Daniel Miessler

Unsupervised Learning No. 244

News & Analysis
August 31, 2020
#ai #business #culture #cybersecurity #future #innovation #society #technology #writing

MEMBER EDITION | EP. 244 | August 31, 2020

Russian attempted hack of Tesla, New Zealand SE DDoS, Drone Assassinations, China Unified Social Credit System, Cisco Sabotage, Stolen Gaming Accounts, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…

SECURITY NEWS

A Russian hacker group tried to pay a Russian-speaking immigrant employee at Tesla $1,000,000 to install malware on the Nevada factory's network. What's interesting to me is that the representative was in-country, and actually met with the employee he was trying to bribe, which is quite spy-tradecraft-like. The attack would have performed data exfiltration leading to a ransomware attack, but the employee went to the FBI who arrested the group's representative at the airport as he tried to leave the country. More

The New Zealand stock exchange was hit twice in two days by DDoS attacks, which made cash market trading unavailable. More

Drug cartels are doing assassinations using drones carrying bombs. More

China is rolling out a new blockchain-based technology to link together its various provisional social credit systems. More

A Cisco ex-employee deleted 465 VMs that powered 16,000 customer Webex accounts, resulting in around $2 million dollars in damage. More

The FBI is warning about online romance scams that are costing nearly $500 million a year. The attacker basically finds lonely people and starts up a fake relationship, and at some point they ask for money. It's a very old scam, but obviously very effective right now due to COVID. More

Stolen gaming accounts for games like Fortnite, Minecraft, and Runescape are part of a $1 billion dollar market. More

Vulnerabilities:

  • Cisco fixed some high severity bugs in its switches and fibre storage products. More

  • Slack fixed a critical RCE vulnerability in its desktop app that was found through a HackerOne bounty. More

  • Three vulnerabilities have been discovered in MicroTik's routers. More

Companies:

  • Congrats to Signal Sciences for getting picked up by Fastly for $775 million. More

TECHNOLOGY NEWS

A team from MIT has successfully used radio signals and deep learning to identify what people are doing in a room without the use of cameras. More

Musk's Neuralink demo was interesting but not a major victory, largely because the subjects were pigs. It turned out to mostly be a recruiting pitch. More

Amazon is delivering nearly two-thirds of its own packages. More

LG is releasing a wearable air purifier. It uses HEPA filters and LED lights to kill bacteria. More

Internet Explorer is finally dead. Officially at least. More

Some Canon cameras can now upload their images straight to Google Photos. More

Companies:

  • Grid is an Iceland-based company that turns spreadsheets into visual narratives. More

  • Snowflake IPO'd, and here's some analysis of the filing. More

  • Salesforce has cut around 1,000 jobs and had a great earnings report that pushed its stock up by 26%. More

  • Okta's stock has doubled since March due to increased remote auth requirements from COVID. More

SOCIETY NEWS

One theory says the reason we feel so bad is that we've exhausted our "surge capacity" due to serial catastrophes. More

Germany's largest trade union is looking to propose 4-day work weeks to help prevent layoffs. More

New Yorkers are fleeing to the suburbs. The story is about New York, but I imagine the data will soon show that many big cities are doing something similar. More

50 new planets were discovered using machine learning. More

China has recently built at least 200 prison and internment camps to hold tens or hundreds of thousands of Muslims. More

IDEAS, TRENDS, & ANALYSIS

Why Understanding Beats Knowledge More

GPT-3 might represent new challenges for law firms. More

Data Scientists Should Be More End-to-End More

Zoom is Now Critical Infrastructure. More

UPDATES

After discussing it with our community in the UL Slack channel, I decided to update our subscription pricing to match a few other creators and make it weighted heavier towards annual subs. So if you're doing monthly, we're moving from $5 a month to $9.99, which is $120/year. But subscribing for a year takes that down by half to $59.99. If you're already on the annual plan your price will go up by $0.83 cents per month, which is hopefully tolerable. : ) Once again, thank you all for being supporters. It means a great deal to me that you find my work valuable.

I was rather affected by the loss of Chadwick Boseman. On Twitter I wrote: "I feel ashamed to be so affected by his loss, given that the way I learned about him is through Black Panther—a comic book movie. But he did such a great job of conveying kindness and strength. It was just beautiful. Fiction matters. He was brilliant. He’ll be missed." More

I've changed the theme for UL from security, tech, and humans....to security, tech, and society. Many have complained that "humans" was a bit ambiguous, so hopefully "society" both implies the human element while making it clear that it's also about how humans interact with each other.

Last week I said that Sullivan—the former CISO at Uber—was arrested for the handling of their breach announcement, but in fact he was just charged, not arrested. Engadget got the story wrong, and I trusted them as a reputable source. This is why we must remain vigilant over our delicate web of trust. Apologies.

DISCOVERY

I just bought NOMAD's new wireless charging mat, the Base Station Pro. The big feature for me was the ability to drop your device anywhere on the mat, as opposed to having to perfectly align it. More

How to Write in Plain English More

A stellar 85-megapixel image of the moon. More

Common mistakes made during interviews. More

Riot released a Game Design curriculum for free. More

Cory Doctorow has released a new book called How to Destroy Surveillance Capitalism, and he's put it out as a blog post as well. More

Meditation as a shield against the attention economy. More

Vuln Cost — An open-source security scanner for VS code. More

URLGrab — A Go-based web spider. More

Parth — Heuristic Vulnerable Parameter Scanner More

RECOMMENDATIONS

The Bellingcat Podcast — A podcast about using Open Source Intelligence to track down nearly impossible clues to solve mysteries. If you're into OSINT, Recon, Intelligence, or anything of the like—you'll love this. More

APHORISMS

"Character is simply a habit long continued."

~ Plutarch

Thank you for supporting this work.

Thank you for reading...
Subscribe On YouTube Follow On LinkedIn
HOME·BLOG·ARCHIVES·ABOUT