Daily Tech Digest - January 19, 2017

Meet Me In The Parking Lot: Walking Meetings Hit Their Stride

“Walking meetings are preferable for one-on-ones because it actually gives you a break from staring at a computer screen,” says Lan, a software engineer at Sift Science, which develops machine learning technology to detect fraud. “I walk with either a manager or a peer, usually when we talk about high-level things.” A walking meeting is just what it sounds like: a meeting that takes place during a walk rather than in a conference room or office. People can hold walking meetings on sidewalks and park trails or inside shopping malls and convention centers if the setting isn’t too noisy. “All of our employees to some extent use walking meetings to break out of the sedentary lifestyle,” says Robert Manigold, a partner at web and app development agency Code Koalas in Kansas City, Mo.

New study details the effectiveness of Security Operation Centres

Hewlett Packard Enterprise’s State of Security Operations Report 2017 looks at the increased pressure organisations are under in the face of rapid innovation in the cyber threat and how they can align security initiatives with business goals. ... Findings from this year’s report show that the majority of SOCs are falling below target maturity levels, leaving organisations vulnerable in the event of an attack. The methodology for assessments were based on HPE’s Security Operations Maturity Model (SOMM), which focuses on multiple aspects of a successful and mature security intelligence and monitoring capability including people, process, technology, and business functions. The SOMM uses a five-point scale – a score of “0” is given for a complete lack of capability while a “5” is given for a capability that is consistent, repeatable, documented, measured, tracked, and continually improved upon.

Infographic: Car Hacking Is Not A Thing Of Future

You may not realize it, but your car probably already has some self-driving technologies—even basic ones. For example, many of the newest cars have lane assist or park assist, which can help you avoid unintended lane violations or better ease into parking spots. But those car assistance technologies depend on the internet and computers, and those are at risk of hacking. In fact, that’s one of the biggest concerns with the continued development of self-driving cars: how can thieves access them, and what will they do with the data? Vound Software compiled a detailed infographic to get you all the details.

Update On The Megatrend of Artificial Intelligence

Artificial Intelligence is the discipline of thinking machines. The field is growing dramatically with the proliferation of high powered computers into homes and businesses and especially with the growing power of smartphones and other mobile devices. Artificial intelligence software is assisting people in most every discipline. The many functions of AI are considered by many to be threatening many human jobs across multiple industries, but others consider it a great producer of jobs since it will help create entirely new industries and free more humans to innovate and create. You can see our reference to Truly Useful AI You Can Use Right Today. Follow this link to track the highest ranked, enterprise ready Artificial Intelligence Companies.

Smile! Hackers Can Remotely Access Your Samsung SmartCam Security Cameras

It's not necessary to break into your computer or smartphone to spy on you. Today all devices in our home are becoming more connected to networks than ever to make our lives easy. But what's worrisome is that these connected devices can be turned against us, anytime, due to lack of stringent security measures and insecure encryption mechanisms implemented in these Internet of Things (IoTs) devices. The most recent victim of this issue is the Samsung's range of SmartCam home security cameras. Yes, it's hell easy to hijack the popular Samsung SmartCam security cameras, as they contain a critical remote code execution (RCE) vulnerability that could let hackers gain root access and take full control of these devices.

Attackers Start Wiping Data From CouchDB And Hadoop Databases

According to Merrigan's latest count, 126 Hadoop instances have been wiped so far. The number of victims is likely to increase because there are thousands of Hadoop deployments accessible from the internet -- although it's hard to say how many are vulnerable. The attacks against MongoDB and Elasticsearch followed a similar pattern. The number of MongoDB victims jumped from hundreds to thousands in a matter of hours and to tens of thousands within a week. The latest count puts the number of wiped MongoDB databases at more than 34,000 and that of deleted Elasticsearch clusters at more than 4,600. A group called Kraken0, responsible for most of the ransomware attacks against databases, is trying to sell its attack toolkit and a list of vulnerable MongoDB and Elasticsearch installations for the equivalent of US$500 in bitcoins.

How AI Can End Bias

AI has the potential to help us avoid bias in hiring, operations, customer service, and the broader business and social communities—and doing so makes good business sense. For one thing, even the most unintentional discrimination can cost a company significantly, in both money and brand equity. The mere fact of having to defend against an accusation of bias can linger long after the issue itself is settled. Beyond managing risk related to legal and regulatory issues, though, there’s a broader argument for tackling bias: in a relentlessly competitive and global economy, no organization can afford to shut itself off from broader input, more varied experiences, a wider range of talent, and larger potential markets. That said, the algorithms that drive AI don’t reveal pure, objective truth just because they’re mathematical.

Gaining Confidence In The Cloud

Security in the cloud refers to the security of systems built on top of it. Whilst the private cloud providers will offer simplified systems for administrators to both implement and audit standard security measures, these by no means replace the traditional measures, nor does they guarantee the security of your systems. Just as in a traditional datacentre or a private cloud, the security of your system is mainly your responsibility. ... The point at which the responsibility passes from your organisation to your supplier is known as the ‘trust boundary’ and it occurs at different points for the different types of cloud e.g. IaaS, PaaS and SaaS. You will need to verify the security status and resilience of the Cloud Service Providers (CSP) you chose and you should also review and understand their Data Protection Act obligations. From 2018,

4 Reasons You Need Developers With Cybersecurity Skills in All Tech Teams

According to a recent study, the global demand for cybersecurity professionals will create more than one million unfilled cybersecurity positions by 2019, with one of the most desired skills being secure software development. No wonder, that entrepreneurs and companies are having increasingly hard time finding the security talent they need to build reliable services and keep the data of their users safe. One way to bridge the skills gap and create more secure products is to train and hire more engineers specialized in cybersecurity. However, it is equally important to improve the cryptography and security skills of all developers working in your company, beyond those sitting in dedicated cybersecurity teams. Here are some thoughts on the reasons.

Close The Gap Between IT & Security To Reduce The Impact Of Cyber Threats

There are many advantages to having separate IT and security teams, with the most important being that it allows experts in both groups to hone specific skill sets that make them more effective at their jobs. But that doesn't mean that each must operate within a silo. Combining security and IT operations can be as simple as encouraging more communications and providing tools that give them visibility into areas supervised by the other group. In security, having a deeper understanding of how systems within the network are designed to perform would help them to better spot and stop threats. Modern advanced persistent threats that use tools like Hammertoss, ... Attacks that leverage native capabilities in the operating system or whitelisted websites/applications (such as tech support) would not be so invisible to those on the security team if they knew what day-to-day operations of those systems looked like from an IT perspective.

Mini PC invasion: These radically tiny computers fit in the palm of your hand

Some of today’s desktops can make even the sleekest of laptops seem downright bulky. Computers have been shrinking for years, and the revolution has only accelerated in recent times. As chipmakers focus on creating processors that sip power without sacrificing performance, thermal concerns have largely been alleviated in modern CPUs. Because of that, today’s pint-sized PCs offer enough performance to play HD video and satisfy Office jockeys, the opposite of the janky, compromised experience of yesteryear’s microcomputers. From PCs-on-a-stick to discreet boxes no larger than a deck of cards, let’s take a look at the wide range of computers available that can fit in the palm of your hand—starting with the one that brought teeny-tiny PCs to public attention.

Quote for the day:

“Never underestimate the power of dreams and the human spirit. The potential for greatness lives within each of us.” -- Wilma Rudolph