Monday, September 25, 2023

What I'm Reading 9/25/2023

 Linux gives up on 6-year LTS kernels, says they’re too much work

How network security can save security dollars

SMEs overestimate their cybersecurity preparedness

How Equifax Was Breached in 2017

Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters

Engineering-Grade OT Protection

Every Network Is Now an OT Network. Can Your Security Keep Up?

Chinese hackers have unleashed a never-before-seen Linux backdoor

DHS Publishes New Recommendations on Cyber Incident Reporting

2 major tech companies cancel conferences in SF; 2024 projected to be challenging year

China caught – again – with its malware in another nation's power grid

Analyst: MGM losing $4.2M-$8.4M a day because of cyberattack

MGM, Caesars Face Regulatory, Legal Maze After Cyber Incidents

MGM, Caesars Cyberattack Responses Required Brutal Choices

Youth hacking ring at the center of cybercrime spree

DHS council seeks to simplify cyber incident reporting rules

Solarium Commission wants action on stalled cybersecurity recommendations

On the Cybersecurity Jobs Shortage

India's biggest tech centers named as cyber crime hotspots

New Revelations from the Snowden Documents

Windows Subsystem for Linux gets new 'mirrored' network mode

Keeping Google’s search secrets protects its monopoly, DOJ argues in court

YouTube suspends Russell Brand from advert income

Elon Musk: Social media platform X, formerly Twitter, could go behind paywall

Ozempic Can Cause Major Loss of Muscle Mass and Reduce Bone Density

Medicine is plagued by untrustworthy clinical trials. How many studies are faked or flawed?

DHS council seeks to simplify cyber incident reporting rules

Working Remotely Can More Than Halve an Office Employee’s Carbon Footprint

Michael Bloomberg Is Throwing $500 Million at Efforts to Shut Down All U.S. Coal Plants

How Cisco is Addressing the Widening Skills Gap

Restoration of a dumpster Tektronix 2465B oscilloscope

Monday, September 18, 2023

What I'm Reading 9/18/2023

How Google Authenticator made one company’s network breach much, much worse

With 0-days hitting Chrome, iOS, and dozens more this month, is no software safe?

Will Cyber Security be Replaced by AI?

DHS warns of malicious AI use against critical infrastructure

DoD: China's ICS Cyber Onslaught Aimed at Gaining Kinetic Warfare Advantage

CISA Releases Continuous Diagnostics and Mitigation Program: Identity, Credential, and Access Management (ICAM) Reference Architecture

Why Identity Management Is the Key to Stopping APT Cyberattacks

Caesars says cyber-crooks stole customer data as MGM casino outage drags on

The Wachowskis and the Hacker as a progressive archetype

America’s Advanced Manufacturing Problem—and How to Fix It

Why Resumes Are Dead & How Keeps Killing the Job Market

The spectacular downfall of a common, useless cold medicine

“Most notorious” illegal shadow library sued by textbook publishers [Updated]

Google hid evidence by training workers to avoid words monopolists use, DOJ says

Here’s exactly what Google will argue to fight the DOJ’s antitrust claims

Long wave radio fans mourn fading frequencies

Urban oases combine roof gardens and solar panels

Replanting Logged Forests With Diverse Mixtures of Seedlings Accelerates Restoration

Study: U.S. dietary recommendations for protein intake are too low

CIA bribed its own COVID-19 origin team to reject lab-leak theory, anonymous whistleblower claims

California passes first-in-the-nation data broker deletion tool

Sunday, September 10, 2023

I'm Back - What I'm Reading 9/10/2023

Sorry for the long absence (pfft, who am I kidding?  no one reads this).  I intended to be back the week after DefCOn but life happened.  I was sick and work piled up, but here I am now.  Lucky you, imaginary readers and voices in my head.


On the 10th anniversary of the Snowden revelations

Microsoft, Google Take on Obsolete TLS Protocols

Cybersecurity Builds Trust in Critical Infrastructure

Cisco security appliance 0-day is under attack by ransomware crooks

Mystery solved? Microsoft thinks it knows how Chinese hackers stole its signing key

How China gets free intel on tech companies’ vulnerabilities

Move Over, Software Developers – In The Name Of Cybersecurity, The Government Wants To Drive (the comments are entertaining)

OWASP Top 10 API Security Risks – 2023

‘Five Eyes’ nations release technical details of Sandworm malware ‘Infamous Chisel’

China turns to AI in hopes of creating viral online propaganda, Microsoft researchers say

The International Criminal Court will now prosecute cyberwar crimes

Ukraine war: Cyber-teams fight a high-tech war on front lines

Elon Musk says he withheld Starlink over Crimea to avoid escalation

X sues Calif. to avoid revealing how it makes “controversial” content decisions

Appeals Court Rules White House Overstepped 1st Amendment on Social Media

The Judgement -

AI-generated child sex imagery has every US attorney general calling for action

Weight-loss drugs Ozempic and Wegovy also protect your heart

“We’re not ‘gatekeepers,’” Apple and Microsoft tell European Union

The demand for hybrid work is only growing, according to a new Deloitte report

90% Reduction: Scientists Discover Natural Molecule That Eradicates Plaques and Cavities

A Senior Engineer's CheckList

Is Google's looming monopoly trial a watershed moment for Big Tech?

How to pass the interview for software engineering roles in Big Tech - Handbook

When “Punch a Nazi” Goes Wrong

Tech workers now doubting decision to move from California to Texas

An effort to ban caste discrimination in California has touched a nerve

Monday, July 10, 2023

What I am Reading 7/10/2023

Log4j bug exploited to push novel EarlyRat malware

MOVEit app mass-exploited last month patches new critical vulnerability

336,000 servers remain unpatched against critical Fortigate vulnerability

SSH Servers Hit in 'Proxyjacking' Cyberattacks

Vulnerability in Cisco Enterprise Switches Allows Attackers to Modify Encrypted Traffic

Vulnerabilities in PiiGAB Product Could Expose Industrial Organizations to Attacks

3 Critical RCE Bugs Threaten Industrial Solar Panels, Endangering Grid Systems

Technician Indicted for Hacking California Water Treatment Facility

One third of security breaches go unnoticed by security professionals

Botnets Send Exploits Within Days to Weeks After Published PoC

Businesses are ignoring third-party security risks

Employees worry less about cybersecurity best practices in the summer

5 Things CISOs Need to Know About Securing OT Environments

Submarine Cables Face Escalating Cybersecurity Threats, Report

US’s largest grid operator must process and connect backlogged clean energy projects

Judge rules White House pressured social networks to “suppress free speech”

China curbs exports of key computer chip materials

The real reasons why sharks attack humans

San Francisco loses 2 big conferences

Once hailed for decriminalizing drugs, Portugal is now having doubts

The Underground Economy of Company Reviews

Why there are so many cybersecurity vendors, what it leads to and where do we go from here

Top Suspect in 2015 Ashley Madison Hack Committed Suicide in 2014

Tuesday, July 04, 2023

What I am reading 7/4/2023 - Happy Independence Day

 Clop ransomware group added five new victims of MOVEit attacks to its dark web leak site, including Schneider Electric and Siemens Energy.

America aims for nuclear-power renaissance

The Energy Transition Isn't

The tech flaw that lets hackers control surveillance cameras

Fortinet fixes critical RCE flaw in FortiNAC zero-trust product

Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers

Chinese Hackers Using Never-Before-Seen Tactics for Critical Infrastructure Attacks

New Fortinet's FortiNAC Vulnerability Exposes Networks to Code Execution Attacks

China's 'Volt Typhoon' APT Turns to Zoho ManageEngine for Fresh Cyberattacks

Harvard Scholar Who Studies Honesty Is Accused of Fabricating Findings

CS 61A: Structure and Interpretation of Computer Programs

50 of the Greatest Summer Novels of All Time

SolarWinds Execs Targeted by SEC, CEO Vows to Fight

We're Now Finding Out The Damaging Results of The Mandated Return to Office — And It's Worse Than We Thought.

Canada is going to war with Google, and it might not win

Minister Fraser launches Canada’s first-ever Tech Talent Strategy at Collision 2023

The forced return to the office is the definition of insanity

Op-ed: Why the great #TwitterMigration didn’t quite pan out

Linda Yaccarino’s vision for Twitter 2.0 emerges

Microsofties still digesting pay freeze upset by Nadella's 'landmark year' memo

US Wants To Make More Stingers, But it Needs to Revive Production Technology Nearly from Scratch

Sunday, June 25, 2023

What I am Reading 6/25/2023 - Post Russian Coup Edition

 No coup stuff -  I have no freakin idea what's going on

Heat is battering Texas’s power grid. Are giant batteries the answer?

Green electricity won’t help with pollution disparities

Incentives for Advanced Cybersecurity Investment [by Electric Utilities]

Federal incentives could help utilities overcome major cybersecurity hurdle: money

Two Energy Department entities breached as part of massive MOVEit compromise

The US Navy, NATO, and NASA are using a shady Chinese company’s encryption chips

Why Legacy System Users Prioritize Uptime Over Security

Millions of Americans’ personal DMV data exposed in massive MOVEit hack

Critical Barracuda ESG Zero-Day Linked to Novel Chinese APT

Hackers can steal cryptographic keys by video-recording power LEDs 60 feet away

Why is it so rare to hear about Western cyber-attacks?

Thousands of realistic but fake AI child sex images found online, report says

US might finally force cable-TV firms to advertise their actual prices

FCC chair to investigate exactly how much everyone hates data caps

Twitter CEO starts fighting Musk’s battles, paying Musk’s overdue bills

Texas will require parental consent for kids to use social media

Google risks forced breakup of ad business as EU alleges shocking misconduct

Amazon accused of tricking Prime customers

Ex-Samsung executive alleged to have stolen tech to recreate chip plant in China

Is the US trying to kill crypto?

The Shitty Stack System: How Microsoft's ruthless employee evaluation system annihilated team collaboration.

Study: Aging population could be a drag on economic growth

U.S. Seeks 70-Month Prison Sentence for YouTube Content ID Scammer

Nigerian engineering students’ favorite teachers are Indian YouTubers

Towards Accountable Capitalism: Remaking Corporate Law Through Stakeholder Governance

Self-Study the Basics of Computer Science

‘His ideas resonate’: how the Unabomber’s dangerous anti-tech manifesto lives on

Africa’s Richest City Is Crumbling Under Chaos and Corruption

The Online Books Page

21st-century editors should keep their hands off 20th-century books

Wednesday, June 14, 2023

What I am Reading 6/12/2023 - Two Days Late Edition

 Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!

How Attorneys Are Harming Cybersecurity Incident Response

Cisco fixes AnyConnect bug giving Windows SYSTEM privileges

Mass exploitation of critical MOVEit flaw is ransacking orgs big and small

10 years after Snowden's first leak, what have we learned?

Government Cyber Policy: The Way We Were, Are and Will Be

20 cybersecurity projects on GitHub you should check out

Public sector apps show higher rates of security flaws

Elon Musk Says Twitter Is Going To Get Rid Of The Block Feature, Enabling Greater Harassment

Inside 4chan’s top-secret moderation machine

White House needs to urgently fix nation’s approach to protecting critical infrastructure, group says

Network Perception wants to give more visibility into OT networks

Department of Defense AI principles have a place in the CISO’s playbook

The US is getting its first new nuclear reactor in 40 years

The US is building factories at a wildly fast rate

The Birth of the Grid