Z Trek: The Alan Zeichick Weblog

, ,

Threat report from Oracle, KPMG points to strong trust in the cloud

Is the cloud ready for sensitive data? You bet it is. Some 90% of businesses in a new survey say that at least half of their cloud-based data is indeed sensitive, the kind that cybercriminals would love to get their hands on. The migration…
, , ,

Hot new Verizon Data Breach report focuses on ransomware, botnets

Ransomware rules the cybercrime world – perhaps because ransomware attacks are often successful and financially remunerative for criminals. Ransomware features prominently in Verizon’s fresh-off-the-press 2018 Data Breach Investigations…

Oh, look, a message from Citibank House, USA

How very British – having correspondence from “Citibank House,” somewhere in the state of North Carolina. It’s like the address for the British Broadcasting Corp. was simply BBC, Bush House, London, for many decades. The building's street…
, ,

What IHS Markit says about the IoT and colocation hosts

Endpoints everywhere! That’s the future, driven by the Internet of Things. When IoT devices are deployed in their billions, network traffic patterns won’t look at all like today’s patterns. Sure, enterprises have a few employees working…
,

There's no one best programming language

Asking “which is the best programming language” is like asking about the most important cooking tool in your kitchen. Mixer? Spatula? Microwave? Cooktop? Measuring cup? Egg timer? Lemon zester? All are critical, depending on what you’re…

The FBI isn’t sending you to a Nigerian bank for an ATM card

Mr. Christopher A. Wray is confused. Otherwise, why else would he use an email address that says Eric Wilson? Why else would he say he’s head of the FBI, but uses an email domain at a supply-chain management company in Pennsylvania? Why would…
, , ,

Make software as simple as possible – but not simpler

Albert Einstein famously said, “Everything should be made as simple as possible, but not simpler.” Agile development guru Venkat Subramaniam has a knack for taking that insight and illustrating just how desperately the software development…
, ,

Let’s make data warehouses more autonomous — here’s why

As the saying goes, you can’t manage what you don’t measure. In a data-driven organization, the best tools for measuring the performance are business intelligence (BI) and analytics engines, which require data. And that explains why data…
,

The economic cost of data breaches to a business – and to the country

“We estimate that malicious cyber activity cost the U.S. economy between $57 billion and $109 billion in 2016.” That’s from a February 2018 report, “The Cost of Malicious Cyber Activity to the U.S. Economy,” by the Council of Economic…
, ,

DevOps gets rid of the developer / operations wall

The “throw it over the wall” problem is familiar to anyone who’s seen designers and builders create something that can’t actually be deployed or maintained out in the real world. In the tech world, avoiding this problem is a big part…
,

What Java 10 And Java's New 6-Month Release Cadence Mean For Developers

Simplified Java coding. Less garbage. Faster programs. Those are among the key features in the newly released Java 10, which arrived in developers’ hands only six months after the debut of Java 9 in September. This pace is a significant…
, , ,

Don’t take stupid Facebook quizzes

“What type of dog are you?” “I scored 9 out of 10 on this vocabulary test! Can you beat me? Take the quiz!” “Are you a true New Yorker?” If you use Facebook (or other social media sites) you undoubtedly see quizzes like this nearly…

Yes, this scam sounds strange and unbelievable

Oh, no! The scammer’s letter was returned undelivered! Well, this is a nice scam, isn’t it, including using an address at lawyer.com as the faked sender. (According to my quick detective work, the email originated from a commercial Internet…
,

inching toward cyberwar with Russia

Has Russia hacked the U.S. energy grid? This could be bigger than Stuxnet, the cyberattack that damaged uranium-enriching centrifuges in Iran back in 2010 – and demonstrated, to the public at least, that cyberattacks could do more than erase…

No, I am not embarrassed by your spam scam attempt

I had to clean up the formatting on this email to make it somewhat more readable. I hope you enjoy the stilted language and attempts to assure the recipient that this isn’t actually a scam. These messages are always scams. Delete them,…
, ,

Users mess up security on browser-equipped IoT devices

You can’t expect end users to protect their Internet of Things devices from hacks or breaches. They can’t. They won’t. Security must be baked in. Security must be totally automatic. And security shouldn’t allow end users to mess anything…

Fake Amex message is barely trying

Could anyone fall for this spam message that claims to be from American Express? Sure, it has pretty graphics, but come on. Look at all those typos. Look at sentences that don't make any sense. And really, we’re going to open that file? Amex…

You can rent a mid-size jet aircraft for $50,000 savings

This message came to one of my spam trap email addresses. So, this private jet company thinks that hovering addresses from websites is the best way to find customers. Maybe they’re right. In any case, it’s spam. Amusing spam, but spam nonetheless.…
, , ,

Blockchain is a secure system for trustworthy transactions

Blockchain is a distributed digital ledger technology in which blocks of transaction records can be added and viewed—but can’t be deleted or changed without detection. Here’s where the name comes from: a blockchain is an ever-growing…
,

No lessons learned from cloud security breaches

According to CyberArk, cyber-security inertia is putting organizations at risk. Nearly half — 46% — of enterprises say their security strategy rarely changes substantially, even after a cyberattack. That data comes from the organization’s…
,

Surprise! Serverless computing has servers

Don’t be misled by the name: Serverless cloud computing contains servers. Lots of servers. What makes serverless “serverless” is that developers, IT administrators and business leaders don’t have to think about those servers. Ever. In…
, , ,

How transformative is DevOps? Well, it depends

DevOps is a technology discipline well-suited to cloud-native application development. When it only takes a few mouse clicks to create or manage cloud resources, why wouldn’t developers and IT operation teams work in sync to get new apps out…

No, the UN and IMF aren’t sending you $2.6 million or anything

Such an obvious scam, but for some reason, I find it amusing. Is it that they don’t know how to spell out $2.6 million? Is it that they keep repeating the amount over and over again? Is it the implied legitimacy because of the FedEx link?…
,

Smartphones are all about the camera nowadays

New phones are arriving nearly every day. Samsung unveiled its latest Galaxy S9 flagship. Google is selling lots of its Pixel 2 handset. Apple continues to push its iPhone X. The Vivo Apex concept phone, out of China, has a pop-up selfie camera.…
,

Patch. Sue. Repeat. That’s the plan with Spectre and Meltdown

Spectre and Meltdown are two separate computer security problems. They are often lumped together because they were revealed around the same time – and both exploit vulnerabilities in many modern microprocessors. The website MeltdownAttack,…
, , ,

Software Defined Perimeter (SDP), not Virtual Private Networks (VPN)

The VPN model of extending security through enterprise firewalls is dead, and the future now belongs to the Software Defined Perimeter (SDP). Firewalls imply that there's an inside to the enterprise, a place where devices can communicate in…
, ,

Most routine IT operations will soon be handled autonomously

Companies can’t afford downtime. Employees need access to their applications and data 24/7, and so do other business applications, manufacturing and logistics management systems, and security monitoring centers. Anyone who thinks that the…

From beyond the grave, Baron von Bismark has fake money for you

He died in 1898, but that doesn’t stop Baron Otto von Bismark from wanting to scam you from beyond the grave. Sure, he’s calling himself Diplomat Otto Bismark, but that can’t fool me: We know he’s the First Chancellor of the German Empire,…
,

Business partners and vendors might disclose your data

On February 7, 2018, the carrier Swisscom admitted that a security lapse revealed sensitive information about 800,000 customers was exposed. The security failure was at one of Swisscom’s sales partners. This is what can happen when a…

Are you dead or Alive?

Here’s a scam attempt noteworthy only for its inadvertent humor. Needless to say, any email like this is trying to defraud you. Don’t respond to such messages; simply delete them without asking why an allegedly South African email is coming…