MEMBER EDITION | EP. 231 | June 1, 2020
THIS WEEK’S TOPICS: US Protests & Unrest, Trump Goes Into the Bunker, NSA Warns on Exim, Octopus Scanner, Stanford’s SIO Virality Project, Windows 10 Update, SHA-1 Deprecated in SSH, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…
SECURITY NEWS
US Protests & Unrest:
The United States has been engulfed in widespread protests, riots, and disorder, triggered by the death of a man named George Floyd while in police custody. More >
With fires raging near the White House, the lights were turned off and Trump was taken into an underground bunker used during terrorist attacks.
Many large cities have imposed curfews. More >
After many Target stores have been looted, they've decided to close or reduce the hours of around 200 stores. More >
The president is going to designate Antifa as a terrorist organization. More >
Many health officials are worried that the protest activity will lead to a surge in COVID-19. More >
The NSA made an uncharacteristic warning on Thursday about how the Russian GRU is using a vulnerability in Exim to attack systems in the US. The attack allows one to execute shell commands on the host and network that Exim is running on, giving them a pivot point into other networks. It's a patched vulnerability, but many people still haven't updated. If you know anyone running Exim, try to get them to do so. More >
Octopus Scanner is a piece of malware that attacks the software supply chain by embedding malware during the build process within Netbeans projects. More >
Stanford launched the SIO Virality Project, which is a study looking to understand the disinformation ecosystem around COVID-19. More >
The 2004 Release of Windows 10 is out, and it includes some security and privacy improvements. These include updates to its firmware protection, Chromium-Edge support for Application Guard, better support for FIDO2 keys, simplified access to security settings, and a bunch of other stuff. More >
OpenSSH is deprecating SHA-1, which it's now possible to perform chosen-prefix attacks on for around $50K. More >
There are a number of ways to attack YouTube creators with Denial of Service attacks associated with terms of service violations. Basically, you spam various types of complaints against particular videos, such as Circumvention of Technolgy, and it causes YouTube to take down the video and perhaps even disable the target's account. So what attackers are doing is hitting up YouTubers and sending them ransom notes, saying that if they don't pay they'll get their content taken down. YouTube needs to adjust to the fact that these types of complaints are being weaponized. More >
The UK is looking to phase China out of its 5G infrastructure. More >
The ACLU has sued Clearview AI for collecting and selling images of people's faces. This is a good suit in my opinion. I mean, Clearview AI was literally trying to make it so that their customers could know who anyone was, even if they hadn't consented to be a target. More >
Advisories:
Six Cisco servers were hacked using SaltStack vulnerabilities. More >
There's a new Android vulnerability that lets apps disguise themselves as other apps, create false UIs, and ultimately steal information. More >
Emerson has multiple issues in OneEnterprise, a SCADA control solution. More >
Breaches:
Joomla announced a breach on an S3 directory that revealed the data of around 2,700 users. More >
NTT says its Singapore cloud was hacked, resulting in the loss of Japanese customer data. More >
Companies:
Synack raised a $25M Series D. More >
Cisco is purchasing ThousandEyes, a Threat Intelligence company. More >
Vesta raises $125M to to fight payment fraud using AI. More >
TECHNOLOGY NEWS
Sony is going to demo the first Playstation 5 games on June 4th. More >
Google is now providing an Anxiety Self-Assessment link to anyone searching for anxiety-related terms. More >
GE has exited the lightbulb business after 130 years. They got in around 1890, in other words. More >
Amazon is offering permanent roles to around 125,000 recent COVID-surge-related workers. More >
Ear and wrist wearables helped wearables jump 30% YOY in the first quarter of 2020. More >
Microsoft is laying off dozens of journalists and editors that were responsible for picking stories for their MSN News service. They're being replaced with AI algorithms that do that work automatically. More >
HUMAN NEWS
SpaceX took two humans to space from the US for the first time in around 9 years, and it was unexpectedly emotional for me. I was also elated to see so many women explaining the science and the mission as part of the broadcast. It truly felt like we were making human progress for a moment, and I'm thankful to them for that. More >
Humpback whales are making a strong comeback in Australia, with numbers growing at around 10% a year. More >
There's more evidence that Coronvavirus could be a blood vessel disease, which would explain a lot. More >
The Census Bureau has found that a third of Americans show signs of anxiety or depression. More >
Universities are about to be in really bad shape this fall, when tons of international students don't show up and pay their fees, they can't house students safely, and they can't run sports safely that generate revenue. More >
Multiple American Indian tribes are being hit extremely hard by COVID-19. More >
Meditation and mindfulness apps continue to thrive during the pandemic. More >
71% of Americans believe the US economy is in a recession or depression. More >
IDEAS, TRENDS, & ANALYSIS
Idea Generation, by Sam Altman More >
People who believe in conspiracy theories tend to have certain mental characteristics, such as being anxious, feeling a loss of control, and feeling isolated and disconnected. And unfortunately, many people are feeling these right now. More >
Maybe all hipsters are Absurdists. It’s not that they think they can get true meaning from all those micro-hobbies. It’s that they realize there is no such thing, so they over-index on small details in order to distract themselves. More >
There's a theory called Meaning Maintenance that says we tend to search for and double down on our core identities and beliefs when we are faced with something that doesn't make sense. This is super interesting given the story above about conspiracy theories. More >
The New Model Media Star is Famous Only to You More >
Happiness During COVID-19, by Jonathan Haidt More >
Pay for Your News More >
UPDATES
I'm reading one of the best reading I've read in a long time, called The Meritocracy Trap. It's about economics, social strife, the separating classes in America, and so much more. I also just finished Piketty's latest book, but I found this one far more descriptive, practical, and accurate. 10/10. More >
DISCOVERY
I love sunglasses, so I might be trying out these new offerings from Futuremood that supposedly have the ability to alter your mood. They're not out yet, though. More >
How to upgrade the lighting in your home office. More >
A Red Team Maturity Model More >
Minecraft Dungeons just came out, and it looks extremely fun. It's like a kid-friendly Diablo game, but in the Minecraft universe. More >
A List of One-sentence Descriptions of AWS Services More >
Cloudflare launched a new bandwidth speed test tool called, well, Speed Test. More >
A Tone of Voice Guide for Writing More >
5 Types of Zsh Alias More >
Graphing MITRE using Bloodhound. More >
Stop writing on Medium if you care about SEO. More >
Someone made a custom Zoom background where he brings himself a drink. More >
Pimp My Terminal More >
RECOMMENDATIONS
Text ten friends that you haven't talked to in a while, and tell them you care about them.
APHORISMS
"Conviction is the conscience of the mind."
~ Nicolas de Chamfort