Daily Tech Digest - July 15, 2022

Large-Scale Phishing Campaign Bypasses MFA

In the phishing campaign observed by Microsoft researchers, attackers initiate contact with potential victims by sending emails with an HTML file attachment to multiple recipients in different organizations. The messages claim that the recipients have a voicemail message and need to click on the attachment to access it or it will be deleted in 24 hours. If a user clicks on the link, they are redirected to a site that tells them they will be redirected again to their mailbox with the audio in an hour. Meanwhile, they are asked to sign in with their credentials. At this point, however, the attack does something unique using clever coding by automatically filling in the phishing landing page with the user’s email address, “thus enhancing its social engineering lure,” researchers noted. If a target enters his or her credentials and gets authenticated, he or she is redirected to the legitimate Microsoft office.com page. However, in the background, the attacker intercepts the credentials and gets authenticated on the user’s behalf, providing free reign to perform follow-on activities, researchers said.

Mergers and acquisitions put zero trust to the ultimate test

Zero trust is getting a hard look by enterprises that are pushing more workloads into the cloud and edge amid more employees working remotely, all of which are beyond the boundaries datacenter security. The architecture assumes that no user, device, or application on the network can be trusted. Instead, a zero-trust framework relies on identity, behavior, authentication, and policies to verify and validate everything on the network and to determine such issues as access and privileges. ... "When a company [buys another], they have to identify which applications of the acquired company they should keep and which they should eliminate," he said. "Then, for a period of time, the acquired company will only give them limited access to applications in the acquiring company and vice-versa. To do so, traditionally they have to bring the two corporate networks together. When they integrate corporate networks, it creates problems. "Each site has the same IP address name. They call them 'overlapping IP addresses.' Now they have to rename and create the stuff. It takes time, money and effort."

8 servant leadership do’s and don’ts

Being a servant leader doesn’t mean giving up control or “letting people do whatever they want,” Dotlich says. “I don’t think it means that you do whatever [employees] ask either, which is how we normally think of ‘servants.’ But it is really facilitating people’s performance, goals, achievements, and aspirations. In that way you’re serving who they want to be or what they want to achieve.” ... During periods of high pressure, “sometimes we as leaders want to keep pushing forward but that’s exactly the wrong thing to do,” Reis says. “Sometimes it’s just better to take a minute, reframe, and then re-engage.” Leaders can also show empathy with feedback, he says. “It would be easy to hear a list of complaints and for defensiveness to set in,” Reis says. “But the empathy is in understanding that the issues being raised are part of the teammates’ sincere desire to make things better. You’re empathizing with that frustration and really hearing that,” he says. ... It’s important for each organization to define servant leadership “in a way that works in your own system, that people understand and that is not misleading,” Dotlich says.

Researchers trained an AI model to ‘think’ like a baby, and it suddenly excelled

Typically, AI models start with a blank slate and are trained on data with many different examples, from which the model constructs knowledge. But research on infants suggests this is not what babies do. Instead of building knowledge from scratch, infants start with some principled expectations about objects. For instance, they expect if they attend to an object that is then hidden behind another object, the first object will continue to exist. This is a core assumption that starts them off in the right direction. Their knowledge then becomes more refined with time and experience. The exciting finding by Piloto and colleagues is that a deep-learning AI system modelled on what babies do, outperforms a system that begins with a blank slate and tries to learn based on experience alone. ... If you show an infant a magic trick where you violate this expectation, they can detect the magic. They reveal this knowledge by looking significantly longer at events with unexpected, or “magic” outcomes, compared to events where the outcomes are expected.

12 Ways to Improve Your Monolith Before Transitioning to Microservices

A rewrite is never an easy journey, but by moving from monolith to microservices, you are changing more than the way you code; you are changing the company’s operating model. Not only do you have to learn a new, more complex tech stack but management will also need to adjust the work culture and reorganize people into smaller, cross-functional teams. How to best reorganize the teams and the company are subjects worthy of a separate post. In this article, I want to focus on the technical aspects of the migration. First, it’s important to research as much as possible about the tradeoffs involved in adopting microservices before even getting started. You want to be absolutely sure that microservices (and not other alternative solutions such as modularized monoliths) are the right solution for you. ... During development, you’ll not only be constantly shipping out new microservices but also re-deploying the monolith. The faster and more painless this process is, the more rapidly you can progress. Set up continuous integration and delivery (CI/CD) to test and deploy code automatically.

A Data Professional without Business Acumen Is Like a Sword without a Handle

In my journey to become an impactful data professional, I’ve found three statements to be an excellent pivot:Identify what you love doing in your career, and more importantly, what you do not. It is okay to feel overwhelmed by the depth data science and analytics has to offer. Start small with the basics, and build your way up to complex projects at your own pace. Read what people are working on. That can inspire you, set expectations, and introduce you to the latest and greatest in the data community. Take time to create your value proposition as a data person and work to be the subject matter expert for a niche. Be the pacesetter of goals for people to turn to you for knowledge, advice, or to get stuff done. Also, a data professional without business acumen is like a sword without a handle. The ability to translate business problems into data and connect it back to business impact is compelling and much appreciated in today’s world. If all of these still don’t connect with you, there are plenty of other roles in data beyond data scientists and analysts! There’s a lot in store for a technology enthusiast today.

Making sense of data with low-code environments

A serious low-code environment provides data scientists flexibility around the tools they use. At the same time, it allows focus on the interesting parts of their job, while abstracting away from tool interfacing and different versions of involved libraries. A good environment lets data scientists reach out to code if they want to, but ensures they do not have to touch code every time they want to control the interna of an algorithm. Essentially, this allows visual programming of a data flow process — data science done for real is complex, after all. If done right, the low-code environment continues to allow access to new technologies, making it future proof for ongoing innovations in the field. But the best low-code environments also ensure backward compatibility and include a mechanism to easily package and deploy trained models together with all the necessary steps for data transformations into production. ... The business people often complain that the data folks work slowly, don’t quite understand the real problem and, at the end of it all, don’t quite arrive at the answer the business side was looking for. 

Technology is providing the resilience that businesses need at uncertain times

From the blockchain to the Metaverse to emotional AI, digital technologies are rapidly advancing at a time when enterprises face more pressure than ever to innovate to gain a competitive advantage. . How can companies apply human-centric technologies to transform the future of their business? Radically Human, a new book from Accenture Technology leaders Paul Daugherty and H. James Wilson, offers business leaders an easy-to-understand breakdown of today's most advanced human-inspired technologies and an actionable IDEAS framework that will help you approach innovation in a completely new way. In Radically Human, Daugherty and Wilson show this profound shift, fast-forwarded by the pandemic, toward more human -- and more humane -- technology. The book introduces us to a new innovation framework and the basic building blocks of business -- Intelligence, Data, Expertise, Architecture, and Strategy (IDEAS) -- that are transforming competition. Daugherty also highlights the three stages of human-machine interactions.

Low-code development becoming business skill ‘table stakes’

Cloud computing software provider ServiceNow said that more than 80% of its customer base now uses its low-code solution, App Engine. And App Engine’s active developer base grows by 47% every month, the company said. Marcus Torres, general manager of the App Engine Business at ServiceNow, said the ability to create business applications with low-code and no-code tools is becoming an expected skill set for businesses. Much of that is because the business side of the house understands the application needs of a company better than an IT shop. The millennials and younger workers that make up the majority of today’s workforce are far more comfortable with technology, including software development, than older workers. “They understand there is an app that provides some utility for them,” Torres said. “With these [low-code] platforms, people typically try it out, get some initial success, and then try to do more.” Torres has seen groups ranging from facilities teams to human resources departments develop applications, with the development work done by people who typically don’t have technology pedigree.

Why tech professionals are leaving IT companies for MBA

The IT experience with the business training provides a big picture of the direction of the tech firm, from the view point of clients, various departments, cost, and the firm’s future. The right kind of MBA program allows hands on experience of creating products and services and working in an environment similar to tech firms. Besides the soft skills like leadership, team work, communication, etc. the hard skills – problem solving, strategic planning, data analytics – working within the frame work of the fast-evolving tech world can really increase the hiring value of MBAs with prior tech experience. Good MBA programs also expose their graduates to various hubs including tech companies. It opens up networking opportunities with peers and current leaders who are all invested in building the right kind of talent for the future. This surely beats being stuck in a dead-end software job role with little learning and development. Good MBA programs also increase the value of its grads, with better salary opportunities than with pre-MBA experience. 

Quote for the day:

"A leader or a man of action in a crisis almost always acts subconsciously and then thinks of the reasons for his action." -- Jawaharlal Nehru

No comments:

Post a Comment