Daily Tech Digest - May 07, 2017

Phishers Spoofing Email Senders to Muck around with Victims’ Web Accounts

The researcher observed that attackers could also use that same feature to add malicious PDF documents to a target’s to-do list. All they would need to do is attach the documents to their emails. They could then use the “*” character, per Wunderlist’s service, to flag that email and its attachments as important. Fortunately, it’s not hard to fix the issue. Web services can take a cue from companies like Google, Evernote and Facebook and begin using unique secret email addresses for each account. This address connects a generic mail-in account to the user’s account. To mess with the system, someone would need to know the secret email address for the target’s account and the company’s generic mail-in email address.


Why one CIO chose ‘speed over elegance’ in corporate split

It's customary for CIOs to seek synergies in such complex splits. Enticed by reduced license and support costs, Bender purchased several SAP applications. He chose SAP's Hybris ecommerce application and SAP cloud applications, including SuccessFactors for human resource management, Ariba for procurement and spending analytics, and Concur for travel and expense management. “Cloud-based solutions were preferable because we could stand them up faster and implement them accordingly,” Bender says. While Bender acknowledges the predominance of SAP in his portfolio he insists that he's not wed to the vendor; rather, he's picked the best solution for each business need. "You have to look in terms of adding value to the business," Bender says. "Where it makes sense we lean into SAP and we’ve had success with that.”


Culture May Eat Agile for Breakfast

Originally rooted in the “fake it ‘til you make it” practice, the approach used to be of an intermediary nature to gain time while figuring out or preparing the right solution. Nowadays, it is the answer particularly in areas like sales or customer service, the latter often acting as an extension of an inadequate product or service. Adding people to fix issues manually turns out to be psychologically challenging at the leadership level. There often is an immediate feeling of adding value by fixing a problem. However, this initial short-term success is achieved at the expense of the long-term solution by making it seem less urgent. Hence, this path means focusing on the low-effort-low-outcome quadrant, when the organization should address the real issue at hands: how to preserve its culture when hiring starts focusing on providing skills, not mindset?


HoloLens system uses augmented reality to aid spinal surgery

At least that's the promise of the new Scopis Holographic Navigation Platform, which is designed to be used with the Microsoft HoloLens to help doctors perform spinal surgery.  The company claims that its system can use 3D tracking with the HoloLens to help accurately find spinal screw positions faster during surgery. The system also allows the medical team to place virtual monitors above the surgery space, giving the surgeon a hands-free way to refer to charts and images while operating. Scopis also employs the HoloLens' familiar finger gestures (which look like you're pinching the air) to allow the surgeon to control the AR content. Of course, the $3,000 HoloLens is still mostly in the hands of developers, so we're still learning about just how reliable it is during pressure situations like surgery, but this short video is an encouraging look at the possible near future of AR as a practical tool beyond gaming and casual apps.


How Mindfulness will Protect You From Being Replaced by a Robot

Mindfulness is a natural capacity, present in all of us to some extent. But we are all too familiar with its opposite: a default, heedless, distracted state often described as ‘autopilot’. It goes without saying that anything that we can do on autopilot, robots and AI will soon do better. Mindfulness may come to be seen as the core 21st century capacity, because it concerns our only competitive advantage over the machines: awareness itself. ... If we’re successful in creating a human-centered economy that plays to our best qualities, then this may mean that we work fewer hours, or fewer days. But it may also mean that many of us will be unemployed. If this is the case, how will we use our time? What will education teach us?


Big Data Analytics Talent is Just Waiting to be Tapped

There is also a need to separate the roles involved in managing and preparing data analytics – which can be divided into two broad categories: data science or data engineering. Aashu Virmani, chief marketing officer at in-database analytics software company Fuzzy Logix, recently explored these distinctions with Adrian Bridgwater in a recent Forbes article. “In the most simple of terms, data engineers worry about data infrastructure while data scientists are all about analysis,” Virmani states. Virmani also explored the qualities that make a good data scientist or good data engineer. Data scientists, Virmani says, “may not have a ton of programming experience but their understanding of one or more analytics frameworks is essential.” He also says that a large part of their role is hypothesis testing, but the key is letting the data tell its own story.


Is the digitization of finance making human bankers obsolete?

The future of banking also is changing the fundamental relationship between bankers and clients. Banking is primarily a relationship business, noted moderator Dan Primack, business editor at Axios. Often a human bank manager can be the driver of business based on his relationships and network, but that may be changing. So, is the digitization of finance making banking relationships less important? Michael Tannenbaum, chief revenue officer of the San Francisco-based SoFi — an online personal finance company that provides student loan refinancing, mortgages and personal loans — invoked what he called the 80/20 rule, where the majority of financial services perhaps could be solved with technology, and supplemented with high-end service from a financial services professional.


Cyberspies tap free tools to build powerful malware framework

After analyzing the way in which Netrepser's command-and-control server assigns unique tracking IDs to infections, the Bitdefender researchers believe that the attack group has compromised around 500 computers to date. The vast majority of those systems belong to government agencies and organizations, indicating that Netrepser's goal is cyberespionage, not financially motivated cybercrime. Bitdefender declined to disclose the countries whose government agencies have been targeted, but some of the spear-phishing emails sent by the cyberespionage group contained malicious Microsoft Office documents with Russian names and text. This doesn't necessarily limit attacks to Russia, because the Russian language is used in many former Soviet Union member countries.


The pitfalls of cybersecurity shopping: hype and shoddy products

Some vendors even resort to scare tactics. When Chow rejects a product pitch, salespeople often tell him he doesn’t care about his company’s security. “It’s a shame-and-guilt game,” Chow said. One CISO said that on two occasions, vendors have threatened to report his organization to the U.S. Dept. of Health and Human Services, claiming he was violating compliance regulations by not buying their security product.  The aggressive sales tactics aren't surprising. Competition among vendors has ramped up in recent years as a wave of security startups has shaken up the sector with new products promising better protection. That’s brought a flood of venture capital into an increasingly crowded market.


Do you need a chief artificial intelligence officer?

There is significant new hype around AI and ML which can undermine the productive and beneficial uses of these technologies. But artificial intelligence and machine learning are a set of methods in computational science that have been in practice benefiting businesses for many decades. For organizations exploring this role, review how it has been structured in other organizations and what has been expected (e.g. recommendation, fraud detection, image analysis and so on). Great success has come from the proper implementation of these mathematically-based methods when applied to suitable problems in the business setting. The real change in recent years has been the focus on data acquisition, cleansing and engineering which is “the food” for a great AI and ML program.



Quote for the day:


"You're not always going to be successful, but if you're afraid to fail, you don't deserve to be successful." -- Charles Barkley