Infosec news
Verizon put out its Data Breach Investigations Report for 2017, with some key findings being: 73% of attacks were financially motivated, 75% of attacks being tracked down to external attackers (which means 1/4th are insider attacks?), email was the #1 malware delivery mechanism (vs. web drive-by), and half of the attacks used malware. Link
Chipotle is investigating a credit card breach around the times of March 24th to April 18th. Link
The United States Air Force is launching a bug bounty as part of the Defense Department's continued exploration of community outreach. Link
Wikileaks says the CIA is embedding web beacons into documents to see how they are leaked, who opens them, etc., using a tool called Scribbles. Link
The NSA is no longer allowed to surveil Americans without warrant who mention a foreign intelligence target. Link
Fake game guides have infected 2 million Android users through the Google Play store. Link
Google and Facebook lost $100M in a phishing scheme involving a fake Asia-based manufacturer. Link
New York is looking at technology that could be used by police to determine whether a car crash was caused by texting while driving, and the software is being developed by Cellebrite, which is the Israeli company that sells phone hacking software. Link
Someone stole the upcoming season of Netflix's Orange is the New Black, tried to get a ransom for it, and then released it to the internet after they failed to pay. Link
Researchers have found that adding noise to images can confuse Google's Cloud Vision API. Link
Technology news
Taser is heading into the crime prediction market, and plans to use its campaign of free body cameras for police for realtime facial recognition. Essentially, they become a computer vision company, with millions of police streaming data into Taser's cloud and returning various probabilities to the officers. Link
Amazon's Echo Look is a camera accessory that you control with your voice and shows you what your outfit looks like, and even gives recommendations. Link
China's Tencent, Alibaba, and Baidu are tech powerhouses, and it's time for the west to notice. Link
An artificial womb successfully grew baby sheep. Link
Livestreaming in China is becoming a new form of entertainment. Link
Google has adjusted its search ranking algorithm in attempt to filter fake news. Link
Serverless is coming, and DevOps won't work the same there. Link
Human news
Exercise keeps the mind sharp in people over 50, according to a new study. They found that aerobic exercise improved the cognitive functions of thinking, reading, learning, and reasoning, while weight training improved the executive functions of memory, planning, and organizing. Link
A Twitter employee making $160,000 / year convincingly describes how broke he is because he lives in San Francisco. Link
American Airlines raised flight attendant and pilot salaries to make them more competitive with Delta and United, and Wall Street tanked their stock. Link
Exploration of the Doggo language phenomenon. Link
A list of book recommendations from TED 2017 speakers. Link
Cassini's stunning images of Saturn. Link
Why economic mobility is becoming so difficult. Link
🔆 A woman with perfect pitch listens to a musician play his own songs on piano, so they could be saved. Because he can't remember how to play them anymore. Link
Ideas
In 2008 I wrote a long piece on "Lifecasting" and how it would change society. I just read it again after reading all this lifestreaming stuff out of China recently, and I think it holds up pretty well. Link
You know what I want? A concise, 1000 word argument for why climate change is obvious. I can do it for evolution. I can do it for god not being real. I can do it for free will being an illusion. Why is it so hard to do it for climate change? I already believe the science, but it shouldn't require this much belief. My best argument for it right now is this XKCD piece, which is en embarrassment to the field. If you know of a clean, updated argument that leaves no question, point me to it. Link
We can use RF to see through walls. And we can use AI to tell us what RF is seeing. Combine that with mixed/augmented reality glasses or lenses, and we're completely in the future. Link Link
Why You Should Be Using More Emoji Link
Discovery
Burp Suite Mobile Assistant : a new tool to facilitate testing of iOS apps with Burp Suite. Link
A Forrester paper on the state of vulnerability management. Link
Countercept's DOUBLEPULSAR Script: now not only detects but also can uninstall the malware. Link
Schneier's analysis on the NSA and CIA leaks. Link
The U.S. Army's advice on how to deal with drones. Link
More analysis of the DBIR report showing major differences in attacks across industries. Link
CopyCat: a universal MiTM web server. Link
SSH Scan: an SSH configuration and policy scanner. Link
The a16z podcast on QR, AR, and VR. Link
Postal: a full featured and open source alternative to Mailchimp / Sendgrid. Link
Home Assistant: an open-source framework for automating your home. Link
Security Monkey: monitor your AWS and GCP accounts for policy changes and alerts on insecure configurations. Link
Notes
🎙 I'm giving an IOActive webinar on some observations and trends in infosec on Tuesday morning at 10AM Pacific. If you're interested you can sign up here. Link
I bought some Ethereum last week at $48 and it's now at around $85. Just bought some more as well. I hope I'm not being overly influenced by "Missed the Bitcoin Boat Bias". Definitely something to watch out for. Link
I'm currently reading The Three Body Problem, and it's simply the best science fiction book I've read since, well, forever. Link
Recommendations
Remember that VPNs don't prevent the government from spying on you, especially if you're logging in at the resource you're using. VPNs only stop your ISP from seeing what you're doing. The vendor your using at the other end is still potentially fair game. If you're logging in, you make it far easier to be tracked.
If you only read one article this week, make it this one. Link
Aphorism
"All men are children, and if a woman understands that, a woman understands everything." ~ Coco Chanel
|
|
|
|