News & Analysis | No. 249

I spend 5-20 hours a week consuming books, articles, and podcasts that explore the intersection of security, technology, and society. Then every Monday morning I send out the best of what I found. Sign up here >. Get the weekly version >.

MY ESSAYS

Operation Fortify: A US Ransomware Plan More

Cyber Pearl Harbor is Happening Right Now — It’s Ransomware More

Ransomware Groups Add a Third Threat Vector: DDoS More

SECURITY NEWS

The President of the United States, his wife, and several members of his inner circle have contracted Coronavirus. This adds an additional layer of uncertainty to US elections that are in less than a month. More

Github has rolled out its code scanning feature to all its users, which lets people know if they’ve added code with known security flaws. More

Right after Trump said he had COVID, some people on Twitter noticed some E-6B’s taking off and landing, which are used to manage US missile defense operations. They started speculating, which turned into a major Twitter event. Turns out, they fly all the time, so nothing had really changed. This is a great example of why it’s important to ask questions when you hear about something new. Questions like, “Is this new because we’re just now learning about it, or because it’s truly rare?” “When was the last time this happened, and what were the circumstances?” Etc. More

After saying for months that their breach did not affect customers’ bank details, Blackbaud has now revealed that this in fact did happen, including unencrypted versions of account numbers, social security numbers, and username/password combinations. More

Vulnerabilities: 

  • Grinder had a serious vulnerability that allowed you to reset anyone’s password just by having their registered email address. More
  • QNAP continues to tell their users to update and to be vigilant for ransomware. They seem to be in this position quite often. More

Companies:

  • Cloudflare has launched a free API security tool called Cloudflare API Shield. This is super smart given how much trouble people have with API security. More
  • Axis Security raises $32 million to help secure remote workers. More
  • Cisco has purchased PortShift to get into the DevOps and Kubernetes spaces. More

TECHNOLOGY NEWS

Google Assistant has an awesome new feature called “Hold For Me”, which will wait on hold for you while you do other things. I love the innovation Google is doing around phone calls. More

Amazon has launched a new product called Amazon One, which lets you scan into a location using your palm. They’re demoing it at a couple of Amazon Go stores in Washington, but hope to sell it to lots of other places. More

Tesla crushed predictions and shipped nearly 140,000 vehicles last quarter. More

Cloudflare has rolled out a web analytics offering to compete with Google that stresses privacy by not gathering information on site visitors. More

Unscreen is a new product that can remove backgrounds not just from images, but from videos. More

Twitter is continuing to roll out voice tweets to more users. More

Facebook has launched an app called Forecast, which does “crowdsourced predictions”. It lets you make predictions about things, which are then scored over time. Kind of reminds me of the book, Superforecasting. More

Companies:

  • Amazon’s Prime Day is October 13th and 14th. More
  • Golden is a company that wants to ‘map all human knowledge’, and it just raised $14.5 million in a Series A from Andreessen Horowitz, DCVC, and Gigafund. 
  • PandaScore has raised €5 million for its   AI-powered eSports data dashboards. More

HUMAN  NEWS

Xi Jinping has shocked the climate change community by saying he will have his country’s carbon emissions peak before 2030, and that he expects to reach carbon neutrality by 2060. More

Morgan Stanley is buying E*Trade. More

New York City thinks half of its restaurants will close permanently. More

Publishers are getting worried because digital book borrowing rates have increased by 52% since March. More

Undergraduate degree enrollment has fallen significantly during COVID, but post-grad enrollment is up. This seems like part of the disturbing trend of the marketable (those with degrees) seeking to become more so, while those who are less marketable (those without college) are giving up. More

Girls Who Code says half of young women will leave their tech jobs by age 35. More

Actively speaking multiple languages reduces the chances of cognitive impairment, with locales that speak more than one language experiencing dementia prevalence that’s 50% lower. More

Mars is as close to the Earth this week as it will be for another 15 years. More

IDEAS, TRENDS, & ANALYSIS

Do Things That Don’t Require Scale More

An argument that a better way to think about China and Taiwan is not “will they invade or not”, but rather as a Civil War that was put on pause during WWII and has never ended. More

UPDATES

I’m in the process of redoing my RSS feeds in Feedly. I used to have my tags, or categories, listed fairly generally, e.g., security, technology, etc. But now, with so many feeds, it’s hard for me to get through all the titles while still filtering for context and quality. In other words, I need to be able to adjust how skeptical I am of something based on the source, and this is hard to do when I’m looking at 797 articles. So what I’m doing now is breaking my categories into smaller pieces, like, “news-high-quality, news-political-analysis, security-disinformation, tech-social-discovery”, etc. This tells me the level of caution I should employ, and the frame of mind I should be in, when parsing content. As part of that, I’m also pruning a lot of sources and focusing on fewer, higher-quality sources. We’ll see how it goes. Early Screenshot

DISCOVERY  

Thinkst Canary — Three minutes of setup and nearly zero false positives in detecting threats on your network. More

ASMRION — A generator of soothing sounds. More

INTEZER — Track the use of libraries with offensive capabilities by threat actors. More

You can now use IPINFO to resolve IPs to hostnames very quickly. IPINFO is absolutely one of my favorite recon tools! More

GHunt — A tool that gathers lots of Google-based information on someone based on just their Gmail address. More

RECOMMENDATIONS

Enjoy the Best—Not the Latest—Media. “Go by the average rating, not popularity. It’s better to watch something a million people love than something 10 million people watched and consider okay.” More

APHORISMS

“The difference between successful people and really successful people is that really successful people say no to almost everything.”

~ Warren Buffet


If you get value from this content, you can support it directly by becoming a member. Being a member gets you access to the newsletter every week instead of just twice a month, access to the UL Slack Channel, the UL Book Club, the UL Archives, and access to future member-only content.

monthly-subscription


annual-subscription


Uncategorized