Uncategorized

DVD-ROM

DVD-ROM

A new type of read-only compact disc that can hold a minimum of 4.7GB (gigabytes), enough for a full-length movie.

The DVD-ROM specification supports disks with capacities of from 4.7GB to 17GB and access rates of 600 KBps to 1.3 MBps. One of the best features of DVD-ROM drives is that they are backward-compatible with CD-ROMs. This means that DVD-ROM players can play old CD-ROMs, CD-I disks, and video CDs, as well as new DVD-ROMs. Newer DVD players can also read CD-R disks.

DVD-ROMs use MPEG-2 to compress video data.

Uncategorized

SPI

SPI

(1) Short for Serial Peripheral Interface, a full-duplex synchronous serial interface for connecting low-/medium-bandwidth external devices using four wires. SPI devices communicate using a master/slaverelationship over two data lines and two control lines:

  • Master Out Slave In (MOSI): supplies the output data from the master to the inputs of the slaves.
  • Master In Slave Out (MISO): supplies the output data from a slave to the input of the master. It is important to note that there can be no more than one slave that is transmitting data during any particular transfer.
  • Serial Clock (SCLK): a control line driven by the master, regulating the flow of data bits.
  • Slave Select (SS): a control line that allows slaves to be turned on and off with hardware control.

(2) Short for System Packet Interface, a point-to-point interface standard, allows network equipment designers to develop an array of next-generation multi-service switches and routers to support multi-service traffic with aggregate bandwidths up to OC-192 (10 Gb/s) and beyond, enabling them to dramatically increase system performance. It is a family of Interoperability Agreements from the Optical Internetworking Forum (OIF) which include:

  • System Packet Interface Level 5 (SPI-5): OC-768 System Interface for Physical and Link Layer Devices. (OIF documentation)
  • System Packet Interface Level 4 (SPI-4) Phase 2: OC-192 System Interface for Physical and Link Layer Devices.(OIF documentation)
  • System Physical Interface Level 4 (SPI-4) Phase 1: A System Interface for Interconnection Between Physical and Link Layer, or Peer-to-Peer Entities Operating at an OC-192 Rate (10 Gb/s)  (OIF documentation)
  • System Packet Interface Level 3: OC-48 System Interface for Physical and Link Layer Devices (OIF documentation)
Uncategorized

MIDL

MIDL

Short for Microsoft Interface Definition Language, MIDL defines interfaces between client and server programsMicrosoft includes the MIDL compiler with the Platform SDK to enable developers to create the interface definition language (IDL) files and application configuration files (ACF) required for remote procedure call interfaces and COM/DCOM interfaces. MIDL also supports the generation of type libraries for OLE Automation. Create client and server programs for heterogeneous network environments that include such operating systems as Unix and Apple[Source: MSDN Library – MIDL]

Uncategorized

FMD-ROM

FMD-ROM

Introduced by Constellation 3D Inc. (C3D), Fluorescent Multi-Layer Disc (FMD-ROM) holds up to 140 GB of data. This is currently 215 times greater than a CD-ROM (.65 GB) and 23 times greater than a DVD-ROM(6 GB).

FMD-ROM discs contain fluorescent materials embedded in the pits and grooves of all 10+ layers. When in contact with a laser, the fluorescent materials are stimulated to produce coherent and incoherent light; data is stored in the incoherent light.

Because the technology isn’t based on reflection, multiple layers are read at the same time.

With minor re-tooling, FMD-ROM discs are compatible with existing CD-ROM and DVD-ROM drives. Likewise, FMD-ROM drives are backward compatible, accepting CDs and DVDs.

Uncategorized

SAS

(pronounced as separate letters) Short for Serial Attached SCSI, an evolution of parallel SCSI into a point-to-point serial peripheral interface in which controllers are linked directly to disk drives. SAS is a performance improvement over traditional SCSI because SAS enables multiple devices (up to 128) of different sizes and types to be connected simultaneously with thinner and longer cables; its full-duplex signal transmission supports 3.0Gb/s. In addition, SAS drives can be hot-plugged.

In topologies with more than two connected devices, SAS calls for the use of expander devices to allow for more than one hostto connect to more than one peripheral.

SAS devices can communicate with both SATA and SCSI devices (the backplanes of SAS devices are identical to SATA devices). A key difference between SCSI and SAS devices is the addition in SAS devices of two data ports, each of which resides in a different SAS domain. This enables complete failover redundancy as if one path fails, there is still communication along a separate and independent path.

Uncategorized

DisplayPort – DP

DisplayPort – DP

 

DisplayPort (DP) is an audio/video (A/V) display interface used to connect a video source to a display device. For example, you may connect a computer monitor to the PC using the DisplayPort. DisplayPort primarily replaces older interface technologies, including VGA and DVI.

The interface is typically found on on tablets, notebooks, and desktop computers and monitors. The display interface is also included on some digital televisions but is more often associated with devices related to computing and digital consumer electronics (CE).

DisplayPort - DP

DisplayPort Specification

DisplayPort is developed by a consortium of PC and chip manufacturers and standardized by the Video Electronics Standards Association (VESA). The DisplayPort specification calls for full A/V performance (up to 8k at 60Hz), SuperSpeed USB (USB 3.1) data, up to 100 watts of power over a single cable, reversible plug orientation and cable direction and adapters that support HDMI 2.0a and full 4K UHD resolution.

The current version is DisplayPort 1.4a, published in April, 2018. This version defines the new normative requirement and informative guideline for component and system design.

DisplayPort Compatibility

DisplayPort primarily replaces older interface technologies. While newer GPUs and electronic computing devices are DisplayPort-ready, the interface is backward compatible with other interfaces. This allows PC owners to use a passive or active adapter (also called plug adapter or adapter cable) to connect DisplayPort enabled devices to older monitors or projectors using DVIHDMI and VGA technologies.

DisplayPort Versus HDMI

While there may be some overlapping competition between HDMI and DisplayPort, the two specifications are quite different and each has a different product focus. Where HDMI is considered to be the de-facto connection for home entertainment systems and is widely available on HDTVs as an A/V interface, DisplayPort was developed to support the higher performance requirements of personal computers, is based on updated signal and protocol technology.

Apple Mini-DisplayPort (mDP)

The Mini DisplayPort is a smaller, Apple version of the DisplayPort published by Apple and used to connect a Mac that has a Mini DisplayPort, Thunderbolt, or Thunderbolt 2 port to a display that uses a DVI or VGA cable.

Uncategorized

BEC – business email compromise

BEC – business email compromise

Business email compromise (BEC) is a type of corporate financial scam that specifically targets organizations conducting business abroad. This scam relies upon the attacker’s ability to successfully impersonate communications from a company stakeholder that would be tasked with instructing other high-level employees in conducting business transactions and using wire transfers to pay manufacturers and suppliers. Spoofing or compromising these specific corporate employee email accounts can result in fraudulent transfers.

Often in BEC security scenarios, the attacker will impersonate the high level employee and provide instructions for employees to share information or conduct transfers with a fictitious supplier.  In other reported crimes, the attacker creates fake documents and invoices to impersonate the foreign manufacturer or supplier.

It has also been noted that attackers may initiate the BEC scam by targeting employees in HR to obtain personally identifiable information (PII) of stakeholders and other key employees to be used in future attacks.

Note: Business email compromise (BEC) is also called business email spoofing (BES)

The Five Common Types of BEC Attacks

According to security firm Trend Mico there are five types of BEC attacks to be aware of:

  1. Bogus Invoice: Attackers pretend to be the suppliers requesting fund transfers for payments to an account owned by fraudsters.
  2. CEO Fraud: Attackers pose as the CEO or any executive and send an email to employees in finance, requesting them to transfer money to the account they control.
  3. Account Compromise: A high-level employee’s email account is hacked and used to request invoice payments to vendors listed in their email contacts. Payments are sent to fraudulent accounts.
  4. Attorney Impersonation: Attackers pretend to be a lawyer or from the law firm supposedly in charge of crucial and confidential matters.
  5. Data Theft: Employees under HR or bookkeeping are targeted to obtain personally identifiable information (PII) of employees and executives to be used for future attacks. (Source)

While business email compromise attacks use email and other forms of technology and digital communications to be successful, the scam does not use technical security exploits, making it difficult for organizations to detect.  Most security firms recommend employee education and additional security awareness training to identify and avoid BEC scams.

Operation WireWire

In June 2017, an FBI operation managed to bring down an international criminal organization whose main activity was business email compromise (BEC). The operation, known as WireWire, led to 74 arrests in seven countries, and the retrieval of 16.2 million dollars. (Source: Panda Security)

Uncategorized

IT boot camp

IT boot camp

Information Technology boot camps, or IT boot camps, have taken off in popularity in recent years as a way for employees to advance their careers and prospective employees to earn new jobs by gaining key programming skills in a short but often very intensive timeframe.

While IT boot camps didn’t exist prior to 2012, today there are over 100 IT coding boot camp companies and schools to choose from. A few of the best known and most reputable IT boot camps include App Academy, Hack Reactor, Hackbright Academy, General Assembly, Coding House, Dev Bootcamp, and Bloc.

These technology coding bootcamps offer instruction on a wide array of computer programing languages, philosophies, and skillsets, including HTMLJavaScriptPythonPHPRuby on Rails, and more.

IT boot camps span an average of 12 weeks but can vary from 6 to 28 weeks or more in length, depending on the subject matter and the school or company providing the IT coding boot camp instruction. Most IT boot camps provide intensive, accelerated learning curriculums with hands-on projects where students develop their own software programs, web apps, and other digital tools.

IT Boot Camps Come in All Shapes and Sizes

When it comes to selecting an IT boot camp, options abound, with full-time, part-time, and online coding boot camps all available to select from, as well as locations across the country. Additionally, you’ll find IT boot camps run by independent organizations, by reputable colleges and universities, and also a hybrid of the two where an independent IT boot camp company partners with a reputable school for collaborating on boot camp offerings.

Full-time IT boot camps are often extremely intensive and require up to 80 hours per week of work over a two- to seven-month period of time. As a result of the time demand, this often means the student needs to take time off from their full-time position if they have one.

These full-time IT boot camps can also be quite expensive, although some companies will pay a portion or all of the expense of the coding boot camp for an employee if it’s an extremely valuable skill that the company lacks.

For those with less time or money to commit to a full-time boot camp, part-time IT boot camps or online bootcamps are often a more attractive option. Part-time IT boot camps typically require a commitment of 20 hours or so a week, which can be spent on location or online depending on the boot camp.

These part-time and online IT boot camps also tend to be more affordable than their full-time boot camp counterparts, making them an ideal option for those needing additional flexibility or a more economical boot camp option.

Are IT Boot Camps Accredited?

Most IT boot camps are not accredited in the same way colleges and universities are, and they are not able to grant degrees to students who successfully complete the boot camp. Many of the larger, more recognizable IT boot camps do however work with state agencies to become accredited as an IT boot camp.

And colleges and universities that offer their own IT boot camps or partner with IT boot camp companies are able to rely on their reputation and accreditation to provide boot camps that are frequently held in high regard by employers.

Some of the best-known schools providing reputable IT boot camps today include Northeastern University (Level), the Coding Bootcamp at UT Austin, Georgia Tech Coding Bootcamp, the Coding Bootcamp at UNC Chapel Hill, Northwestern Coding Bootcamp, University of Minnesota, Seattle University Coding Bootcamp, DeVry Bootcamp, California Coding Bootcamps (at UCLA, UC Irvine, UC Berkeley and UC San Diego), and Rutgers Coding Bootcamp.

Alternatives to / Preparation for IT Boot Camps

IT boot camps often require a serious commitment in terms of both time and money, and are not for everyone as a result. For those just getting started with coding, a free online course often makes more sense and can be an economical alternative to an IT boot camp or a great way to get hands-on knowledge of coding without a significant investment.

Free online coding courses from Codeacademy, Code School, Coursera, and the online Computer Science and Programming courses through Harvard (edX) and MIT (OpenCourseware) are great places to start if you’re just getting started with coding or are considering an IT boot camp in the future.

Uncategorized

Scrum Master

Scrum Master

Scrum Masters are responsible for leading and managing complex projects in Scrum, an agile methodology and framework. A Scrum Master’s primary responsibilities include ensuring the development team stays on track for development milestones while also reviewing the work in progress to ensure the Scrum group adheres to best practices.

A Scrum Master is also tasked with helping both those involved directly within a Scrum team as well as those impacted by the Scrum team’s work understand Scrum theory, practices, rules and values.

A Scrum Master is an advocate for Scrum theory and the work achieved by the Scrum Master’s team, and continually seeks to cause change in an organization that will increase the productivity, quality, and efficiency of the Scrum Team while also boosting the company’s return on investment (ROI) as a result of the Scrum Team’s work.

Daily Sprints and the Scrum Master’s Role in Them

In a scrum, a team typically works on “sprints,” which are two-week development cycles that include short daily stand-up meetings in which the scum master leads the quick 5- to 10-minute meeting. Each team member gets a chance to speak for roughly a minute in these stand-up meetings, and succinctly covers:

1. What they did yesterday

2. What they will be doing today

3. What issues or blockers are preventing them from accomplishing their tasks

The Scrum Master takes all of this information and works to help resolve issues while also encouraging and coaching the development team to be self-sufficient and self-organizing as much as possible when it comes to their tasks and challenges.

Scrum Masters vs. Project Managers

Scrum Masters are often compared to Project Managers, and while the roles are sometimes mistakenly considered to be similar, the two positions are actually quite disparate and require very different skill sets in terms of personality, experience and management style.

A Project Manager is closer to the role of a Project Owner in a Scrum Team, and they serve as the leader and overall decision maker who is directly accountable to the company for managing the project and accomplishing the objectives for the project.

The Scrum Master on the other hand serves in more of a coaching and facilitating role, supporting the Project Owner to coach the team to be as efficient as possible and resolve any roadblocks, personality issues, disagreements or other impediments while also ensuring the Scrum process is followed correctly and its value is maximized within the team and for the company overall.

How Much Do Scrum Masters Make on Average?

As the most widely-used framework for agile development, Scrum-certified employees, and particularly Scrum Masters, are held in high demand and typically command a high salary as a result.

The average annual salary for a Scrum Master in the United States is just under $88,000 as of 2018, with Scrum Master salaries typically ranging from a low of about $75,000 per year to just over $100,000 per year, depending largely on the size of the organization and industry.

While a number of companies provide Scrum training and certification programs, Scrum Alliance and Scrum.org are considered by many to be the most reputable Scrum certification organizations.

Uncategorized

threat intelligence

threat intelligence

Threat intelligence is the knowledge of the capabilities, resources, motives, and goals of potential security threats to an organization and the application of this knowledge in protecting against security breaches and data theft.

Threat intelligence is a continually evolving process that involves identifying potential security threat actors, understanding their motives and likely avenues for compromising security, and implementing policies and processes that prevent threat actors from compromising an organization as well as limiting the amount of damage they can cause if they are able to breach security.

The Continually Evolving Threat Intelligence Cycle Process

Because threat actors never stop developing and testing new techniques for their cyberattacks, threat intelligence is an on-going, circular process or cycle rather than an end-to-end process. As such, the threat intelligence cycle involves a continual process of planning, implementing, analyzing, optimizing and refining security data collection to better identify all of the following (and more):

Threat Intelligence
Image Source: Accenture.com

Why Is Threat Intelligence Important?

The goal of the cyber threat intelligence process is to produce threat intelligence reports and insight that can be analyzed by corporate security or third-party security intelligence services to implement and/or improve automated security software as well as increase employee knowledge of potential security attacks on the company.

Overall, threat intelligence is designed to keep an organization, its security staff, and all of its employees informed of the security risks the company faces and how best to protect against these threats as well as new ones likely to emerge.