CyberOSINT banner

Is IBM Vulnerable to OpenText?

July 21, 2016

I read “Hey, IBM, OpenText Is Coming for You.” The write up reports that the poobah of OpenText said that its new Magellan system is “a next generation analytics platform.” Getting from Yet another OpenText system (YOTS) to the nemesis of IBM is quite a leap.

But here’s the statement, once again from the OpenText poobah, that caught my attention:

But even more interesting than the product itself, is the bullish way in which OpenText is calling out IBM Watson. “We are going to position it directly against Watson. We’re not going to shy away from that at all,” Mark said. “We think there’s a whole class of problems that enterprises want to solve themselves and what they need is an affordable platform, one that’s open and programmable to them and accessible to them and that’s going to be Magellan. So we’re going to position ourselves and stay focused directly against Watson.”

The write up explains that OpenText Magellan is better, faster, and cheaper. I have heard that before I think. But the details are interesting.

Magellan’s software is open., Its hardware is open. Its IP is owned by the licensee. Its deployment options are “run anywhere.” It is extensible by the licensee. Its ecosystem is open. Its cost is a mere one dollar sign.

And what do you think about IBM Watson? Well, its software is closed. Its hardware is closed. Its IP ownership is not the licensee’s. Watson is extensible only by IBM Global Services. IBM’s ecosystem is closed. Best of the points, IBM’s cost is six dollar signs.

OpenText is a $2 billion a year outfit. The hapless IBM is, despite its being lost in revenue space, is about $90 billion a year.

My view is that OpenText is swinging for the marketing and conceptual fences. IBM is trying to find the secret notebook that unlocks revenues.

I would point out that Fancy Dan software designed to help executives make better decisions is plentiful. Many vendors covet this niche. There is excitement ahead. Both OpenText and IBM may find that talk about smart software flows more rapidly than sustainable revenue and healthy profits. Keep in mind the high cost of technological debt. That’s one dot point which IBM and OpenText share a common point of weakness.

Stephen E Arnold, July 21, 2106

Defending Against Java Deserialization Ransomware

July 13, 2016

What is different about the recent rash of ransomware attacks against hospitals (besides the level of callousness it takes to hold the well-being of hospital patients for ransom)? CyberWatch brings us up to date in,  “My Layman’’s Terms: The Java Deserialization Vulnerability in Current Ransomware.” Writer Cheryl Biswas begins by assuring us it is practicality, not sheer cruelty, that has hackers aiming at hospitals. Other entities, like law enforcement agencies, which rely on uninterrupted access to their systems to keep people safe are also being attacked. Oh, goody.

The problem begins with a vulnerability at the very heart of any Java-based system, the server. And here we thought open source was more secure than proprietary software. Biswas informs us:

“This [ransomware] goes after servers, so it can bring down entire networks, and doesn’t rely on the social engineering tactics to gain access.  It’s so bad US-CERT has issued this recent advisory. I’ve laid out what’s been made available on just how this new strain of ransomware works. And I’ve done it in terms to help anybody take a closer look at the middleware running in their systems currently. Because a little knowledge could be dangerous thing used to our advantage this time.”

The article goes on to cover what this strain of ransomware can do, who could be affected, and how. One key point—anything that accepts serialized Java objects could be a target, and many Java-based middleware products do not validate untrusted objects before deserialization.  See the article for more technical details, and for Biswas’ list of sources. She concludes with these recommendations:

“Needs to Happen:

“Enterprises must find all the places they use deserialized or untrusted data. Searching code alone will not be enough. Frameworks and libraries can also be exposed.

“Need to harden it against the threat.

“Removing commons collections from app servers will not be enough. Other libraries can be affected.

“Contrast Sec has a free tool for addressing issue.  Runtime Application Self-Protection RASP.  Adds code to deserialization engine to prevent exploitation.”

Organizations the world over must not put off addressing these vulnerabilities, especially ones in charge of health and safety.

 

Cynthia Murrell, July 13, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Enterprise Search Is Stuck in the Past

July 4, 2016

Enterprise search is one of the driving forces behind an enterprise system because the entire purpose of the system is to encourage collaboration and quickly find information.  While enterprise search is an essential tool, according to Computer Weekly’s article. “Beyond Keywords: Bringing Initiative To Enterprise Search” the feature is stuck in the past.

Enterprise search is due for an upgrade.  The amount of enterprise data has increased, but the underlying information management system remains the same.  Structured data is easy to make comply with the standard information management system, however, it is the unstructured data that holds the most valuable information.  Unstructured information is hard to categorize, but natural language processing is being used to add context.  Ontotext combined natural language processing with a graph database, allowing the content indexing to make more nuanced decisions.

We need to level up the basic keyword searching to something more in-depth:

“Search for most organisations is limited: enterprises are forced to play ‘keyword bingo’, rephrasing their question multiple times until they land on what gets them to their answer. The technologies we’ve been exploring can alleviate this problem by not stopping at capturing the keywords, but by capturing the meaning behind the keywords, labeling the keywords into different categories, entities or types, and linking them together and inferring new relationships.”

In other words, enterprise search needs the addition of semantic search in order to add context to the keywords.  A basic keyword search returns every result that matches the keyword phrase, but a context-driven search actually adds intuition behind the keyword phrases.  This is really not anything new when it comes to enterprise or any kind of search.  Semantic search is context-driven search.

 

Whitney Grace,  July 4, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

More Variables Than Technology for Enterprise Security to Consider

June 29, 2016

For all the effort enterprises go to in securing data through technological solutions, there are also other variables to consider: employees. Business Insider released an article, 1 in 5 employees are willing to hand over their work passwords for money, that shares survey research from SailPoint. 20 percent of 1,000 respondents, from organizations with over 1,000 employees, would be willing to sell their work passwords. US employees win the “most likely” award with 27 percent followed by Netherlands with 20 percent, and then UK and France at 16 percent. The article tells us,

“Some employees were willing to sell their passwords for as little as $55 (£38) but most people wanted considerably more, with $82,000 (£56,000) being the global average amount required,according to figures cited by Quartz that weren’t in the report. Unauthorised access to a company’s internal systems could provide a treasure trove of valuable data for criminals. They may be targeting individual user accounts, or they could be after intellectual property, or corporate strategy data.”

Undoubtedly, search and/or cybertheft is easier with a password. While the survey reports findings that may be alarming to organizations, we are left with the question, ‘why’. It may be easy to say morality is the dividing line, but I think this article wrestling with the morality question is on the right track pointing to considering sociological implications, for example, employee engagement and satisfaction cannot be discounted as factors in a decision to sell a password.

 

Megan Feil, June 29, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Newly Launched Terbium Software to Monitor Dark Web for Enterprise

April 11, 2016

Impacting groups like Target to JP Morgan Chase, data breaches are increasingly common and security firms are popping up to address the issue. The article Dark Web data hunter Terbium Labs secures $6.4m in fresh funding from ZDNet reports Terbium Labs received $6.4 million in Series A funding. Terbium Labs released software called Matchlight which provides real-time surveillance of the Dark Web and alerts enterprises when their organization’s data surfaces. Consumer data, sensitive company records, and trade secrets are among the types of data for which enterprises are seeking protection. We learned,

Earlier this month, cloud security firm Bitglass revealed the results of an experiment focused on how quickly stolen data spreads through the Dark Web. The company found that within days, financial credentials leaked to the underground spread to 30 countries across six continents with thousands of users accessing the information.”

While Terbium appears to offer value for stopping a breach once it’s started, what about preventing such breaches in the first place? Perhaps there are opportunities for partnerships with Terbium and players in the prevention arena. Or, then again, maybe companies will buy piecemeal services from individual vendors.

 

Megan Feil, April 11, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

The Progress and Obstacles for Microsoft Delve When It Comes to On-Premise Search

March 7, 2016

The article titled Microsoft Delve Faces Challenges in Enterprise Search Role on Search Content Management posits that Microsoft Delve could use some serious enhancements to ensure that it functions as well with on-premises data as it does with data from the cloud. Delve is an exciting step forward, an enterprise-wide search engine that relies on machine learning to deliver relevant results. The article even goes so far as to call it a “digital assistant” that can make decisions based on an analysis of previous requests and preferences. But there is a downside, and the article explains it,

“Microsoft Delve isn’t being used to its full potential. Deployed within the cloud-based Office 365 (O365) environment, it can monitor activity and retrieve information from SharePoint, OneDrive and Outlook in a single pass — and that’s pretty impressive. But few organizations have migrated their entire enterprise to O365, and a majority never will: Hybrid deployments and blending cloud systems with on-premises platforms are the norm… if an organization has mostly on-premises data, its search results will always be incomplete.”

With a new version of Delve in the works at Microsoft, the message has already been received. According to the article, the hybrid Delve will be the first on-premise product based on SharePoint Online. You can almost hear the content management specialists holding their breaths for an integrated cloud and on-premise architecture for search.

 

Chelsea Kerwin, March 7, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

The Intersection of the Criminal, Law Enforcement and Technology Industries

February 26, 2016

A ZDNet article covers Arrests made over Bitcoin laundering scheme, Dark Web drug deals

Dutch police made several arrests related to laundering of criminal profits orchestrated through an unindexed section of the web called the Dark Web. The article says suspects allegedly laundered up to 20 million euros from online drug deals. With the information originating from Reuters, this article summarizes the arrests made by Dutch Fiscal Information and Investigation Service and public prosecution department:

“According to the publication, some of the men arrested are traders, while others are “Bitcoin cashers” — traders of Bitcoin online who cash these funds then withdraw money from ATMs. It is possible to find cashers online who run shadow services which exchange “dirty” coins for clean currency. Law enforcement in the United States, Australia, Lithuania and Morocco also participated in the raid.”

Just as criminal offenses are taking place increasingly online, so too must the law enforcement industry have turn to technology to aid its efforts. As the case unfolds, it will be interesting to uncover how these suspects were identified. Perhaps something innovative will be at the source.

 

Megan Feil, February 26, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Google Search and Cultural Representation

January 6, 2016

Google Search has worked its way into our culture as an indispensable, and unquestioned, tool of modern life. However, the algorithms behind the platform have become more sophisticated, allowing Google to tinker more and more with search results. Since so many of us regularly use the search engine to interact with the outside world, Google’s choices (and ours) affect the world’s perception of itself. Researcher Safiya Umoja Noble details some of the adverse effects of this great power in her paper, “Google Search: Hyper-Visibility as a Means of Rendering Black Women and Girls Invisible,” posted at the University of Rochester’s InVisible Culture journal. Not surprisingly, commerce features prominently in the story. Noble writes:

“Google’s algorithmic practices of biasing information toward the interests of the powerful elites in the United States,14 while at the same time presenting its results as generated from objective factors, has resulted in a provision of information that perpetuates the characterizations of women and girls through misogynist and pornified websites. Stated another way, it can be argued that Google functions in the interests of its most influential (i.e. moneyed) advertisers or through an intersection of popular and commercial interests. Yet Google’s users think of it as a public resource, generally free from commercial interest15—this fact likely bolstered by Google’s own posturing as a company for whom the informal mantra, ‘Don’t be evil,’ has functioned as its motivational core. Further complicating the ability to contextualize Google’s results is the power of its social hegemony.16  At the heart of the public’s general understanding and trust in commercial search engines like Google, is a belief in the neutrality of technology … which only obscures our ability to understand the potency of misrepresentation that further marginalizes and renders the interests of Black women, coded as girls, invisible.”

Noble goes on to note ways we, the users, codify our existing biases through our very interaction with Google Search. To say the paper treats these topic in depth is an understatement. Noble provides enough background on the study of culture’s treatment of Black women and girls to get any non-social-scientist up to speed. Then, she describes the extension of that treatment onto the Web, and how certain commercial enterprises now depend on those damaging representations. Finally, the paper calls for a critical approach to search to address these, and similar, issues. It is an important, and informative, paper; we suggest interested readers give it a gander.

 

Cynthia Murrell, January 6, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Latest Perspectives Version from Tom Sawyer

December 29, 2015

Data visualization and analysis firm Tom Sawyer announces the latest release of their flagship platform in, “Tom Sawyer Software Releases Tom Sawyer Perspectives, Version 7.1, .NET Edition.” There is a new “timeline” view, and they promise a boost to layout performance. The press release specifies:

“Users can dynamically manipulate sliders in a timeline view to choose a specific time period. Once a time period is chosen, the elements within other views are filtered and updated accordingly to hone in on events based on time of occurrence.

“Users can now see how data progresses through time and focus on the events they are most interested in. Visualize the spread of an epidemic, the progression of crime in a city, or uncover how information disseminates across an organization’s departments.

“Tom Sawyer Perspectives, Version 7.1 also includes enhanced examples and user experience. New Crime Network, Commodity Flow, and Road Safety example applications are included, the look and feel of the tutorial applications is modernized, and neighborhood retrieval is improved. In addition, many quality and performance enhancements have been made in this release, including up to 16 percent improvement in layout performance.”

The write-up includes screenshots and links to further information, so interested readers should check it out. Founded in 1992, Tom Sawyer helps organizations in fields from intelligence to healthcare make connections and draw conclusions from data. The company maintains offices around the world, but makes its headquarters in Berkeley, California. They are also hiring as of this writing.

 

Cynthia Murrell, December 29, 2015

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Cyber Threat Intelligence Across the Enterprise

December 28, 2015

A blog series from iSightPartners aims to help organizations make the most of Cyber Threat Intelligence. The series is introduced in, “How CTI Helps Six Groups Do Their Jobs Better: A New Blog Series!” Writer Christina Jasinski explains:

“The importance of Cyber Threat Intelligence (CTI) has become more widely recognized in the past year.  But not many people realize how many different ways threat intelligence can be utilized across an enterprise. That’s why now is a good time to drill down and describe the wide range of use cases for employing threat intelligence for many different functions within an IT organization.

“Are you a CISO, SOC Analyst or an Incident Responder? Stay tuned….

“This is the first post in an iSIGHT Partners blog series that will delve into how IT security professionals in each of six distinct roles within an organization’s information security program can (and should) apply threat intelligence to their function.   Each post will include 3-4 use cases, how CTI can be used by professionals in that role, and the type of threat intelligence that is required to achieve their objectives.”

Jasinski goes on to describe what her series has to offer professionals in each of those roles, and concludes by promising to reveal practical solutions to CTI quandaries. Follow her blog posts to learn those answers.

Cynthia Murrell, December 28, 2015

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Next Page »