Unsupervised Learning: No. 137

Subscribe here to get this in your inbox every week.

Security NewsThe DHS is launching a new group to protect critical infrastructure. LinkCisco is buying Duo Security for $2.35 billion. LinkReddit had a security incident related to SMS 2FA, and their write-up on it is quite solid. I can actually gain trust in a company if they do an incident report well, and I think they’ve done that here. LinkIt’s possible to identify individual Twitter users using only metadata. LinkBurpSuite has a new crawler, which allows for automatic session management. As a web app tester, this is fantastic news. LinkA number of sources are reporting that spam is increasing, and one often-mentioned reason is the decline of Adobe exploits. It’s an interesting lesson that economics is about changes and externalities. CompTIA now has a new penetration testing certification, called PenTest+. LinkMarina Butina—the Russian spy working in the U.S.—evidently blew her cover by getting drunk and bragging. This is very common for  Link Venezuela’s President has survived a drone strike assassination attempt. LinkNorth Korea is building more nuclear missiles. LinkRussia sold 84% of its U.S. debt between March and May of 2018. Russia said they just wanted to get more into gold, but given the information warfare campaigns they’ve been running against us, I can’t help but jump right to a pre-attack shorting move. No hard data to back that up—just a feeling. LinkTechnology NewsDraw This is an instant camera that creates cartoons using machine learning. LinkT2F is text-to-face generation using deep learning. You describe a person and it gives you an image. LinkFull genome sequencing is down to around $500 now, at least for this company. I’ll probably give it some time and see how the reviews are before I try it. But I’ll do it soon. Link40% of VCs went to Harvard or Stanford. LinkBookTubers are YouTube influencers focused on books and reading. LinkHuman NewsCaptain Picard is back in a new Star Trek series! Picard is the epitome of a true leader in my mind, and what I learned from that character continues to inform me even now. I bet he’s going to teach us this time (among other things) about the value of truth and facts in a world full of misinformation. Just a guess. LinkA Stanford study has linked depression to the lack of an over-the-counter supplement called Acetyl-L-Carnitine. LinkThere’s a new, elegantly simple card game called The Mind that is attracting a cult-like following. LinkEven mild dehydration can impair cognitive performance and mood. LinkBacteria are starting to adapt to the alcohol in hand sanitizer. LinkA study by Bank of the West found that almost 70% of millennials regret buying their homes. LinkJapan is urging workers to take Monday morning off to combat overwork. LinkThe FDA may soon approve MDMA for treatment of PTSD. LinkFrance has banned smartphones from classrooms. LinkYoung workers aren’t interested in construction jobs. LinkParents are hiring Fortnite tutors for their kids. LinkIdeas, Trends, & AnalysisMany believe that blogs are less popular (and less read) now because of the shuttering of Google Reader, and the subsequent consolidation of content consumption on platforms like Twitter, Facebook, Reddit, and Medium. LinkI’m reading the Superforecasting book, and the high-level summary of what makes a top-tier predictor is someone who is dedicated to self-improvement. This makes sense to me because it’s consistent with someone who doesn’t cling to the past—including past opinions. When the information changes, your opinion changes with it. LinkDiscoveryBurpSuite has a new crawler. LinkBurp’s new crawler has automated session handling. LinkBurp’s new crawler can handle changes in application state. LinkLeonardo Da Vinci’s to-do list from 1490. LinkNotesI’ll be in Vegas this week for BlackHat / DEFCON, and you should come by the IOAsis to help us celebrate 20 years. We’re at the House of Blues on Wednesday the 8th, and we’ll have a ton of security talks, plenty of hydration and caffeine, as well as massages! And new for this year, we’ll have the EA Experience Gaming Zone, where you can play some of the newest EA games.I’ll also be available around BH/DC to chat about my Attack Surface Monitoring service HELIOS. TL;DR: it monitors your external attack surface—both on-prem and cloud—and tells you almost instantly when something dangerous gets exposed. So if someone makes a mistake and accidentally puts a database on the internet, leaves a web admin interface out there, exposes data via S3 buckets—and dozens of other types of exposures—you’ll know immediately via API push, Splunk, Slack, etc. Reach out to me here if you want to arrange a chat.Books I’ve read recently: Subscribed, The Accidental Universe, Venture Deals, Origin Story, The Order of Time, Factfulness. And I’m currently reading Superforecasting.And thank you so much to those of you who sent in fiction ideas. I received almost a hundred responses on that, and they were fantastic. I now have a solid queue of fiction titles as well! The first two are going to be The Way of Kings and The Blade Itself.RecommendationsConsider running  ssh-keygen -p -o -f $PRIVATEKEY on your SSH keys to remove a vulnerability related to SSH key storage formats. Link Aphorism“There are two kinds of fools: those who suspect nothing, and those who suspect everything”.~ Charles Josef de Ligne

No related posts.