News & Analysis
STANDARD EDITION | Ep. 293 | Monday: August 9, 2021
SECURITY NEWS
DEFCON 29 (2021) Videos are already up! Normally that takes weeks! More
NSA and CISA have published a Kubernetes 59-page hardening guide. The recommendations are what you'd expect. Scan for vulns, least privilege, authN/authZ, logging, etc. More Guide
Deputy National Security Adviser Anne Neuberger said the administration thought about banning ransomware payments, but decided against it because they didn't want to drive the activity further underground. I think they made the right choice. More
CISA Director Jen Easterly launched a new partnership with Amazon, Google, and Microsoft to attack cybercrime. The collaboration is called the Joint Cyber Defense Collaborative (JCDC), which includes a total of 20 companies, and will focus on shared insights, shared situational awareness, and developing national cyber-defense plans for protecting critical infrastructure. More
Google is killing off Android 2.3.7 and lower next month because they don't support its improved login security. More
Apple is taking scrutiny for a new system it calls neuralMatch, where it will alert on images it believes might be CSAM, and if they hit a certain threshold they'll be shared with relevant authorities. Apple has a great record of doing the right thing here (full disclosure: Apple Fanboy here), but many are worried that this can be seen as a foot in a previously closed door for government access. It feels like it'll be harder to take another anti-FBI-backdoor-like stance after this. More
Windows 10 is going to start blocking malicious-acting apps this month. Their technical term for them is PUA, for Potentially Unwanted Apps, meaning they're not quite malware but they kind of act like it. So like, advertising, cryptomining, bundling, marketing, or apps with a bad reputation. More
There are scammer services that will ban Instagram accounts for $60. You have to love market economies. You can pay for good reviews, and you can pay bad reviews. And now you can pay to knock a competitor's account offline. More
The Pentagon is experimenting with a system called GIDE which uses lots of cloud data and AI to attempt to predict the future "days in advance". Some serious movie-plot stuff. More
Vulnerabilities:
- There's a zero-day RCE in Cisco Firewall Manager. More
- Google has released security updates for Chrome. More
Incidents:
- Chinese cyber actors are going after Southeast Asian telco companies. They're believed to be targeting telcos to get a foothold for larger espionage campaigns. More
Companies:
- Reversing Labs has raised $56 million to help address supply chain security. More
- Nozomi Networks has raised $100 million to do OT and IoT security. More
TECHNOLOGY NEWS
Caltech just got $100 million to put solar panels in space and beam the energy down to Earth. I'm all about it, but that second part scares the crap out of me. I'm thinking about all our OT security problems and imagining the software that makes sure the microwave beam is pointed at the right place. More
TikTok now has a resume feature, and if they get popular enough they could bring video resumes into the mainstream. More
GETTR, the pro-right social media platform that prides itself on not filtering content, is being flooded with Islamic State propaganda. More
China has quietly released new guidelines requiring that hundreds of items including X-ray machines and MRI machines be purchased from Chinese companies, which places increased pressure on foreign companies trying to sell into China. More
Tesla Cybertruck production has been delayed until 2022. More
HUMAN NEWS
China is exerting pressure on social media companies that elevate celebrities as people to look up to. This is part of their new trend of acting like the Ministry of Wholesomeness. A few months ago they came out against male celebrities looking too feminine, and set off on a campaign of promoting masculinity in young boys. It's getting pretty Orwellian for sure. More
Pearson has announced a subscription for college textbooks. You can pay $9.99/month for one textbook, or $14.99 for the full library. More
US gun sales continue at unprecedented levels, and suppliers are struggling to keep ammunition in stock. More
A fourth law enforcement officer who responded to the January 6th attack has committed suicide. More
There's been a 13% increase in the number of law school applicants, which is the biggest jump since 2002. More
Disney has released more information on its Star Wars hotel experience, which is basically a hotel stay that doubles as an immersive Star Wars experience. But it's basically for the rich, with a two-person stay starting at around $5,000. More
Biden has extended the pause on student loan payments to January 21, 2022. More
CONTENT, IDEAS & ANALYSIS
Patterns in UL Daily Routines — Our UL community posted our daily routines in our Slack channel and had a bunch of discussion around them, which was really fun. In this post I look at some of the commonalities between them. More
The Strange World of "Good Enough" Fencing — A short piece on the weird economics and psychology of fences and locks. More
Everything is K-Shaped — My thoughts on how much more than the economy is K-Shaped right now. More
How to Initiate Contact With a Mentor (2019) — My guide to reaching out to potential mentors to get the best results. More
NOTES
I finished This is How to Lose the Time War, and I'd say it was…delightful. It's what short science-fiction should be. More
I'm also re-reading Dune, for our book club, and it's decidedly not short science fiction. More
DISCOVERY
[ Sponsored Discovery ] F5 Labs 2021 Application Protection Report: Of Ransom and Redemption — This year’s report used data from more than 700 data breaches, attack intelligence from the F5 Security Incident Response Team (SIRT), and other open source intelligence. The two big themes in the report are the rise of ransomware in 2020 and the enduring popularity of formjacking-style attacks (such as Magecart) against organizations that take payment card information. We also identified patterns between organizations’ data types and how they are likely to be targeted. Organizations that take payment cards for any reason are most likely to be compromised through a formjacking attack. Conversely, organizations whose stored data is harder to sell are much more likely to be attacked with ransomware. This provided the clue to understanding why ransomware is such a problem right now. Attackers have figured out that ransomware is a shortcut to finding a buyer for stolen data that is nonfungible—by selling it right back to their own victims! Get the Full Report
"Linux is only free if your time is worthless." More
"The Gini index of OnlyFans is 0.83. The most unequal society in the world, South Africa, has a Gini index of 0.68." More
Clubhouse is a Cargo Cult More
ATO-Checklist — A list of considerations when designing a sophisticated program to deal with account takeover threats. More
So You Inherited an AWS Account More
Apple is Now an Antifragile Company More
Git Quick Statistics — A list of statistics for a given repository. More
An Introduction to Semgrep More
IPO Brief — A list of this week's hottest IPOs. More
The Importance of Improving Indoor Air Quality More
AutoRecon v2 — A multi-threaded network recon tool that performs automated enumeration of discovered services. More
Haklistgen — Turn any text into a usable wordlist for brute-forcing. More
RECOMMENDATIONS
Listen to this episode of the Prof G podcast with Josh Wolfe as the guest. He talks about regulations in China, crypto, and all sorts of really interesting topics. One of the best interviews I've heard in months, on any show. More
Do me a favor and add the podcast to your Spotify.
APHORISMS
“Educating the mind without educating the heart is no education at all.”
~ Aristotle