Daily Tech Digest - April 05, 2017

Businesses Hit by More W-2 Fraud as Cybercriminals Shift Tax Season Targets

Cybercriminals often collect W-2 data by pretending to be a company exec and emailing HR or payroll for employee information, which is used to file fraudulent returns and collect refunds. In addition, they may also request a wire transfer to a specific bank account. Attackers who are more technically inclined may bypass the fake emails and breach an organization's servers to steal data directly, says Kessem. In addition to using W-2 data for their own scams, fraudsters will sell it on the dark web, the report states. The most valuable bundles of information are called "Fullz" and contain the victim's address, contact info, Social Security and driver's license numbers, plus all W-2 and W-9 information. Each record runs for $40-$50 in Bitcoin on the Dark Web.


What home products are most susceptible to cyber burglars?

Just like the lock on your front door to keep out burglars, you should protect your high-tech devices from cyber threats. Start by choosing different passwords for your internet router and each of your smart devices. It is also important to use multi-factor authentication as an added protection to prevent a hacker who guesses your password from breaking into your home. You should regularly install manufacturer updates to make sure you are running the most current security system in your home. Ovum's "Smart Home Devices Forecast: 2016–21" found that the largest smart home markets will be China and the US, because of high availability of devices and greater consumer interest in smart home services and products. Device sales will grow to more than 1.4 billion units by 2021, up from 224 million in 2016, driven particularly by sales of security devices, such as cameras, door locks, and sensors, and by utilities devices, such as connected light bulbs and smart thermostats.


You are not very incognito in incognito mode

Basically, incognito mode just means that the browser doesn't save cookies, temporary internet files or your browsing history when you are in incognito mode. The main thing it does is hide your browsing history from other people who use the same computer. Not all of reasons someone might want to do this are nefarious; I used incognito mode when I was shopping for Christmas presents on a shared computer this past year, and successfully managed to keep the gifts I searched for and purchased a secret. There are other uses for incognito mode apart from keeping your browsing history secure from prying eyes. For example, you can be logged into your main Google account, then open an Incognito Window and use it log into a separate or secondary Google account at the same time.


NASA official warns of 'the internet of dangerous things'

The reason why software security is weak, Davis said, is because industry is "all about speed to market." Plus, there are "not enough people out there who can actually build these things the correct way," he said. Exacerbating the concerns about the internet of things, Davis said, is that the information-sharing systems currently in place are "just completely broken." Even though security groups share the same mission to protect users, Davis pointed to shareholder issues and concerns about attribution and embarrassment as reasons why both public and private groups are reluctant to share. To keep up with the emerging security problems, Davis said that industry and government alike must work to foster security skill sets. Both government and industry have to navigate the shortage of cybersecurity specialists, but government is at a disadvantage because of its protracted hiring process and inability to compete with top private-sector compensation, Davis said.


IT leaders share how they quell cybersecurity attacks

"God forbid someone drop a cyber nuke or DDOS from malware -- they can take down a whole environment," Belfiore says. "If we're down it doesn't really matter how secure we are -- we have a problem." Even so, security chiefs have to protect their data. Aon is a heavy consumer of Tanium, whose endpoint security software monitors IT operations and detects malware, among other threats. Belfiore says the software covers anything from kernel operations of a server processor to the application portfolio that is operating on it. “Think of it as an agent, almost like a spy to every asset on environment to give you real-time status on any attribute related to operations and security,” says Belfiore who joined Tanium’s board of directors this year. “It's almost like a central management system on steroids for security and operations.”


Notorious IoS Spyware Has An Android Sibling

The spyware was uncovered when a human rights activist in the United Arab Emirates was found infected by it. His phone had received an SMS text message, which contained a malicious link to the spyware. Apple quickly issued a patch. But Lookout had also been investigating into whether NSO Group developed an Android version. To find out, the security firm compared how the iOS version compromises an iPhone and matched those signatures with suspicious behavior from a select group of Android apps.  Those findings were then shared with Google, which managed to identify who was affected. However, unlike the iOS version, the Android variant doesn’t actually exploit any unknown vulnerabilities. Instead, it taps known flaws in older Android versions. Chrysaor was never available on Google Play, and the small number of infected devices found suggests that most users will never encounter it, the search giant said.


McAfee Returns to Its Roots After Intel Spin-Out

Now, McAfee is embarking on yet another chapter: It has officially been spun out of Intel and is a standalone security player, yet again. Its new overlords? Well, Intel’s still in the mix, with 49% equity in the now-independent McAfee. The majority backer, however, is private equity firm TPG Capital, which has a 51% share in the company. (Another PE firm, Thoma Bravo, has also joined as a minority investor through an agreement with TPG.) As for the price tag? McAfee was valued at $4.2 billion in this most recent deal, a far cry from its former valuation. The decreased price isn’t the only thing that’s different at the newly-free McAfee. The company also has a new chief executive officer: former Intel Security head Chris Young. The CEO, a long-time security exec, has an ambitious to-do list.


The best laptops of 2017: Ultrabooks, budget PCs, 2-in-1s, and more

Dell might be sticking to the adage of “If it ain’t broke, don’t fix it” when it comes to the XPS 13, but that strategy keeps producing the best ultrabook of the bunch. The Kaby Lake XPS 13 shares the same design as its predecessors: a quality aluminium exterior and carbon-fiber top, and that wonderfully compact, bezel-free 13-inch screen. Dell actually released two updates to the XPS 13 in 2016: The one at the start of the year swapped in a Skylake CPU, added a USB Type-C port that served as an alternative charging port, and offered upgraded storage options. The most recent refresh—and our new pick for Best Ultrabook—keeps the same chassis changes as the Skylake XPS 13, features a jump to Intel’s new Kaby Lake processor, and sports a slightly larger battery. You get improved performance across the board, with a nice bump of an extra half-hour of battery life during video playback.


Why Android's ongoing domination actually matters

The better Android does in the big picture, the more app developers will be motivated to invest in it and make it a priority. The more people who use Android, the more hardware manufacturers will be driven to make standout devices and accessories. The companies that don't will miss out on reaching the overwhelming majority of internet-using consumers -- an increasingly difficult position to justify from a common-sense business perspective. ... The bottom line is this: When it comes to something like market share, no single statistic or study is as important as it may initially appear. But taken together as a whole, ongoing trends absolutely are meaningful -- in a way that has an indirect though very practical impact on users.


Enhance Your Testing Skills with Mindset Tools

Quite a lot of testers often miss out on the mindset that’s needed for testing and delivery of quality products. Sometimes it seems that quality consciousness is missing. Little wonder why some testers only find obvious bugs and why quality is far-fetched from the PUT (Program under test), despite the presence of testers on the project. Adding up to this is the overwhelming and unnecessary challenges that awaits a project where individuals in each role (programmer, project manager, test lead, testers), lack proper understanding and appropriation of the level of test mindset that is needed for each role, in order to enhance successful release of quality products. This article is about how I discovered a way to grow my test mindset and how my discovery has been useful in enhancing my testing skills.



Quote for the day:


"The machine does not isolate man from the great problems of nature but plunges him more deeply into them." -- Antoine de Saint