It is Tuesday, so of course that means we get a pile of new security articles 🙂 On Krebs on Security, they talk about a recent phish at Seagate where it exposed all employee W-2’s. That is a huge problem given the amount of personal information available. Softpedia reports on the Custom Content Type Manager WordPress plugin that comes with a backdoor, allowing the theft of admin credentials. It is a weird situation, with the project owner change, but it does question the idea of automatic updates without some sort of validation. CloudFlare has two excellent posts, one talking about the 400Gbps DDoS they faced and another about DNS packet sizes.

As always, enjoy today’s items, and please participate in the discussions on these sites.

Startups, Career and Process

• Non-Commissioned Managers | Allan Kelly

Design and Development

• Friday Q&A 2016-03-04: Swift Asserts | Mike Ash
• Cohesion – The cornerstone of Software Design | Java Code Geeks
• What’s in a Build Tool? | Haoyi’s Programming Blog
• Surprises in Ruby HTTP libraries | Julia Evans
• 5 Things Your QA Manager Wish You Knew About Software Testing | DZone Agile
• Solving the Josephus problem in Kotlin | Nicolas Frankel
• Metrics considered charmful | Edmund Kirwan

AI, Machine Learning, Research and Advanced Algorithms

• Anomaly Detection Using STL | Willie Wheeler
• Trajectory Data Mining: An Overview | the morning paper
• Correlation Of Two Out-of-phase Sine Waves | John D Cook

Big Data, Visualization, SQL and NoSQL

• SQL: Counting Groups of Rows Sharing Common Column Values | Inspired by Actual Events

Infrastructure, Operations and DevOps

• Conflating The Roles of Alerting and Dashboards | Kyle Brandt
• Docker meets Continuous Deployment | Java Code Geeks
• Debugging why ping was Broken in Docker Images | Cyphar

Security, Encryption and Cryptography

• Rails security digest and review reminders #7 | Ruby on Rails Security Project
• A Deep Dive Into DNS Packet Sizes: Why Smaller Packet Sizes Keep The Internet Safe | CloudFlare
• Serialization Must Die: Act 2: XStream (Jenkins CVE-2016-0792) | Contrast Security
• Popular WordPress Plugin Comes with a Backdoor, Steals Site Admin Credentials | Softpedia
• 400Gbps: Winter of Whopping Weekend DDoS Attacks | CloudFlare
• Seagate Phish Exposes All Employee W-2’s | Krebs on Security

Link Collections

• Programming Digest #149 for March 7, 2016 | Weekly Programming Newsletter
• Data Science Roundup #24: Data science @ Airbnb and data anonymization in Python | The Data Point
• Double Shot #1653 | A Fresh Cup