MEMBER EDITION | EP. 244 | August 31, 2020
Russian attempted hack of Tesla, New Zealand SE DDoS, Drone Assassinations, China Unified Social Credit System, Cisco Sabotage, Stolen Gaming Accounts, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…
SECURITY NEWS
A Russian hacker group tried to pay a Russian-speaking immigrant employee at Tesla $1,000,000 to install malware on the Nevada factory's network. What's interesting to me is that the representative was in-country, and actually met with the employee he was trying to bribe, which is quite spy-tradecraft-like. The attack would have performed data exfiltration leading to a ransomware attack, but the employee went to the FBI who arrested the group's representative at the airport as he tried to leave the country. More
The New Zealand stock exchange was hit twice in two days by DDoS attacks, which made cash market trading unavailable. More
Drug cartels are doing assassinations using drones carrying bombs. More
China is rolling out a new blockchain-based technology to link together its various provisional social credit systems. More
A Cisco ex-employee deleted 465 VMs that powered 16,000 customer Webex accounts, resulting in around $2 million dollars in damage. More
The FBI is warning about online romance scams that are costing nearly $500 million a year. The attacker basically finds lonely people and starts up a fake relationship, and at some point they ask for money. It's a very old scam, but obviously very effective right now due to COVID. More
Stolen gaming accounts for games like Fortnite, Minecraft, and Runescape are part of a $1 billion dollar market. More
Vulnerabilities:
Companies:
Congrats to Signal Sciences for getting picked up by Fastly for $775 million. More
TECHNOLOGY NEWS
A team from MIT has successfully used radio signals and deep learning to identify what people are doing in a room without the use of cameras. More
Musk's Neuralink demo was interesting but not a major victory, largely because the subjects were pigs. It turned out to mostly be a recruiting pitch. More
Amazon is delivering nearly two-thirds of its own packages. More
LG is releasing a wearable air purifier. It uses HEPA filters and LED lights to kill bacteria. More
Internet Explorer is finally dead. Officially at least. More
Some Canon cameras can now upload their images straight to Google Photos. More
Companies:
Grid is an Iceland-based company that turns spreadsheets into visual narratives. More
Snowflake IPO'd, and here's some analysis of the filing. More
Salesforce has cut around 1,000 jobs and had a great earnings report that pushed its stock up by 26%. More
Okta's stock has doubled since March due to increased remote auth requirements from COVID. More
SOCIETY NEWS
One theory says the reason we feel so bad is that we've exhausted our "surge capacity" due to serial catastrophes. More
Germany's largest trade union is looking to propose 4-day work weeks to help prevent layoffs. More
New Yorkers are fleeing to the suburbs. The story is about New York, but I imagine the data will soon show that many big cities are doing something similar. More
50 new planets were discovered using machine learning. More
China has recently built at least 200 prison and internment camps to hold tens or hundreds of thousands of Muslims. More
IDEAS, TRENDS, & ANALYSIS
Why Understanding Beats Knowledge More
GPT-3 might represent new challenges for law firms. More
Data Scientists Should Be More End-to-End More
Zoom is Now Critical Infrastructure. More
UPDATES
After discussing it with our community in the UL Slack channel, I decided to update our subscription pricing to match a few other creators and make it weighted heavier towards annual subs. So if you're doing monthly, we're moving from $5 a month to $9.99, which is $120/year. But subscribing for a year takes that down by half to $59.99. If you're already on the annual plan your price will go up by $0.83 cents per month, which is hopefully tolerable. : ) Once again, thank you all for being supporters. It means a great deal to me that you find my work valuable.
I was rather affected by the loss of Chadwick Boseman. On Twitter I wrote: "I feel ashamed to be so affected by his loss, given that the way I learned about him is through Black Panther—a comic book movie. But he did such a great job of conveying kindness and strength. It was just beautiful. Fiction matters. He was brilliant. He’ll be missed." More
I've changed the theme for UL from security, tech, and humans....to security, tech, and society. Many have complained that "humans" was a bit ambiguous, so hopefully "society" both implies the human element while making it clear that it's also about how humans interact with each other.
Last week I said that Sullivan—the former CISO at Uber—was arrested for the handling of their breach announcement, but in fact he was just charged, not arrested. Engadget got the story wrong, and I trusted them as a reputable source. This is why we must remain vigilant over our delicate web of trust. Apologies.
DISCOVERY
I just bought NOMAD's new wireless charging mat, the Base Station Pro. The big feature for me was the ability to drop your device anywhere on the mat, as opposed to having to perfectly align it. More
How to Write in Plain English More
A stellar 85-megapixel image of the moon. More
Common mistakes made during interviews. More
Riot released a Game Design curriculum for free. More
Cory Doctorow has released a new book called How to Destroy Surveillance Capitalism, and he's put it out as a blog post as well. More
Meditation as a shield against the attention economy. More
Vuln Cost — An open-source security scanner for VS code. More
URLGrab — A Go-based web spider. More
Parth — Heuristic Vulnerable Parameter Scanner More
RECOMMENDATIONS
The Bellingcat Podcast — A podcast about using Open Source Intelligence to track down nearly impossible clues to solve mysteries. If you're into OSINT, Recon, Intelligence, or anything of the like—you'll love this. More
APHORISMS
“Character is simply a habit long continued.”
~ Plutarch
Thank you for supporting this work.
