Daily Tech Digest - March 16, 2017

Ransomware: Now cybercriminals are stealing code from each other, say researchers

"We are now seeing that threat actors are starting to devour each other. From our perspective, this is a sign of growing competition between ransomware gangs," says Anton Ivanov, senior security researcher at Kaspersky Lab "Theoretically, this is good, because the more time criminal actors spend on fighting and fooling each other, the less organised they will be, and the less effective their malicious campaigns will be." However, that doesn't mean that you should take their eye of the ball when it comes to protecting against ransomware. "We urge organisations to pay as much attention as possible to the protection of their networks from this kind of threat, because the consequences can be really disastrous," Ivanov added.


Unleash the power of Excel's AutoSum tool

Most users quickly learn how to use Excel's AutoSum to total a row or column of values. For better or worse, some users never move beyond that basic task; they never learn that AutoSum can enter functions for an entire data set with a quick selection and a click, let alone evaluate noncontiguous ranges! In this article, I'll review the basic AutoSum task. Then, I'll show you how to put this feature to work by entering multiple functions with almost no effort. I'm using Excel 2016 on a Windows 10 64-bit system, but most of these techniques will work in earlier versions. You can download the demonstration .xlsx or .xls file or work with your own data. AutoSum is available in 365's browser version, but it's limited because you can't build multiple-range selections.


How to navigate the changing landscape of cybersecurity

The world of cybersecurity has changed drastically over the past couple of decades. We have evolved from a world of keystroke logging and trojans to a universe of full fledged ransomware and cyber warfare. From a governmental, corporate and personal standpoint, the increasing frequency of cyber attacks combined with their severity is unnerving, to say the least. Add to that the fact that the cybersecurity workforce is expected to see a shortage of 1.8 million employees in 2022, and the unsettling feelings are magnified. As malicious threats are becoming more prominent, and perpetrators salivate at the newfound opportunities to make an impact, here are some ways that industry experts are approaching the modern landscape of cyber security


Dealing With Email Security Threats

Although cyber-security issues seemingly become murkier by the day, one thing is very clear: Email is increasingly at the center of enterprise breaches. However, despite perceptions that these attacks mostly originate from the outside, many breaches are connected to internal glitches, breakdowns and problems, according to a February 2017 report from email security vendor Mimecast and Forrester Research. "Email Security Threats: Not Just from the Outside," reveals that there are several noteworthy risks. These include compromised accounts (internal accounts that have been compromised by external attacks), careless misuse (internal policy violators and those who accidentally leak or expose data or systems), and malicious insiders (insiders who purposefully take or misuse data or exploit systems). Not surprisingly, organizations must be prepared for each of these problems, and must use methods and tools to prevent breaches.


An increasingly connected world needs hackers more than ever before

“We believe that cybersecurity is a correctable math problem that, at present, overwhelmingly favors the attackers,” Ryan M Gillis, vice president of cybersecurity strategy for enterprise security company Palo Alto Networks, said at a House Homeland Security Committee meeting last week about protecting the private sector from hacking. “Network defenders are simply losing the economics of the cybersecurity challenge.” One increasingly popular way for a company or government agency to root out vulnerabilities is through a big bounty program, a policy that invites hackers to try to infiltrate its connected networks. Hackers receive financial compensation for identifying entry points that could be exploited for malicious purposes. The idea has been around since at least 1995, when internet browser pioneer Netscape initiated its “bugs bounty” program with a $50,000 budget.


5 tech firms racing to invest in AI startups

Through massive investments in artificial intelligence (AI) startups, the world’s leading tech firms are racing to create markets to transform the economic landscape. According to a report by CB Insights, since 2011 mergers and acquisition activity in the sector has increased sevenfold, with most startups being acquired in the first four years of their initial financing round. In 2016, AI startups drew significant attention, with $1.05 billion pouring in during the third quarter. Here is a look at some of the many tech firms that are investing in AI research in order to capitalize on the shifting digital market.


IT Priorities 2017: Tech leaders remain invested in cloud options

"One of the biggest reasons that we use internal cloud rather than legacy storage systems is that these are all flash arrays," said the respondent from the financial services industry. "Flash arrays allow us better response times, which allow us to deliver better and more responsive service to the business, allowing functionality and analytics that were not possible in the past." Among respondents who said they devoted most of their time to application development, general IT management or other software-related areas, 35% of respondents said they would implement agile development methods in 2017, but cloud application development was close behind, at 31%.


Justice Dept. charges four Russia-backed hackers over Yahoo breach

It's the first time that the US government has charged Russian officials with cyber-related offenses, and said to be part of the largest ever hacking case brought by the US government. Two of those charged, Dmitry Dokuchaev and Igor Sushchin, work for a cyber division known as "Center 18" at Russia's domestic intelligence agency, the FSB, the successor to the KGB. Dokuchaev was arrested in December in Moscow on treason charges, after he was accused of passing state secrets to the CIA. Two other hackers who were also indicted acted with the backing of Moscow, said Justice Dept. and FBI officials in Washington DC. One of those other indicted for-hire hackers, Alexsey Belan, listed as one of the FBI's Cyber Most Wanted criminals, is said to still be in Russia, after he was previously charged with hacking by US authorities on two occasions in recent years.


Why this new school database might be your next data warehouse

It's definitely finer-grained than just saying an order of magnitude boost in operations per second, or something to that effect. Typically, that kind of consideration is just how fast can you write something and then you would read it later. But that type of thinking is old hat and no longer relevant in an era where you want to be analyzing what is happening now, as well as correlating that against what happened in the past, at any given time boundary. So, when we talk about the need to ingest in real time we're introducing a new notion of updateable, fast ingestion. Data warehouses can only append, they cannot update. Since MemSQL can update in real time, that means we can be ingesting lots of data—millions of events per second—and we can still ensure that we are writing and updating and reading all at once.


Load Balancing AWS Auto Scaling Groups With NGINX Plus

With AWS Auto Scaling, you can change the number of EC2 instances in an Auto Scaling group, either manually or automatically, based on schedule or demand. Auto Scaling helps reduce cost by adjusting the number of instances to the right number for the current workload. Additionally, Auto Scaling restarts failed instances, which adds resilience to your applications. Load balancing is crucial when using Auto Scaling. AWS provides load balancing of instances of Auto Scaling groups by integrating its built-in load balancers — Elastic Load Balancer (ELB), now officially called Classic Load Balancer, and Application Load Balancer (ALB) — with Auto Scaling. NGINX Plus provides advanced cloud load balancing for any cloud environment, including AWS, and supports AWS Auto Scaling groups.



Quote for the day:


"When your values are clear to you, making decisions becomes easier." -- Roy E. Disney