August 29, 2016

Generation Blockchain’s Move To The Mainstream

As corporate lawyers, media executives, politicians, environmentalists, and mom and pop shops begin to harness and realize the power of the blockchain, discount online retailers are creating FinTech subsidiaries prompted by it. Panelist Judd Bagley, Director of Communications at Overstock.com, described the creation of their FinTech subsidiary, t0. t0 was established to bring greater efficiency and transparency to capital markets through the integration of blockchain technology. It was established after Overstock, one of the first online retailers to accept Bitcoin, recognized its power. Furthering environmental applications, are companies using blockchain to cater to farmers and sustainable agriculture. Bill Schafer, CEO of Fairledger, described how their system creates and executes digital contracts that are confirmed and recorded on the blockchain in order to trace agricultural products through the entire supply chain.


Cyber Extortion Is No Way to Get Rich

A recent study of Cerber estimates that the operator does pretty well, earning $78,000 in the month of July. The average affiliate, by contrast, brought in $726 in revenue. From that, subtract operating expense. The affiliate needs to buy an exploit kit -- a piece of software that scans a victim’s machine for known security holes. Before the kit can be delivered to a victim, it must pass through a crypter, which modifies malware to get it through virus filters. Both exploit kits and crypters must be updated every few weeks to stay ahead of security experts. Between tools of the trade and email spam campaigns, an attack could cost more than the expected income before a single ransom payment comes in


Considering Privacy in the Age of the Camera

“We have a fundamental problem with monitoring everybody just because somebody might do something wrong. That’s not how life is supposed to work in a democracy,” he explained. “The government is not supposed to be looking over your shoulders all the time, just because you might be engaged in wrongdoing, and we’re approaching the point as a technological matter, that is increasingly something that is possible to do.” Stanley also doubts the ability of video analytics technology to fully understand the complex and varied behavior of human beings. This was the case in San Diego several years ago, when the Municipal Transit Agency tried a program that didn’t pan out. Though the agency still uses cameras for monitoring purposes, the analytics deployed at the time wasn't quite ready for prime time.


Deception technology grows and evolves

The new approach is to cast a wider net, of more subtle traps. "We want to create a large decoy surface area -- a cyber minefield field," said James. TrapX, along with several other vendors in this emerging space, uses automation to create phony workstations, servers, databases, even medical devices, point of sale terminals and automatic teller machines. Then TrapX lays a trail of breadcrumbs that leads them to the decoys. The breadcrumbs are only visible to attackers, who are using backdoor tools or command line interfaces to explore corporate networks. "The real trick is that the legitimate user never sees these links," James said. "They're never stumbling on a trap and tripping the alarm." Then the TrapX decoys keep the hacker on the hook, giving the security team time to respond.


Enabling business-aligned cybersecurity

Business leaders, more attuned to the need to support cyber risk efforts, now routinely consult with cyber risk leaders before making changes to applications and technology infrastructure, and have enforced a program among their own technology teams to regularly provide IT asset updates to the central monitoring operations team. As executives and business risk leaders gained confidence in the effectiveness of DriveNice’s monitoring program, it was easier for IT leaders to gain support for new technology investments. Implementing an end-user behavioral analytics program has provided analysts with better pattern detection capabilities to help identify previously unknown cyberattack tactics. The success of DriveNice—in the second hypothetical case, that is—cannot be attributed solely to either enhanced technology or enlightened leadership.


How to spot signs your project is about to fail

When considering the enormous amount of planning, time and effort that goes into project's, any 11th-hour changes can completely derail a project, especially when we're talking about major changes. This can be a sign that the planning stage was too light, or requirements were not sufficiently identified. It can also mean stakeholder expectations have changed throughout the project, but, regardless it still should be of significant concern. ... There can be a multitude of other HR-based issues that can negatively impact the project. Some others that are of more concern could be constant conflict, team members who don't really understand their role, and if the wheels fall off the wagon during every meeting, a PM should be concerned and deal with these right away before they get out of control.


How to Build an Economically-Driven Cyber Defense Strategy

A standard ransomware campaign could earn an attacker a 1,425 percent ROI, according to a report by Trustwave. This is in large part thanks to the explosion of Exploit Kits (EKs) – toolkits with packaged exploit codes – and other black market malware that puts sophisticated attack techniques into criminals’ hands for a fraction of the cost of the potential payout. Commercial crimeware can be purchased for as little as $500 a month. For an extra fee, customers can even rent “crypting services” to make the malicious software harder to detect. As with any SAAS product, more sophisticated packages are available for a higher price. Some exploit kits come complete with built-in distribution channels, technical support and are updated regularly with newly discovered vulnerabilities.


The curious technology shift that is making television shows better than movies

What’s changed in technology that has caused this massive shift in my own thought process? I’m a major movie buff and, for the past two decades, I’ve always picked a theatrical release like Star Trek: Beyond over anything on HBO. Even up until last year, I viewed Netflix as a movie-watching channel (such as they are) and not as a way to stream original shows. If I used the HBO app, it was to find movies. Here’s the shift: Instant access definitely favors episodic television. It took me a long time to make this transition, though, and I still plan to watch the new Star Wars movie this December. It’s not like I’m giving up on Hollywood. And yet, I can tell that I’m a bigger fan now of a different format, one that encourages not just binge watching but, more importantly, lean-in entertainment.


Laying the foundation for a virtualized network infrastructure

The placement of the VNF, as it relates to data flow, must be considered when looking at virtualizing a formerly physical appliance. If data flowing in or out of your network must be significantly rerouted so it passes through a VNF residing in the data center, you may want to reconsider a virtualized network infrastructure. A benefit of physical appliances is they are point-based services that can be physically installed anywhere along the network path. Redirecting traffic into a data center can increase complexity -- and potentially create network bottlenecks, as the amount of north-south data center traffic can increase exponentially. Ultimately, enterprise organizations have adopted the approach of "virtualize when possible."


Getting Started with ASP.Net Performance Monitoring and Optimization

A top-bottom approach, i.e. identifying an issue more and more precisely, works well in the context of an issue localized to a single page. How about issues that spawns multiple pages? What if, for example, various pages experience intermittent slow response time due to a subsystem not keeping up or an antique network switch which each reboot may be its last? This is where a monitoring approach focused on the application shows its limitations. At this level, other metrics are needed to assess the healthiness of every component in the system, both at software and hardware level. At the hardware level, the first machines that comes to mind are the web and database servers. However, these are only the tip of the iceberg. All hardware components must be identified and monitored: server, network switch, router, load balancer, firewall, SAN, etc.



Quote for the day:


"About the time we can make the ends meet, somebody moves the ends." -- Herbert Hoover