Daily Tech Digest - September 14, 2017

Delivering Genuine Emails in an Ocean of Spam

Deliverability is the industry term for an email’s ability to reach a given in-box. If an organization sends high-quality emails that maintain a sizeable forensic distance between themselves and the hordes of spam, more of them will pass the filtering inspections and end up in the customer’s in-box. If more emails end up in more customers’ in-boxes, then more are opened and clicked on (engaged with, in marketing speak). But this isn’t just a desirable outcome for marketing-oriented emails. If you need to deliver an alert or a confirmation email to users, it’s imperative that it lands in their in-box. For example, suppose you’re trying to send information on medications that are vital to your customers’ health. Huge amounts of spam continually try to sell various dubious medicines to the public, and automated spam filters have become sensitive to them.


AbsurdIT: the old data centre computing model is broken

Companies that dispensed with older approaches and embraced client/server and new technologies more generally aren’t any better off as the spaghetti cranked out by generations of systems from various vendors has led to issues of space, heat, complexity and high energy consumption. Little wonder that there is a thriving boutique business in designing and refurbishing data centres. Some even repurpose spaces from cowsheds, aeroplane factories and caves to churches, military bunkers and salt mines. Attempts to cool facilities have led to a boom in firms selling liquid cooling, fans, heat sinks, air- and glycol-cooled chillers and other devices. And here’s the rub: cooling sucks up about as much electricity as the machines they are taking the heat off. We all know why we have this absurdity (or absurdIT, if you will). Change is tough and, in the case of the data centre, often requires comprehensive auditing


Unwanted By Oracle, Java EE Gets Adopted By Eclipse

Oracle cited Eclipse’s experience in Java EE and related technologies as why it is transferring Java EE to Eclipse. “This will help us transition Java EE rapidly, create community-friendly processes for evolving the platform, and leverage complementary projects such as MicroProfile,” said Oracle softwareevangelist David Delabassee. (MicroProfile arose as a Red Hat- and IBM-driven effort to fit Java EE with microservices capabilities last year after part of the Java community feared that Oracle was neglecting the platform. MicroProfile has since moved over to Eclipse.) "Moving Java EE to open governance and collaboration is going to be a process, not an event,” said Eclipse Executive Director Mike Milinkovich. "Our early discussions with Oracle, IBM, and Red Hat have shown that there is a lot of support for this among their leadership teams.”


7 Tips to Fight Gmail Phishing Attacks

"We have definitely seen a rise in sophistication of phishing attacks over the past few years and a shift toward 'quality' over 'quantity,'" says Amy Baker, vice president of marketing at Wombat Security. Broad-based attacks are still happening, but spearphishing and BEC are on the rise. "Cybercriminals are increasingly using social media channels to mine for data and lay the groundwork for high-value attacks," Baker continues. "In these situations, we see multi-faceted approaches that incorporate social engineering techniques outside of email that ultimately make an email communication more believable." Hackers want to take advantage of users' familiarity with Gmail, and other products from high-visibility organizations like Amazon and Facebook.


Why Redis beats Memcached for caching

You’ll almost always want to use Redis because of its data structures. With Redis as a cache, you gain a lot of power (such as the ability to fine-tune cache contents and durability) and greater efficiency overall. Once you use the data structures, the efficiency boost becomes tremendous for specific application scenarios. Redis’ superiority is evident in almost every aspect of cache management. Caches employ a mechanism called data eviction to make room for new data by deleting old data from memory. Memcached’s data eviction mechanism employs a Least Recently Used algorithm and somewhat arbitrarily evicts data that’s similar in size to the new data. Redis, by contrast, allows for fine-grained control over eviction, letting you choose from six different eviction policies. Redis also employs more sophisticated approaches to memory management and eviction candidate selection.


UK companies are still struggling to comply with latest data protection regulations

Companies in the UK mostly store in the public cloud product information (47 percent), information about clients (40 percent), and information about employees (39 percent), and avoid storing off-premise what they perceive to be more sensitive data, such as research into new products  ... “The risk of being GDPR non-compliant means not only negative publicity and damage to the companies’ reputation as it has been until now, but also penalties that can total up to 4% of a company’s global annual revenue,” Bitdefender’s Senior eThreat Analyst Bogdan Botezatu says. “With 2017 having already set new records in terms of magnitude of cyberattacks, boards should be aware that it’s only a matter of time until their organization will be breached since most still lack efficient security shields.”


House passes bill paving the way for driverless cars

The “Self Drive Act” was unanimously approved by the House Energy and Commerce Committee in July, before Congress left for August recess, and passed the full House on a voice vote. “Self-driving cars hold the promise of making America’s roads safer, creating new economic opportunities, and helping seniors and those with disabilities live more independently," Commerce Chairman Greg Walden (R-Ore.) and Rep. Bob Latta (R-Ohio) said in a joint statement. “This bipartisan bill paves the way for advanced collision avoidance systems and self-driving cars nationwide, and ensures that America stays a global leader in innovation.” The bill would pre-empt states from implementing certain laws governing the new technology. It would also allow car manufacturers to deploy up to 100,000 self-driving cars a year that don’t meet normal safety standards.


Beware: Your Latest Cybersecurity Threat Could Be the One You Just Hired

Many employees are now familiar with the phenomenon. Spear phishing is specific kind of phishing attack where the phishers pose as trustworthy individuals. The attackers use email spoofing to mask unfamiliar email addresses with those of a coworker or manager to get an employee to divulge important information, make a money transfer, or open an attachment with a piece of malware. This type of scam is becoming increasingly prevalent. It is estimated that over 400 businesses are targeted by business email compromise (BEC) scams every day, with small- and medium-sized businesses the most targeted. Estimates from the FBI place the value of money lost to BEC scams over the past three years at $3 billion, with more than 22,000 businesses falling victim worldwide.


What You Need To Know About Law Firm Cybersecurity

As entities, law firm systems contain highly-sensitive financial data, corporate strategies, trade secrets, business transaction information and plenty of both PIIA and PHI. Unfortunately, many firms lack a complete, effective, privacy and security program. According to an ALM Legal Intelligence study, 22% of law firms did not have an organized plan in place to prepare for or respond to a data breach. Only 50% of law firms included in the study have cyber security teams in place to handle and implement the types of complex programs and initiatives necessary to deal with a data breach. And, unsurprisingly, hackers have noticed these vulnerabilities. In February of 2016, Russian cybercriminal, under the name of “Oleras,” targeted law firms; in March, the Wall Street Journal reported that the nation’s biggest firms have been hacked


Break down silos to manage your cyber risks

A lot of has changed very quickly in the cybersecurity realm in recent years. Where previously it was largely a support function, today cybersecurity is front and centre for any organisation that relies on technology. “Increasingly, it is the very fabric of the digital business itself,” said Mr Gerry Chng, partner and cybersecurity leader at professional services firm EY. “As a result, you need to have the whole business come together and it is really the board and the management that need to be overall responsible and accountable for cybersecurity and bring the right resources into it,” Mr Chng added. Experts say while it is tempting to assume that cybersecurity is a big organisation issue that does not affect smaller companies as significantly, this would be the wrong mindset.




Quote for the day:


"The most common way people give up their power is by thinking they don't have any." -- Alice Walker