorism, intelligence is key to stopping attacks before they happen. Just as terrorists sometimes inflict damage disproportionate to their resources, such can be the case in cyberspace. Relatively small adversaries with limited means can inflict significant damage on larger foes. In these situations, intelligence is one of the most important assets for addressing threats.

Global Standards and Publications
In the current environment, with constant changes and almost infinite ways of accessing information and communicating, it is essential to make communication as clear as possible and ensure the quality of information. Van Haren Publishing makes general Best Practices available to provide quality, practically validated information worldwide. The use of standards and frameworks gives everyone the same language thus minimalizing the chance of errors due to unclear communication. Best Practices regarding these standards and frameworks provide you with information summarizing years of experience by the best in the industry.

Corporate IT's Darwinian Challenge
Corporate IT organizations in general are still viewed as the people who slow down business opportunity and change and say "no" far more than "yes." Too many corporate IT organizations haven't evolved along with their ecosystem and, in my opinion, much of the necessary change starts with an evolution in thinking and purpose. For me, the following points are the required foundation to stop the gradual erosion, and ultimate extinction, of the corporate IT organization as we know it today.

Mobile Medical Apps: A Market on the Move
Smartphone technology is promising for use in remote patient monitoring for several reasons. David Pettigrew, Sagentia’s Vice President of Connected Health, sums up the advantages: “Benefits to medical-device manufacturers include cost savings through not having to develop a completely new device, leveraging existing platforms while adding more sophisticated sensing and data capabilities, and using an interface that consumers know and understand and is already part of their everyday life.” The result: Devices are far more likely to be adopted and used correctly.

The branded bug: Meet the people who name vulnerabilities
If the bug is dangerous enough, it gets a name. Heartbleed's branding changed the way we talk about security, but did giving a bug a logo make it frivolous... or is this the evolution of infosec? Criminals, such as bank robbers, are often named because there are too many to keep track of. Just as killers and gangsters end up in history marked and defined by where they murdered (the "Trailside Killer") or having a characteristic ("Baby Face" Nelson), the same goes for critical bugs and zero days. Stephen Ward, Senior Director at iSIGHT Partners (iSIGHT reported the "Sandworm" Microsoft zero-day), explained to ZDNet, "Researchers will often use unique characteristics discovered in malware or in command and control to give a team or a particular exploit a name.

Network security needs big data
Big data will change most of the product categories in the field of computer network security, including network monitoring, the authentication and authorization of users, identity management, fraud detection, and systems of governance, risk and compliance. Big data will also change the nature of the security controls, such as conventional firewalls, anti-malware and data loss prevention. In coming years, the tools of data analysis will evolve further to enable a number of advanced predictive capabilities and automated controls in real time.

7 Tools Tuned for Agile Development Success
The iterative alternative to fully mapped-out waterfall processes has become widely accepted in recent years, bringing with it software tools designed to help agile practitioners hone their processes, collaborate efficiently, and monitor progress. Companies like Atlassian, Axosoft, Microsoft, and others have been filling the niche for agile project management. Since we first rounded up agile project management tools in 2013, these tools have seen noteworthy improvements. Here's another look at the more effective agile-oriented project management tools and what's been improved in them in the past year.

Quote for the day:

"How you measure the performance of your managers directly affects the way they act." -- Gustave Flaubert