- Unsupervised Learning
- Posts
- Unsupervised Learning No. 236
MEMBER EDITION | EP. 236 | July 6, 2020
THIS WEEK’S TOPICS: Encrochat breach, F5 Big Problem, DHS Social Election Query, WastedLocker, India Bans Chinese Apps, Florida DNA Privacy, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…
SECURITY NEWS
French authorities cracked an encrypted network used by criminals, called Encrochat, listened to what was being said by thousands of criminals throughout Europe and the world, and used that information to make likely hundreds of arrests for crimes such as murder, drug transport, robbery, extortion, and kidnapping. Encrochat uses local encryption on modified Android phones and had become the go-to solution to safely discussing crimes without the police being able to eavesdrop. French authorities used a piece of malware to attack the system and let them see what was being said, and those using the system went into full panic mode once the word got out that it'd been compromised. More
F5's BIG-IP has a vulnerability with a CVSS score of 10 out of 10. An attacker can send malicious HTTP traffic to take full admin control of the BIG-IP system. Given the placement and function of these devices, attackers could then do significant harm to the organization, including deleting files, altering services, intercepting data, and advancing to additional targets. More
The DHS is looking to implement algorithms to crawl social media looking for state-level efforts to influence the 2020 election. The Office of Intelligence and Analysis Cyber Mission Center is asking vendors to submit proposals on how they can help. More
At least 31 US businesses are being targetted with WastedLocker ransomware, led by the Russian Evil Corp group. More
India has banned 59 Chinese apps, including TikTok, Weibo, and WeChat. More
As China's new security rules get ready to take effect in Hong Kong, many are purging their social media profiles out of fear. More
Flordia has enacted the nation's first DNA privacy law, prohibiting insurers from using DNA data for coverage decisions. More
Putin has successfully pushed a law saying he can rule until 2036. There was a vote on it, but they closed the polls 5 hours early and said it was successful. More
The US Defense Department says 20 of China's top technology companies are either owned or backed by the Chinese government, and it appears this callout could set up additional sanctions against those companies. More
Vulnerabilities:
F5 BIG-IP has a CVSS 10 RCE via HTTP. More
Palo Alto has released critical security updates for PAN-OS. More
Microsoft has released emergency updates for Windows 10 and Windows Server. More
Cisco releases updates to 8 different products. More
Netgear is going through a patching phase for tens of products. More
Samba has released security updates for a set of vulnerabilities, some of which enable full system takeover. More
Breaches:
A database of 384 thousand UK BMW customers is being sold on the dark web. More
Companies:
Hunters.ai is a threat hunting company that just raised $15 million in a Series A. More
TECHNOLOGY NEWS
A number of outlets are highly recommending the DJI Mavic Air 2 as the drone to get for most people. Better camera, better software, and longer flight times seem to be the main factors. More
Tesla delivered around 91,000 vehicles in Q2, which is more than people expected, and it's stock (some of which I own), has pushed to an all-time max on the news. Tesla is now worth more than Toyota, placing it as the most valuable car company in the world.
SpaceX successfully launched a GPS III space vehicle for the US Space Force, which I naively thought was more theoretical than it evidently is. As it turns out, the US Space Force now owns all in-space GPS assets, which used to belong to the US Air Force. More
Tesla is evidently working on a 12-seater electric van to work in conjunction with The Boring Company. More
MIT was forced to pull its database of 80 million labeled images that was designed to help with machine learning research, as many of the labels were recently discovered to be sexist and racist. More
Companies:
HUMAN NEWS
Around half of the US population is unemployed, and that's just for people who are looking for work. If you count people who aren't looking, the numbers for total non-workers are much higher. More
COVID seems to have massively exacerbated America's problem with drug overdoses. Suspected incidents jumped 18% in March, 29% in April, and 42% in May. More
It appears that older people can significantly improve their color vision by staring daily at red light. More
Kanye West has announced that he's running for president in 2020. I normally wouldn't mention such things, but the world is strange enough right now for this to actually matter. More
Google has produced an enormous digitized version of The Last Supper, by Da Vinci, using a new proprietary "ultra-high resolution" camera. More Image
It appears a major risk factor for COVID is inherited from Neandertals. More
SF one-bedroom rent prices dropped 12% YoY in June. More
Developers are starting to look at failed malls as a place to build apartments and community spaces. More
Boeing is stopping production on the iconic 747. The last one will be made 2 years from now. More
IDEAS, TRENDS, & ANALYSIS
When the plague killed one-third of the population in Europe, the rich got significantly richer, and there is concern and evidence that the same could happen with the fallout from COVID. More
The UN says we're losing $10 billion dollars of precious metals in electronic waste every year. More
America has a serious problem with essential worker vs. disability wages. If you are in the workforce and get sick, and realize your disability checks are bigger than your paychecks, it makes one seriously question why they'd try to go back to work. Especially if you now have more time to care for a family. These incentives are horribly toxic to a healthy workforce. More
How Technology Changes Our Brains (reminds me a lot of Neil Postman's Amusing Ourselves to Death) More
Renée DiResta got me thinking this weekend about interesting it is that social media companies have been tearing us apart. Companies like Facebook are advertising companies that specialize in dividing people into extremely small groups, and then selling to those groups with extreme accuracy. It should not be a surprise then that that platform at scale can be used to highlight and magnify our experiences. Or as I put it in a reply to one of her posts, "It's almost like technologies that excel at breaking people into groups tend to break people into groups."
UPDATES
I am halfway done with the UL Book Club's book of the month, Burn-in, and it keeps getting better!
I'm also working on my outline for my DEFCON talk on automating recon.
DISCOVERY
John Gruber was advertising Yes Plz coffee on his site, so I bought a bag to try out. I'll let you know how it is. More
4 Year Compensation Packages Comparison More
The four phases of an offensive security maturity model. More
An AWS Security Maturity Roadmap More
A visual of API counts by AWS service. More
An Introduction to Reverse Engineering with Ghidra More
John Maynard Keynes on Newton, the Man. More
Let Me Out — Rob Fuller's egress testing tool. More
Cloud Ranges — A repository of various companies' cloud IP ranges. More
AWS CodeGuru — AWS's AI-based code reviewing tool. More
RECOMMENDATIONS
I just ordered one of these Resolute Tools X-1 Ultralight Titanium knives. I've been looking for something like this to replace my current razor-blade-based EDC from Gerber. More
APHORISMS
“The farther backward you can look, the farther forward you are likely to see.”
~ Winston Churchill