Monthly Archives: March 2018


Data Breaches – What you need to know

Data Breaches

It might look like stories of huge data breaches are popping up in the newsflash frequently these days. Unfortunately, this is not shocking. As technology advances, all of our information moves to the digital world, and, as a result, cyber-attacks are becoming the new wave of crime. Companies and small industries are exceptionally attractive targets to cybercriminals, simply due to the large payday of data that can be stolen in one swoop. So, explore this article and know more about data breaches.


The main reason that cybercriminals are thieving personal information is for use in identity theft. Last year more companies chosen not to reveal the full extent of their data breaches.

The targeted attacks from cybercriminals are generally carried out in four different ways: misusing system vulnerabilities such as out of date software, people using weak passwords such as their pet’s name without numbers and symbols, SQL injections, and targeted malware attacks. When systems do not have the latest software updates it can create a hole that an attacker can use to snitch malware onto the computer that can steal data. Weak and unsecure user passwords can make it easy for an attacker to crash, particularly if the passwords contain complete words or phrases. SQL injections allows for drive-by downloads that will inoculate spyware or malware onto the computer without the user doing anything to contract the malware. The targeted malware attacks happen when attackers use junk and spear phishing procedures to try and trick the user into revealing user credentials, downloading malware attachments or directing users to susceptible websites.


Being active about your accounts is the finest security measure that you can take to do your part to prevent data breaches.

Make sure that you use tough, secure passwords for each account you access, and be sure not to use the same password across various sites. Keeping track of various passwords can seem like an impossible feat.

To keep your personal identity safe and secure, it is always important to be alert on your

Monitor your bank and financial accounts on a regular basis for suspicious activity. If the companies you do business with offer activity alerts via text or email, sign up for them.

Take action as soon as possible if you do see suspicious activity. Contact the bank or institution the suspicious activity originated from. Notify them of the suspicious transaction and inform them that your information was stolen in a data breach.

  • Close all online banking applications on your phone whenever you are not using them, and give your phone a password if you do not have one. Having to enter a password every time you use your phone is dreary, but it also provides a solid line of defence if your device is stolen.
  • Use secure URLs that begin with https:// on well-known sites when entering credit card or debit card information. You may also request to use disposable credit cards when doing online purchases.
  • Implement high-quality security software that includes malware and virus protection. Keep it updated.
  • Use a removable flash drive to store financial and other sensitive information.
    Avoid oversharing on social media. Never post anything relating to sensitive information, making your profiles private, etc.


Data breaches are here to stay, and the best defence against them is a good offense. Edify yourself and stay conscientious about monitoring your online life. Luckily, there are laws in place to safeguard you, but it is up to you to report any suspicious activity and fight back against cybercrime or not.

Data Breaches – What you need to know


Top Trends Shaping IT Cloud Strategies

Top Trends Shaping IT Cloud Strategies

Cloud computing has helped many organizations to transmute their IT practices over the past few years, but whizzes agree that the market is ingoing a second wave for public, private and hybrid cloud services.

Predictions from major consultancy firms mentioned the fact that for the coming years, the rate of adoption is sustainable, and cloud computing will see more investment from IT giants, and more adoption from businesses.

In parallel, market experts, along with shareholders from the IT industry and enterprises across the globe, are in agreement that there is an irrefutable wave of transformation and progress taking shape. This metaphorical wave is best understood as the sum total of distinct trends in cloud computing that are shaping the industry. Let us understand these trends better, which can help you to get better idea on your IT cloud strategies.



It is grabbing our attention, how a plenitude of enterprises has preferred the cloud because of lack of trust in the security of their own on-premises technologies, and after the transition, have to deal with the truth that business data rests with a third-party vendor in the public cloud services domain.

Hyper convergence in private cloud appears as a solution. Now, private cloud also needs normalization, automation, resource monitoring, self-service, and virtualization, same as the public cloud. Dealing with all these capabilities and binding them into a coherent unit is hard for businesses, hyper convergence appears as an IT cloud strategies option.


The truth is, the payments for cloud investments have been long delayed for many enterprises. The cloud services purely based on cost, it helps to develop insight on regulating cloud costs.

For beginners, complex pricing plans and contracts are responsible for making businesses waterlogged so they are having trouble venturing into cost analyses. For example, Amazon and Google offer cloud services that charge businesses on the basis of number of messages generated per hour, or number of messages sent in a day. Then, there are several plans for each service customer wish to purchase.


Almost all major cloud service providers support container development. Containers help the developers to migrate software code effortlessly. OpenShift and CloudFoundry can be functioned easily on Azure, AWS, and Google Cloud. Containers help enterprises with portability between cloud services from Azure, Google Cloud, and AWS, or among others.

This is because they can use containers to realize their DevOps strategies to allow faster software production. The new paradigm brings new challenges around security, monitoring, networking, and storage issues. However, in spite of these challenges, containers have established their worth by helping enterprises to leverage portability


Some organizations are also looking for a refactor apps to run on public cloud systems, leveraging migration services, rather than simply removing existing apps in a public cloud. The ideal option of moving an application is by rewriting it to take advantage of cloud’s elasticity, although cloud apps migration can be expensive.


Cloud services have grown stronger, and are all set to transmute even more businesses, in more number of ways, than before. These trends will help CIOs and other IT decision makers to align their business cloud strategies to the realities shaping the market.


IT Security Advanced Persistent Threats

An advanced persistent threat is a big term used to define an attack in which an invader, or team of invaders, establishes an illegal, long-term presence on a network in order to mine highly sensitive data.

The targets of these attacks, which are very carefully chosen and researched, typically include large enterprises or governmental networks. The significances of such intrusions are huge:

Intellectual property theft such as patents, etc.
Compromised sensitive information.
The damaging of critical organizational infrastructures.
Total site takeovers.

For executing an APT attack requires more resources than a normal web application attack. The culprits are usually teams of experienced cybercriminals having substantial financial backing. Some APT attacks are government-funded and used as cyber warfare weapons.


A successful APT attack can be cracked down into three stages

  1. Network infiltration,
  2. The expansion of the attacker’s presence and
  3. The extraction of amassed data.


Organizations are typically infiltrated through the compromising of one of three attack surfaces: web assets, network resources or authorized human users.

This is achieved either through malicious uploads or social engineering attacks—threats faced by large organizations on a regular basis.

Additionally, at the same time infiltrators may execute a DDoS attack against their target. This serves both as a smoke screen to distract network personnel and as a means of failing a security perimeter, making it easier to breach.

Once the initial access has been completed, attackers quickly install a backdoor shell—malware that grants network access and allows for remote and stealth operations.


After the base is established, attackers move to expand their presence within the network.

This involves moving up an organization’s hierarchy, compromising staff members with access to the most sensitive data. In doing this, they are able to gather critical business information.

Depending on the final attack goal, the collected data can be sold to a contending enterprise, altered to damage a company’s product line or used to take down a complete organization.


While an APT event is ongoing, the lost information is usually stored in a secure location inside the network being assaulted. Once sufficient data has been collected, the thieves need to extract it without being detected.

Typically, white noise tactics are used to distract the security team so the information can be moved out. This might take the form of a DDoS attack, again tying up network personnel and/or weakening site defences to enable extraction.


Below are the best practice measures to take when securing your network:

  • Patching network software and OS vulnerabilities as fast as possible.
  • Encryption of remote connections to stop invaders from piggy-backing to infiltrate your site.
  • Cleaning incoming emails to prevent spam and phishing attacks targeting your network.
  •  Immediate logging of security events to improve whitelists and other security policies.

IT Security Advanced Persistent Threats


Machine Learning in JavaScript

Machine learning libraries are growing faster and more available with each passing year, showing no signs of breaking down. While traditionally Python has been the go-to language for machine learning, now-a-days neural networks can run in any language, including JavaScript!

The web system has made a lot of development in recent times and although JavaScript and Node.js are still fewer performers than Python and Java, they are now dominant to handle many machine learning hitches.

Most of the JavaScript machine learning libraries are fairly new and still in improvement, but they do exist and are ready for the users to try them. In this article, we will look at some of these libraries, as well as a number of cool AI web app instances to get you started.


The brain is a library that makes the user to easily create neural networks and then train them depending on input/output data. As training takes up a lot of resources, it is better to run the library in a Node.js location, though a CDN browser version can also be loaded directly onto a web page. There is a small demo on their website that can be trained to identify color contrast.


It is the most vigorously maintained project on the list, Synaptic is a Node.js and browser library that is architecture-agnostic, allowing the developers to build any type of neural network they want. It has some narrow built-in architectures, making it likely to test and relate different machine learning algorithms. It also features a well-published introduction to neural networks, a number of practical demos, and many other great tutorials illustrating how machine learning works.


FlappyLearning is a JavaScript project that is of hardly few lines of un-minified code copes to build a machine learning library and implement it in a fun demo that learns to play Flappy Bird like a virtuoso. The AI method used in this library is called Neuroevolution and applies algorithms motivated by nervous systems found in nature, dynamically learning from each iteration’s success or failures. The demonstration is super easy to run – just open index.html in the browser.


Though it is no longer actively maintained, ConvNetJS is one of the most progressive deep learning libraries for JavaScript. It works directly in the browser, supports several learning techniques, and is rather low-level, making it appropriate for people with better experience in neural networks.


Framework for building AI systems based on reinforcement learning. Miserably, the open-source project does not have a right documentation but one of the demos, a self-driving car experiment, has a great description of the different parts that make up a neural network. The library is in pure JavaScript and made using modern tools such as web pack and babel.


Although the JavaScript machine learning ecosystem is not completely developed yet, we suggest using the resources on this list to make your first steps in ML and get a feel for the core techniques. As the experimentations in this article show, there are loads of exciting stuff you can make by using only the browser and some familiar JavaScript code.


What Is Windows Azure

Microsoft Azure, previously known as Windows Azure, is Microsoft’s public cloud computing platform. It provides a range of cloud services, including those for compute, analytics, storage, and networking. Users can top choice from these services to develop and scale new applications, or run existing applications, in the public cloud.

The Windows Azure platform is deliberated as platform as a service, which is an authoritative component of a cloud computing platform. It consists of various on-demand services hosted in Microsoft’s data centres and is commoditized through three product brands.

The services and apps developed using the Azure platform run on the Windows Azure operating system, which provides a runtime environment for Web applications along with a wide set of services that facilitate the building, hosting, and management of applications without requiring maintenance to expensive onsite resources.

Windows Azure is designed to support both Microsoft and non-Microsoft platforms. The three main components that constitute Windows Azure are:

  • Compute layer
  • Storage layer
  • Fabric layer

Compute Layer: These services provide virtual machines, containers, batch processing, and remote application access.

Storage Layer: This category includes Database as a service offering for SQL and NoSQL, as-well-as unstructured and cached cloud storage.

Fabric Layer: It is a Platform as a Service (PaaS) offering designed to enable the development, deployment, and management of extremely scalable and customizable applications for the Microsoft Azure cloud platform.

The complete list of Azure services is constantly subject to change. The users should view the Microsoft Azure website for recent updates.

Some organizations use Azure for data backup and disaster recovery. In addition to that, some organizations use Azure as a substitute to their own data centre. Rather than capitalizing in local servers and storage, these organizations choose to run some, or all, of their industry applications in Azure.

Windows Azure also includes an automated service management feature that enables the upgrading of applications without affecting their performance. Windows Azure is aimed to support a number of platforms and programming languages. Some of the languages supported are extensible mark-up language (XML), representational state transfer (REST), Ruby, Eclipse, Python, and PHP.

As with other public cloud providers, Azure mainly uses a pay-as-you-go pricing model that charges based on usage. However, a single application may use multiple Azure services, so users should do analysis and manage usage to reduce costs.


What is DC/OS?

DC/OS (the datacenter operating system) is an open-source, distributed operating system based on the Apache Mesos distributed systems kernel. DC/OS manages multiple machines in the cloud or on-premises from a single interface; deploys containers, distributed services, and legacy applications into those machines; and provides networking, service discovery and resource management to keep the services running and communicating with each other.



How to remove old docker containers?

There is a new feature in Docker 1.13.x called Docker container prune: This will do what you want and will work on all platforms the same way.

There is also a Docker system prune, which will clean up containers, images, volumes, and networks all in one command.

Here is an example on how to clean up old containers that are weeks old:
$ docker ps –filter “status=exited” | grep ‘weeks ago’ | awk ‘{print $1}’ | xargs –no-run-if-empty docker rm


What is a git squash merge? How to use it?


This will take all the commits from the bugfix branch, squash them into 1 commit and then merge it with your master branch. … git checkout master git mergefeature1 feature2 feature3 etc. The last merge is an “octopus merge” because it’s merging a lot of branches at once

You can follow the below commands to use Squash:

git checkout master
git merge –squash bugfix
git commit
This will take all the commits from the bugfix branch, squash them into 1 commit and then merge it with your master branch.


How do you clone an object?

var obj = {a: 1 ,b: 2}
var objclone = Object.assign({},obj);
Now the value of objclone is {a: 1 ,b: 2} but points to a different object than obj.
Note the potential pitfall, though: Object.clone() will just do a shallow copy, not a deep copy. This means that nested objects aren’t copied. They still refer to the same nested objects as the original:
let obj = {
a: 1,
b: 2,
c: {
age: 30

var objclone = Object.assign({},obj);
console.log(‘objclone: ‘, objclone);

console.log(‘After Change – obj: ‘, obj); // 45 – This also changes
console.log(‘After Change – objclone: ‘, objclone); // 45