A new joint Cybersecurity Advisory (CSA) has been released from CISA, FBI, and NSA addressing increased concern around Russian State-sponsored attacks against US Critical Infrastructure. The advisory comes amid increased tensions regarding Ukraine and Kazakhstan. More
Russia’s FSB says they raided and arrested multiple members of the REvil ransomware gang. They hit 25 residences owned by 14 members across multiple Russian cities. This is widely seen as a response to pressure from the US and other countries around Russia’s allowing ransomware groups to operate in the country. Cynical voices in the security community wonder how much this was for show, how severely they’ll be punished, and how many of them will just end up working for FSB. Acqui-Raid? MoreRaid Video
DHL-branded emails have dethroned Microsoft as the most-used brand lure for phishing emails. Interesting that it’s DHL and not a more popular carrier like Amazon/UPS/FedEx. More
Microsoft is warning of a nasty strain of malware that’s currently being targeted at Ukrainian organizations. At first it looked like ransomware, but more reports are saying it’s actually wiperware. More | More
CISA has added 15 more known-exploited vulnerabilities to its catalog, including all-time hits from bands like VMware, Chrome, Win32K, WinVerify, Oracle WebLogic, Fortinet, PAN-OS, IBM WebSphere, and Elastic Kibana! More
You’ve heard of package thieves. Well, now it’s moved to the trains that carry the packages. One representative at Union Pacific estimates around 90 cargo containers a day are compromised, often by organized crime groups. This is what happens when some people are less useful to the economy than a robot or an AI, and a small percentage at the top wait to have their expensive packages delivered to their doorsteps. And then combine that with a lack of policing. More | Viral Tweet of Ransacked Containers
Vulnerabilities:
January 2022 Patch Tuesday | Curl, Libarchive, Windows More
Zoho Desktop Central and Desktop Central MSP | Critical | Read Data | Write Files More
Cisco Unified Contact Center Management Portal and Unified Contact Center Domain Manager | 9.6 | PrivEsc to Admin More
3 WordPress Plugins | 84K sites | High | CSRF More
TECHNOLOGY NEWS
Moxie Marlinspike has stepped down as the CEO of Signal. More
You can now use Shazam to identify music using a Chrome Extension. More
The founder of Second Life is coming back to play his hand at metaverse. I like his odds, because it seems he saw the vision of what was coming a long time ago. More
HUMAN NEWS
Israeli researchers found that a fourth booster is largely ineffective against Omicron. These results are calling into question the wisdom of continued vaccine mandates. I’m personally pro-mandate, but when the data change, we should change our minds with them. The problem is that—for the time being—government bureaucracy will always move slower than the science of variants and vaccine efficacy. And ignorance, cynicism, and conspiracy bloom in the gap between them. More
Inflation is at a 40-year high, with prices jumping 7% in just one year. More
People devote a third of their waking time to mobile apps, with TikTok use growing the fastest. More
More than 1 million fewer students are in college. More
Netflix has raised its prices from $14 to $15.50 in the US, and from C$15 to C$16.50 in Canada. More
Gallup says Americans are reading less than in 1990 and 1999, when we peaked at an average of 18.5 books read per year (including only partially). I call bullshit. Most Americans I casually ask about reading haven’t read 18 books in their entire life, let alone per year. I think this is the kind of polling that got Trump elected in 2016, i.e., giving answers they thought the interviewer would want to hear. More
CONTENT, IDEAS & ANALYSIS
Gaming is Metaverse 1.0 — How gaming and metaverse are more alike than different, and the two many axes that they progress along.More
Your Value Comes From Your Output — My latest piece on how to avoid distracting shortcuts when trying to get a seat at the table, whether that’s at work or in a particular community you admire. More
Beware of Alternate Meaning Loops (2017) — With all this talk about metaverse, I thought this was a timely addition. The piece talks about how we might be bad at maintaining multiple Life Loops. More
