What I'm Reading 8/21/2020 - Kamala Harris and Big Tech and How Tech Media Created the Gig Economy

HackRead - US-Cert warns of North Korean BLINDINGCAN malware -

 The report states that in conjunction with the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS), identified a remote access trojan (RAT) deployed by the North Korean government-sponsored hacking group referred as Hidden Cobra by the US government and also infamously known as the Lazarus Group or APT38.

The malware variant ensued by the North Korean threat actors is called BLINDINGCAN and it was used in concurrence with proxy servers in order to maintain a presence in the victim’s system and elongate network exploitation with its built-in functions.

Politico -  California has first rolling blackouts in 19 years — and everyone faces blame -

Earlier Monday, the California Independent System Operator blamed Friday's outages on "high heat and increased electricity demand." Yet some energy experts noted that demand wasn't particularly higher than normal, as is typical for weekends, and CAISO had predicted it would have adequate reserves on hand for the 80 percent of California's grid that it manages.

"What's weird about what happened is they were adequate until they weren't," said Michael Wara, director of Stanford University's climate and energy program and a member of the state's Catastrophic Wildfire Cost and Recovery Commission. "It seems as if certain power plants for some reason were not able to deliver on the commitments to supply reserves and also supply energy."

 SSRN - Words Matter: How Tech Media Helped Write Gig Companies into Existence -

When companies like Uber and TaskRabbit appeared in Silicon Valley, there was a collective media swoon over these new app-based service-delivery corporations and their products. Pundits and journalists made it seem like these companies were ushering in not only an inevitable future, but a desirable one. Their content helped convince the public and regulators that these businesses were different from existing corporations—that they were startups with innovative technology platforms designed to disrupt established firms by efficiently connecting consumers to independent, empowered gig workers. Those in the media normalized and at times generated this rhetoric and framing, which was then taken up by politicians, amplified by academics, and finally enshrined in laws that legalized the business models of these companies. The positive, uncritical coverage prevailed for years and helped pave the way for a handful of companies that represent a tiny fraction of the economy to have an outsized impact on law, mainstream corporate practices, and the way we think about work. The force that powered the swoon was a relatively new and journalistically problematic trend in media: “tech” reporting. 

 The Hacker News - Former Uber Security Chief Charged Over Covering Up 2016 Data Breach -

The federal prosecutors in the United States have charged Uber's former chief security officer, Joe Sullivan, for covering up a massive data breach that the ride-hailing company suffered in 2016.

According to the press release published by the U.S. Department of Justice, Sullivan "took deliberate steps to conceal, deflect, and mislead the Federal Trade Commission about the breach" that also involved paying hackers $100,000 ransom to keep the incident secret.

 Threatpost - Researchers Sound Alarm Over Malicious AWS Community AMIs -

Researchers are sounding the alarm over what they say is a growing threat vector tied to Amazon Web Services and its marketplace of pre-configured virtual servers. The danger, according to researchers with Mitiga, is that threat actors can easily build malware-laced Community Amazon Machine Images (AMI) and make them available to unsuspecting AWS customers.

The threat is not theoretical. On Friday, Mitiga released details of a malicious AMI found in the wild running an infected instance of Windows Server 2008. Researchers said the AMI was removed from a customer’s Amazon Elastic Compute Cloud (EC2) instance earlier this month but is still available within Amazon’s Community AMI marketplace.

Datbreach Today - Lucifer Botnet Now Can Target Linux Devices -

Lucifer, a botnet that has been infecting Windows devices with cryptominers and using compromised systems for distributed denial-of-service attacks, now has the ability to compromise Linux-based systems as well, according to Netscout's ATLAS Security Engineering & Response Team.

SC Magazine - Why we need a federal data privacy law – and how CCPA sets the pace -

The country needs to pass federal privacy legislation to establish a national standard for individual rights. Today, too many state laws exist, creating confusion and duplication. We need to create a national standard that would apply to all businesses and organizations.

By not having a national standard, we miss the opportunity to establish a consistent comprehensive framework for privacy in the United States. Without a federal law states have passed their own laws. Today, California, Nevada and Maine have privacy laws, but many other states have bills working their way through legislatures. Many of these state efforts are based in part on the California Consumer Privacy Act (CCPA), which went into effect January 1, 2020.

NY Times - How Kamala Harris Forged Close Ties With Big Tech -

For Ms. Harris, a Bay Area politician, connections to tech have been essential and perhaps inescapable. In past campaigns — her two elections to be attorney general, her successful run for the Senate and her failed bid for the Democratic presidential nomination — she relied on Silicon Valley’s tech elite for donations. And her network of family, friends and former political aides has fanned throughout the tech world.

Those close industry ties have coincided with a largely hands-off approach to companies that have come under increasing scrutiny from regulators and lawmakers around the world. As California’s attorney general, critics say, Ms. Harris did little to curb the power of tech giants as they gobbled up rivals and muscled into new industries. As a senator, consumer advocacy groups said, she has often moved in lockstep with tech interests.