Daily Tech Digest - November 04, 2019

A VPN service that gets around the Great Firewall of China legally

CSO > Security mechanisms vs. fiery threats
Now there is a third option for WAN connectivity outside China. Teridion has developed an SD-WAN solution that leverages the plentiful, fast, low-cost domestic broadband and builds on it to provide access into high speed WAN connectivity outside the country in a way that’s consistent with the regulatory environment. To develop its SD-WAN Service for China, Teridion worked with legal authorities within China to ensure that this solution meets all Chinese regulations while being available to the world. Outside of China, Teridion has built a global WAN service that utilizes the public Internet as a backbone with unique capabilities to direct and manage the routing of traffic across this network. Teridion leverages a private routing infrastructure using Teridion Cloud Routers (TCRs) at the edge to establish the fastest path, at any given time, between a source and a destination. This approach provides accelerated access from one user site to another, or from user to SaaS applications and cloud workloads. Because Teridion has a lot of flexibility in choosing routes, this approach eliminates the reliability and performance gaps that are introduced when relying on the public Internet. 


Chrome will check if the users' DNS provider is on a its list of participating DoH providers, which currently include Cleanbrowsing, Cloudflare, Comcast, DNS.SB, Google, OpenDNS and Quad9. This list could expand in future experiments. "If the DNS provider is not on the list, Chrome won't enable DoH and will continue to operate as it does today. As DoH adoption increases, we expect to see the number of DoH-enabled DNS providers grow," noted Baheux. Mozilla is also implementing DoH in Firefox, albeit differently. Mozilla has also opted not to enable DoH by default for UK users because of pressure from the UK government. Another misunderstanding, according to Baheux, is that Chrome's DoH will prevent ISPs offering family-safe content filtering. Paul Vixie, a pioneer of DNS, who has called DoH a "cluster duck for internet security", this week applauded Google's approach to DoH, particularly for how it's enabling network admins to implement security controls. He also reckons Mozilla and Cloudflare should follow Google's lead.


What is cryptojacking? How to prevent, detect, and recover from it

hacker / cryptocurrency attack
Hackers have two primary ways to get a victim’s computer to secretly mine cryptocurrencies. One is to trick victims into loading cryptomining code onto their computers. This is done through phishing-like tactics: Victims receive a legitimate-looking email that encourages them to click on a link. The link runs code that places the cryptomining script on the computer. The script then runs in the background as the victim works. The other method is to inject a script on a website or an ad that is delivered to multiple websites. Once victims visit the website or the infected ad pops up in their browsers, the script automatically executes. No code is stored on the victims’ computers. Whichever method is used, the code runs complex mathematical problems on the victims’ computers and sends the results to a server that the hacker controls. Hackers often will use both methods to maximize their return. “Attacks use old malware tricks to deliver more reliable and persistent software [to the victims’ computers] as a fall back,” says Vaystikh. For example, of 100 devices mining cryptocurrencies for a hacker, 10 percent might be generating income from code on the victims’ machines, while 90 percent do so through their web browsers.


Forrester: The 5 IoT predictions paving the way for 2020

edge-computing-intro-header.jpg
While IoT devices provide a bevy of benefits, the increase in devices creates more threat vectors for cybercriminals to exploit. "IoT is the cause of the vulnerability," Gillett said. "If these products weren't connected, then the crooks couldn't get in there and try to mess with the connection or the electronics." In 2020, attackers will target both consumer and enterprise IoT devices for ransom, the report found. This means cybercriminals could attempt to exploit regular customers and device manufacturers. To prevent attackers from taking advantage of IoT devices, designers must work closely with security teams in the company or hire experts that can integrate risk-mitigating techniques, Gillett said. ... IoT will also pave the way for increased truck driver assistance, or technology that helps truck drivers notice if they are becoming drowsy or inattentive, Gillett said. While fully self-driving trucks won't be in the cards for 2020, movement toward self-driving technology on the highway will progress next year, he said.


DevOps security shifts left, but miles to go to pass hackers


DevOps security, or DevSecOps, teams have locked down many of the technical weak points within infrastructure and app deployment processes, but all too often, the initial attack takes a very human form, such as a spoofed email that seems to come from a company executive, directing the recipient to transfer funds to what turns out to be an attacker's account. "Often, breaches don't even require hacking," Sanabria said. "It requires understanding of financial processes, who's who in the company and the timing of certain transactions." Preventing such attacks requires that employees be equally familiar with that information, Sanabria said. That lack of awareness is driving a surge in ransomware attacks, which rely almost entirely on social engineering to hold vital company data hostage. ... "Developers and operations may be blind to application security issues, while security tends to focus on physical and infrastructure security, which is most clearly defined in their threat models," Pullen said.


Microsoft rebrands Flow to 'Power Automate'; adds no-code Power Platform virtual agents

powerautomate.jpg
Mirosoft's Power Platform is the collection of Power BI analytics, PowerApps app-development platform and Flow, its workflow-automation engine. As of this week, Microsoft is rebranding Flow -- which is a lot like the If This Then That (IFTTT) platform -- as "Power Automate" to make its brands more consistent. Microsoft is adding robotic process automation (RPA) to Power Automate to help automate repetitive tasks. A public preview of the RPA capability, which is called UI Flows, is available this week. Microsoft also is introducing a new capability called Power Virtual Agents in public preview as of today, November 4. Power Virtual Agents is meant to enable anyone to build a no-code, no-AI-training required intelligent bot. It combines the Microsoft Bot Framework technology with the Power Platform technologies. Those who want to make a more complex bot can take advantage of the integrations that exist between the Bot Framework and Microsoft's Cognitive Services. Mirosoft's Power Platform is the collection of Power BI analytics, PowerApps app-development platform and Flow, its workflow-automation engine.


Why the Rust language is on the rise

Why the Rust language is on the rise
You’ve probably never written anything in Rust, the open source, systems-level programming language created by Mozilla, but you likely will at some point. Developers crowned Rust their “most loved” language in Stack Overflow’s 2019 developer survey, while Redmonk’s semi-annual language rankings saw Rust get within spitting distance of the top 20 (ranking #21). This, despite Rust users “find[ing] difficulty and frustration with the language’s highly touted features for memory safety and correctness.” ... You’ve probably never written anything in Rust, the open source, systems-level programming language created by Mozilla, but you likely will at some point. Developers crowned Rust their “most loved” language in Stack Overflow’s 2019 developer survey, while Redmonk’s semi-annual language rankings saw Rust get within spitting distance of the top 20 (ranking #21). This, despite Rust users “find[ing] difficulty and frustration with the language’s highly touted features for memory safety and correctness.”


Take advantage of LinkedIn to prepare for interviews and meetings


Connect your LinkedIn account and the People Card will show job titles and profile images from LinkedIn. If it's someone in your LinkedIn network, you can see who you both know, and you can email people even if you don't have their email address saved in Outlook. Plus you can see all the email conversations you've had and any files they've sent you. Click on the LinkedIn icon at the top of the card, the LinkedIn heading in the middle or the 'Show more' link at the bottom to get a bigger window where you can see more emails, filter the files and see the highlights of their LinkedIn profile. If they have a new position or a work anniversary (or a birthday), that will show up, and you can click through to see their full profile -- helpful to see if they've posted anything that might be relevant in your meeting. If you use the Office 365 MyAnalytics feature, this will also show up on the People Card. MyAnalytics (formerly known as Delve) tracks your work habits in email, meetings and Office documents, spots who you frequently collaborate with and makes suggestions like blocking time in your calendar to get work done.


How SD-WAN is evolving into Secure Access Service Edge

data protection / security / risk management / data privacy / GDPR
An architectural transformation of the traditional data center-centric networking and security is underway to better meet the needs of today’s mobile workforces. Gartner predicts that the adoption of SASE will take place over the next five to 10 years, rendering existing network and security models obsolete. In my opinion, the term "obsolete" is a bit aggressive, but I do agree there is a need to bring networking and security together. Having them be procured and managed by separate teams is inefficient and leads to inconsistencies and blind spots. SD-WANs enable a number of new design principals, such as direct to cloud or user access, and necessitate the need for a new architecture – enter SASE. SASE combines elements of SD-WAN and network security into a single cloud-based service. It supports all types of edges, including WAN, mobile, cloud, and edge computing. So, instead of connecting a branch to the central office, it connects individual users and devices to a centralized cloud-based service. With this model, the endpoint is the individual user, device, or application, not the data center.


These 6 AI technologies will dramatically reshape enterprise project management


AI can play a key role in helping project managers make crucial decisions. Currently, 29% of organizations have already been affected by decision management, but 68% expect a high or moderate future impact, the report found. "As decisions need to be made throughout the project, project managers will rely on predictive models to assess options and select those that provide the highest likelihood of a positive outcome," Broome said.  This is also where machine learning algorithms come in, Schmelzer added, as they can show what features of a product consumer are or aren't using, for example, and help project managers make decisions accordingly.  Going hand in hand with decision management, expert systems also provide project managers with expert thinking. Some 21% of organizations have already been impacted by expert systems, and 64% expect a high or moderate future impact, the report found. "You can actually have machines automatically create these things called decision trees to help you," Schmelzer said. "It's like taking the ideas of the expert and putting them into machine learning."



Quote for the day:


"The successful man doesn't use others. Other people use the successful man. For above all the success is of service" -- Mark Kainee


No comments:

Post a Comment