I recommend reading this in its native typography at Unsupervised Learning: No. 137

—

Subscribe here to get this in your inbox every week.

Security News





The DHS is launching a new group to protect critical infrastructure. Link



Cisco is buying Duo Security for $2.35 billion. Link



Reddit had a security incident related to SMS 2FA, and their write-up on it is quite solid. I can actually gain trust in a company if they do an incident report well, and I think they’ve done that here. Link



It’s possible to identify individual Twitter users using only metadata. Link



BurpSuite has a new crawler, which allows for automatic session management. As a web app tester, this is fantastic news. Link



A number of sources are reporting that spam is increasing, and one often-mentioned reason is the decline of Adobe exploits. It’s an interesting lesson that economics is about changes and externalities. 



CompTIA now has a new penetration testing certification, called PenTest+. Link



Marina Butina—the Russian spy working in the U.S.—evidently blew her cover by getting drunk and bragging. This is very common for  Link 



Venezuela’s President has survived a drone strike assassination attempt. Link



North Korea is building more nuclear missiles. Link



Russia sold 84% of its U.S. debt between March and May of 2018. Russia said they just wanted to get more into gold, but given the information warfare campaigns they’ve been running against us, I can’t help but jump right to a pre-attack shorting move. No hard data to back that up—just a feeling. Link





Technology News





Draw This is an instant camera that creates cartoons using machine learning. Link



T2F is text-to-face generation using deep learning. You describe a person and it gives you an image. Link



Full genome sequencing is down to around $500 now, at least for this company. I’ll probably give it some time and see how the reviews are before I try it. But I’ll do it soon. Link



40% of VCs went to Harvard or Stanford. Link



BookTubers are YouTube influencers focused on books and reading. Link





Human News





Captain Picard is back in a new Star Trek series! Picard is the epitome of a true leader in my mind, and what I learned from that character continues to inform me even now. I bet he’s going to teach us this time (among other things) about the value of truth and facts in a world full of misinformation. Just a guess. Link



A Stanford study has linked depression to the lack of an over-the-counter supplement called Acetyl-L-Carnitine. Link



There’s a new, elegantly simple card game called The Mind that is attracting a cult-like following. Link



Even mild dehydration can impair cognitive performance and mood. Link



Bacteria are starting to adapt to the alcohol in hand sanitizer. Link



A study by Bank of the West found that almost 70% of millennials regret buying their homes. Link



Japan is urging workers to take Monday morning off to combat overwork. Link



The FDA may soon approve MDMA for treatment of PTSD. Link



France has banned smartphones from classrooms. Link



Young workers aren’t interested in construction jobs. Link



Parents are hiring Fortnite tutors for their kids. Link





Ideas, Trends, & Analysis





Many believe that blogs are less popular (and less read) now because of the shuttering of Google Reader, and the subsequent consolidation of content consumption on platforms like Twitter, Facebook, Reddit, and Medium. Link



I’m reading the Superforecasting book, and the high-level summary of what makes a top-tier predictor is someone who is dedicated to self-improvement. This makes sense to me because it’s consistent with someone who doesn’t cling to the past—including past opinions. When the information changes, your opinion changes with it. Link





Discovery





BurpSuite has a new crawler. Link



Burp’s new crawler has automated session handling. Link



Burp’s new crawler can handle changes in application state. Link



Leonardo Da Vinci’s to-do list from 1490. Link





Notes





I’ll be in Vegas this week for BlackHat / DEFCON, and you should come by the IOAsis to help us celebrate 20 years. We’re at the House of Blues on Wednesday the 8th, and we’ll have a ton of security talks, plenty of hydration and caffeine, as well as massages! And new for this year, we’ll have the EA Experience Gaming Zone, where you can play some of the newest EA games.



I’ll also be available around BH/DC to chat about my Attack Surface Monitoring service HELIOS. TL;DR: it monitors your external attack surface—both on-prem and cloud—and tells you almost instantly when something dangerous gets exposed. So if someone makes a mistake and accidentally puts a database on the internet, leaves a web admin interface out there, exposes data via S3 buckets—and dozens of other types of exposures—you’ll know immediately via API push, Splunk, Slack, etc. Reach out to me here if you want to arrange a chat.



Books I’ve read recently: Subscribed, The Accidental Universe, Venture Deals, Origin Story, The Order of Time, Factfulness. And I’m currently reading Superforecasting.



And thank you so much to those of you who sent in fiction ideas. I received almost a hundred responses on that, and they were fantastic. I now have a solid queue of fiction titles as well! The first two are going to be The Way of Kings and The Blade Itself.





Recommendations





Consider running  ssh-keygen -p -o -f $PRIVATEKEY on your SSH keys to remove a vulnerability related to SSH key storage formats. Link

 



Aphorism





“There are two kinds of fools: those who suspect nothing, and those who suspect everything”.



~ Charles Josef de Ligne

—

I spend between 5 and 20 hours on this content every week, and if you're someone who can afford fancy coffee, please consider becoming a member for just $5/month…

Start Membership

Thank you,

Daniel