Archive for July, 2019

LinkedIn Releases Its New Global Language Matters Gender Diversity Report

Posted in Commentary with tags on July 31, 2019 by itnerd

Today, LinkedIn released its new Global Language Matters Gender Diversity report, highlighting how men and women react differently to language used both in the workplace and during the hiring process, and what this means for recruiters, hiring managers and business leaders, alike.

LinkedIn took an in-depth look at the words men and women use in the world of work: from their LinkedIn profiles, to interactions on LinkedIn, to the language used throughout the recruitment process and in the workplace itself.

Although we may not think about it often, we know that language can have a huge impact on how we act, influence and are perceived by others. We also know that men and women tend to be more inclined to use and react to language differently.

Findings revealed a stark contrast between Millennials and Gen X when comparing how gender diversity is perceived in an organization. Nearly three quarters of respondents aged 25-34 (72%) say gender diversity is important to their organization, compared to just under 3 in 5 respondents aged 45-54 (58%). This trend will only continue to grow in importance as younger generations bring these convictions with them into increasingly senior roles.

Other key findings include:

  • Language is a consideration when reviewing job postings: Nearly half of respondents (47%) who were involved in the hiring and recruitment process say their job postings always have to go through a review to ensure they aren’t using biased language, whilst just under a quarter of respondents never have to (24%).
  • When drafting copy for job advertisements: A quarter (25%) of respondents who were involved in the hiring and recruitment process say they always consider gender when drafting copy for job advertisements, compared to half who never do (50%).
  • Consider tracking which gender your job posting appeals to, to ensure a gender diverse set: Three quarters of respondents who track which gender their job posting is appealing to (75%) say they in some capacity amend the language if there is a gender skew

You can access the global report with the following link.

Methodology: Online surveys were conducted to a panel of potential respondents – comprising of those who were not involved in the hiring and recruitment processes in Canada and those who were. A total of 1,003 full time employees in Canada who were not involved in hiring and recruitment processes completed the survey between May 10, 2019 to May 31, 2019. A total of 253 respondents who were involved in the hiring and recruitment process in Canada, completed the survey between May 16, 2019 to May 21, 2019. The research was conducted by Censuswide. Censuswide abides by and employs members of the Market Research Society which is based on the ESOMAR principles.

 

Advertisements

Adastra Corporation: A Microsoft IMPACT winner

Posted in Commentary with tags on July 30, 2019 by itnerd

Adastra Corporation, a global leader in Data Management and Analytics, has been awarded the Commercial Enterprise Partner of the Year Award and the Application Innovation Award – Manufacturing, at the Microsoft 2019 IMPACT awards.

Adastra, a GTA-based data analytics firm, is one of the fastest growing Azure Data & AI Partners in Canada, growing Azure consumption by 900 per cent year-over-year in FY19. Alongside this growth, Adastra’s strategy has secured it as Microsoft’s go-to Data and AI partner in Canada for co-sell engagements, enriching its connection to large enterprise clients such as BMO, Magna, Finastra, Rogers and Just Energy as well as corporate clients such as Fleet Complete, Kik and Empire Life.

In addition to Data and AI, Adastra supports clients in their full Digital Transformation journey. Its expertise in user experience and design have reinforced Azure-based solutions ranging from the remediation of Power BI architecture to the development of end-to-end cloud solutions.

While the advanced Azure ecosystem, market presence and partner network are important aspects of the alliance, the secret ingredient is the genuine and mutual interest for joint success between Adastra and Microsoft as well as their customers. The technological opportunities are endless when values and business goals align.

The momentum of Adastra’s growing Microsoft relation is just the beginning. Its success has created a set of best practices, leveraged by its 2,200 Data and AI professionals across the globe. Seeking to use its Canadian success as a blueprint for expansion in the United States and Germany, Adastra is set to deliver staggering results as Microsoft’s preferred Data and AI partner, worldwide.

Companies can learn more about how Adastra can unlock the secrets behind their data and kick off their Digital Transformation at www.adastracorp.com.

Trend Micro Study Reveals Criminal Abuses Of Twitter

Posted in Commentary with tags on July 30, 2019 by itnerd

Trend Micro Incorporated today announced a new study revealing how cybercriminals are abusing Twitter via tech support scams, command-and-control (C&C) operations and data exfiltration.

Trend Micro researchers analyzed a large volume of Twitter data to identify relationships between various entities to spot anomalies and uncover key insights.

Criminals were found using fake Twitter accounts to spoof those of legitimate vendors for credible tech support scams. Users call the fake phone number provided, believing they are speaking with the intended company’s help desk, which results in the caller either sharing credit card information or installing malicious content on their computer.

This is often part of a multi-platform strategy along with YouTube, Facebook, Telegram and other channels to improve SEO for fake tech support websites linked to the Twitter accounts, boosting their search rankings.

While criminals are using the social network for bad, threat researchers can leverage the power of social media for good. Most notably, Twitter is used for monitoring vulnerability disclosures to inform patch prioritization, and scanning for indicators of compromise, threat detection rules, and other contextual information to boost threat intelligence.

Trend Micro recommends users confirm the validity of a Twitter account by checking the company’s website directly, rather than through the account. It is also important for security teams to validate Twitter data when leveraging it for investigations or threat intelligence.

To read the full report, please visit:  https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/hunting-threats-on-twitter.

 

Waze Is Helping Canadian Travelers Get To Their Summer Destinations

Posted in Commentary with tags on July 30, 2019 by itnerd
Travelling to the cottage is a favourite summer pastime for Canadians, but getting there is usually time consuming, stressful and challenging because of cottage country traffic — leaving less time to unwind at the lake.
Waze, the community-based, people-powered navigation app, makes summer driving easier with features that power users find essential, but other Wazers may not be familiar with. Here are just a few of the features in the driving app that can help make your summer travels more fun:
 
Listen to music without missing your directions: Waze integrates with audio apps like Spotify, Deezer, iHeartRadio, NPR, Scribd, Stitcher and Tunin so you can jam to summer tunes within Waze, with directions cutting in seamlessly.
 
Plan your drive: Want to know how early you should leave to get to the cottage by 1 p.m.? Wherever you are planning to go, Waze can tell you what time you need to leave based on traffic. Just enter your destination, select “Later” and the time you want to arrive. Waze will indicate the time you should leave to make it with enough time to enjoy your summer getaway.
 
Find restaurants and gas stations along your journey and add them to your route:Waze can help you make detours to fuel up – either your car or yourself – without missing a beat.
 
Roadside assistance: Connect quickly to emergency and professional services without needing to fumble to find contact information, whether you need a tow truck or have a medical emergency. Simply tap on Reports within Waze to pull up the menu for Roadside Help.
 
Share your drive: If someone is expecting you or you’re in a group driving together, you can share your drive so they can keep tabs on your journey. Waze lets you share a link — via e-mail, text and other options — so anyone with the link can see your drive on the map. (You can stop sharing your drive at any time.)
 
Change the voice Waze speaks with: A new voice in the car might be just what you need to stay alert during a long drive. You can even record your own voice or that of a loved one to tell you where to go. The voice options are always changing, and sometimes include celebs (such as, most recently, DJ Khaled).
Not only is summer a great time to drive — it’s a time when Canadians are in their cars more often! Waze has found its users have different driving behaviours in the summer compared to the rest of the year as they go on vacation, driving further and visiting gas stations and restaurants more often during their journeys. In fact, in July and August they are 270 per cent more likely to navigate to a cottage/cabin, and 100 per cent more likely to navigate to a gas station, convenience store or restaurant.
Wazers also drive more in general during July and August: 14 per cent more than the rest of the year. Last August in particular, one in three Canadian Waze users traveled outside of their home city. In Canada, 71 per cent of Wazers will go on a summer vacation and 62 per cent will use their car to go on vacation.
More than just a map, Waze is truly dedicated to drivers and helps the get to their getaways quickly and safely.

If You Haven’t Updated To iOS 12.4 Yet, Here’s SIX Reasons Why You Should

Posted in Commentary with tags on July 30, 2019 by itnerd

iOS 12.4 has been on the streets for about a week now, and it’s now coming to light that there are six very good reasons to upgrade to it if you haven’t already. There are apparently six “zero interaction” vulnerabilities in iOS. Meaning that an attacker doesn’t need your help to take over your iDevice. Now of those six vulnerabilities, five are fixed outright in iOS 12.4. But the sixth is only partially closed. Here are the details from ZDNet:

According to the researcher, four of the six security bugs can lead to the execution of malicious code on a remote iOS device, with no user interaction needed. All an attacker needs to do is to send a malformed message to a victim’s phone, and the malicious code will execute once the user opens and views the received item.

The four bugs are CVE-2019-8641 (details kept private), CVE-2019-8647, CVE-2019-8660, and CVE-2019-8662. The linked bug reports contain technical details about each bug, but also proof-of-concept code that can be used to craft exploits.

The fifth and sixth bugs, CVE-2019-8624 and CVE-2019-8646, can allow an attacker to leak data from a device’s memory and read files off a remote device –also with no user interaction.

Seeing as you can reduce your potential threat surface from six to one simply by installing iOS 12.4, you should install it right now if you haven’t already. Especially now that proof of concept code is out there for these five vulnerabilities. And when Apple comes out with an iOS 12.4.1 to close the sixth vulnerability, you should install that right away as well.

Now, here’s another why installing iOS 12.4 is important:

Until today, no-user-interaction iOS bugs were usually found in the arsenal of exploit vendors and makers of legal intercept tools and surveillance software. Such vulnerabilities are the holy grail of any attacker, allowing them to hack into victims’ devices undetected.

Thus if you don’t want to be that person who gets their device taken over, you should install iOS 12.4 now. As in right the hell now.

BREAKING: Capital One Pwned… 100 Million People Affected

Posted in Commentary with tags on July 29, 2019 by itnerd

News is breaking on sites like Bloomberg that a hacker has broken into a cloud server under the control of credit card company Capitol One and as many as 100 million people might have had their data illegally accesses.

Here’s where it gets strange. The hacker was caught:

The woman, Paige A. Thompson, was arrested Monday and appeared in federal court in Seattle. The data theft occurred some time between March 12 and July 17, federal prosecutors in Seattle said. The cloud-computing company, on whose servers Capital One rented space, wasn’t identified in court papers.

“I am deeply sorry for what has happened,” said Richard D. Fairbank, Capital One’s chief executive officer, in a statement. “I sincerely apologize for the understandable worry this incident must be causing those affected.”

About 6 million individuals in Canada were also impacted by the breach, Capital One said.

And:

The largest category of data stolen was supplied by consumers and small businesses when they applied for credit cards from 2005 through early 2019, the bank said. It included personal identification data, including names, addresses, phone numbers and dates of birth, and financial data including self-reported income, credit scores and fragments of transaction history.

About 140,000 Social Security numbers were accessed, as well as 80,000 bank account numbers from credit-card customers, the bank said.

I for one would love to know who the cloud computing company is at they have some questions to answer in terms of how this woman got in and got access to this data. Here’s why that matters:

Capital One, which is based in McLean, Virginia, has been one of the most vocal advocates for using cloud services among banks. The lender has said it is migrating an increasing percentage of its applications and data to the cloud and plans to completely exit its data centers by the end of 2020 — a move the company says will help lower costs.

If you are going to outsource stuff to the cloud, your security has to be on point. Otherwise bad things will happen to you and worse things will happen to your customers. Thus along with the cloud computing company, I really want to know what Capitol One is going to do to protect customers data going forward, and what they are going to do to protect the 100 million customers who’s data is now out there.

Back to the woman behind this hack for a second. Usually the hackers get away scott free with this sort of thing. So she was either sloppy or wanted to get caught. I say that either is in play because according to this, she posted details about it on Slack which is either mind blowingly stupid, or a clear indication that she wanted to be caught.

Stay tuned to this case as it will be interesting to watch on multiple fronts.

We’ve Already Used A Year’s Worth Of Natural Resources

Posted in Commentary with tags on July 29, 2019 by itnerd

Today marks Earth Overshoot Day, the day when human demand for food, fiber, timber, and carbon absorption exceeds the amount of biological resources the Earth can renew in one year. This year, Earth Overshoot Day is earlier than ever. This translates to humanity using roughly 1.75x the planet’s resources every year.

For the last 40 years, the planet has become increasingly inefficient, using more resources, creating more emissions, and increasing our carbon footprint. This trend can, however, be reversed – and doing so will be beneficial to businesses in the long run, as discussed in Schneider Electric’s new white paper “The business case for one-planet prosperity.”

One-planet prosperity is a simple compass to assess companies’ strategies against two essential questions: “Do I operate within one-planet constraints?” and “Do my offers help customers move out of ecological overshoot?”, as indicated in the white paper for C-level audiences. Companies whose business models increase human well-being while also increasing resource security are much more likely to be economically successful in the long run.

The white paper discusses the importance for global businesses to strive for one-planet compatibility, that is, pushing back Earth Overshoot Day to December 31st or later, and using one planet’s worth of resources per year, or less.

You can view the white paper in its entirety here, which was developed in partnership with Global Footprint Network, the international sustainability organization that pioneered the Ecological Footprint.