Unsupervised Learning Newsletter NO. 316

MEMBER EDITION  | NO. 316 | JAN 31 2022

SECURITY NEWS

QNAP is warning NAS users of Deadbolt ransomware attacks. The attack encrypts the entire storage system and redirects the login to a page asking for $1,100 in Bitcoin. More

The FBI is warning against blindly scanning QR Codes and taking action after following the links. They say to: 1) check the URL, 2) look for signs of tampering on the code itself, 3) don't download apps from codes, 4) don't make payments based on following a code, and 5) if someone you know sends you a code, confirm with them directly. More

A PRIVESC vulnerability has been discovered in Linux's PolKit system utility that allows attackers on many distros to execute commands as root. The vulnerability has been there for over 12 years, but we just now noticed it. More

The Port of Los Angeles has opened its new Cyber Resilience Center (CRC) focused on information sharing around supply chain stakeholders. IBM won the $6.8 million contract to keep the port safe from cyber-attacks in late 2020. More

The US has revoked the license to operate for China's 'China Unicom' over serious national security concerns. The FCC order stated that the company was, "subject to exploitation, influence, and control by the Chinese government and is highly likely to be forced to comply with Chinese government requests without sufficient legal procedures subject to independent judicial oversight." I am honestly very thankful that our government is still functional in this way. More

A report has found that crypto money laundering has risen by 30%. More

Apple paid a $100,000 bounty for an exploit against Safari and macOS that allowed attackers to hijack a user's account and webcam. More

Companies:

• Censys | Attack Surface Management | $35 Million More

• HackerOne | Bug Bounty | Series E | $49 Million More

TECHNOLOGY NEWS

Elon Musk says robots will be a bigger business than cars over time. More

The iPhone has become the top phone in China for the first time in 6 years. More

It looks like Meta's cryptocurrency, 'Libra', is dead. They're looking to sell their assets. More

It only takes 45 minutes to go from you ordering something on Amazon to it being loaded on a truck. Amazon gets 10 million orders a day, which is 115 per second. More

Citrix is being purchased by Vista and Evergreen/Elliott for $16.5B cash deal. More


HUMAN NEWS

A new study identified four factors that could increase the chances of getting Long Covid: 1) viral load, 2) auto-immune antibodies, 3) presence of the Epstein-Barr virus, and 3) Type 2 diabetes. More

Since 2010, Americans have increased their time spent on their phones by 25% a year, and we're now at 4 hours and 23 minutes, which is 30% of their waking time. More

Roughly half of US 18-29-year olds still live with their parents (46%). This is the highest rate since 1940. The lowest rate was in 1960, at 29%. More

Moderna has started trials of an Omicron-specific Covid vaccine. More

Bruce Springsteen has joined Neil Young and Joni Mitchell in pulling their libraries from Spotify due to their support of Joe Rogan on vaccines. More

One survey says nearly a quarter of young American investors has used TikTok for financial advice. More

In 2024 the SAT exam will get shorter, simpler, and will go digital. Non-profit FairTest says over 76% of 4-year colleges will not mandate a standardized test for admittance. More


CONTENT, IDEAS & ANALYSIS

Frontview Mirror | 2021 Edition — My post from last year about what might be coming and how to prepare. I reread it this week and found it better than I remembered. Reposting in case you missed it. More 

Robots > Cars — Musk's comments that robots will be bigger than cars resonate with me. There is a lot of money to be made in replacing human labor. It's not the role of a business to employ humans. The role is to provide the service as cheaply and consistently as possible, and where that can be done without problematic human workers, many businesses will happily transition. Expect this rise of robots to closely track with the rise of the metaverse. They both involve a declining need for humans to do anything but remain peaceful.

NOTES

I asked about software or services that can help with plagiarism, and some nice people recommended this app called Harvel. I'm giving it a try. More
 

DISCOVERY

"Tearfully waving out the train window as my girlfriend runs alongside…" More
 

"Security is about space and time. Time is a security property. Space is a security property. You want adversaries as far out from where you are. You want adversaries to have as little time on target as possible. It all comes back to the fundamentals." More | by J Wolfgang Goerlich

Stop Brainstorming More

Hiring for Conscientiousness — Why more startups should hire conscientious people, and how to find them. More

How I Found Thousands of Open Databases on AWS More
 
[ STATIC ANALYSIS ] GitHub Code Search — Hakluke got a chance to preview GitHub's new code search functionality, which is massively improved over the previous version. One key feature is exact string matching. Importantly, it won't just show you your own code, but code all across GitHub. Expect this to become a major new way of finding bugs. More | by Hakluke

[ OFFSEC ] Hundreds of Docker images for network intrusion. More
 
[ CI/CD Security ] GitHub Actions by Example — An introduction to GitHub actions through a set of examples. More

[ RED TEAM ] Moonwalk — Cover your tracks during Linux Exploitation / Penetration Testing by leaving zero traces on system logs and filesystem timestamps. More | by Mufeedvh

[ SECURE CODING ] Dacquiri — Identifies and eliminates authorization errors by turning them into compile errors. More | by d0nut

[ SOFTWARE SUPPLY CHAIN ] It Depends — A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories. More | by Trail of Bits | Example Graph


RECOMMENDATION

"When working with people, assume good intentions. When listening to people, interpret their words in a generous way. You will occasionally get burned and mistreated by always assuming the best in others, but it is a far better way to live than the opposite." — James Clear


APHORISM

“Life decreases in direct proportion to the force of desire.”

— Honore de Balzac