Monday, July 11, 2022

Sunday, June 19, 2022

The Last Fortnight's Reading 6/19/2022

Sorry, between my nephew's graduation and attending a conference for work I missed last week, but I should be caught up now.

 For Work

Utility/DOE data indicates sophisticated hackers have compromised US electric control centers

ISA Leading Development of Electric Energy Operational Technology Security Profile for IEC 62443 Standard

Dragos launches info portal to fill security gaps in critical infrastructure

Dashy - just a kind of interesting dashboard for monitoring services

Latest Cyberspace Solarium Commission 2.0 Report focuses on cyber workforce

'Shields Up': the new normal in cyberspace

Are Vendors Failing in the Face of Open Source Cyberthreats?

Cyber CEO's US Advisory Work Echoed Sales Pitch His Firm Uses

It’s Time to Rethink Breach Management

China is Exploiting Network Providers and Devices, Says US Cybersecurity Advisory

The Practitioner’s Guide to Vulnerability Management: Implementing a Risk-Based Approach

Vulnerability management mistakes CISOs still make

The Surreal Case of a C.I.A. Hacker’s Revenge

Know your enemy! Learn how cybercrime adversaries get in…

SBOM in Action: finding vulnerabilities with a Software Bill of Materials

Dangerous Repository of DoS, Red Teaming TTPs, and ICS Exploits
( via

Over a Dozen Flaws Found in Siemens' Industrial Network Management System


Not Work

How decentralization and Web3 will impact the enterprise

Google Engineer On Leave After He Claims AI Program Has Gone Sentient

KrebsOnSecurity in New Netflix Series on Cybercrime

Leaked Amazon memo says the company may run out of available labor by 2024

AI trained on 4chan's most hateful board is just as toxic as you'd expect

How Inflation Works

DOE Announces Breakthrough in Residential Cold Climate Heat Pump Technology

Bitcoin drops below $20,000, Ether cracks $1,000 — what this means

The Privatized Internet Has Failed Us

The Fed plans to ‘reset’ the housing market—raising the likelihood of falling home prices

Why the Federal Reserve has made a historic mistake on inflation

Sunday, June 05, 2022

This Week's Reading 6/5/2022 #infosec #cybersecurity

 For Work

Control Loop: The OT Cybersecurity Podcast

How to audit Microsoft Active Directory

Vendor Refuses to Remove Backdoor Account That Can Facilitate Attacks on Industrial Firms

The Security Obstructionism (SecObs) Market

APTs rarely rely on zero-days and typically use public known vulnerabilities

A recession in America by 2024 looks likely

What Companies Need to Know about the Strengthening American Cybersecurity Act (SACA)

Building America's Cybersecurity Infrastructure


Not for Work

Blockchain, the amazing solution for almost nothing

China's military scientists call for development of anti-Starlink measures

Elon Musk on remote work

Why has college gotten so expensive in the last 30 years? Probably because the government handed them a blank check in 1993.

Classified specs leaked on War Thunder forum for third time

Amazon and the Dystopian Future of Book Censorship

Monday, May 30, 2022

This Week's Reading 5/30/2022 #Infosec #Cybersecurity

 Yeah I'm a day late, sue me!  It's not like any of you read this anyways 😀

 For Work

When Your Smart ID Card Reader Comes With Malware

Building a Threat Intelligence Feed using the Twitter API and a bit of code

Snort 3 is available!

Critical Flaws in Popular ICS Platform Can Trigger RCE

Revealed: The semi-secret list of techs Beijing really really wishes it didn't have to import

Cheers ransomware hits VMware ESXi systems

Patching the latest Active Directory vulnerabilities is not enough

Elevation of Privilege is the #1 Microsoft vulnerability category

Why are current cybersecurity incident response efforts failing?

 Not for Work

Biden launches Indo-Pacific economic framework to counter China

China lashes out at US-led Asia-Pacific trade framework

Cryptocurrency OSINT

An Open Plea For One Single Honest Academic

Big Tech loves talking up privacy – while trying to kill privacy legislation

Low-Cost Gel Film Can Pluck Drinking Water From Desert Air

Sunday, May 22, 2022

This Week's Reading 5/22/2022 #infosec #cybersecurity

 For Work

CISA 'temporarily' removes Windows vulnerability from its must-patch list

FBI and NSA say: Stop doing these 10 things that let the hackers in

US warns over risk of hiring North Korea IT workers

The case for consolidation

Canada to ban China's Huawei and ZTE from its 5G networks

DOJ says security researchers won't face hacking charges

US rushes to catch up with China in supercomputer race

CISA to Federal Agencies: Patch VMware Products Now or Take Them Offline

Microsoft patches the patch that broke Windows authentication

SolarWinds ready to move past breach and help customers manage theirs

Not for Work

Web3 is just expensive P2P

Web3 is going just great

‘Extortion’: Why Web3 is making a lot of software developers angry

How Gen Z is hooked on cryptocurrency and NFTs

Muscular men less likely to support social and economic equality, study suggests

What Propels Cancel Culture?

Cyber security: Global food supply chain at risk from malicious hackers

Twitter to hide misleading tweets under new crisis response policy

The wonder material graphene may have found its killer app

More Subprime Borrowers Are Missing Loan Payments

Plastic-eating Enzyme Could Eliminate Billions of Tons of Landfill Waste

Texas, 12 states fire back at tech industry in Supreme Court filings

IT staffing, recruitment biz settles claims it discriminated against Americans

Homeland Security 'pauses' disinformation board three weeks after creating it

Sunday, May 15, 2022

This Week's Reading 5/15/2022 #infosec #cybersecurity

 Work Stuff

Pentagon’s China Warning Prompts Calls to Vet U.S. Funding of Startups

Cisco warns of premature DIMM failures

Beautiful Basics - Series

The stakes 'could not be any higher': CISA chief talks about the tech challenges ahead

Google Created 'Open-Source Maintenance Crew' to Help Secure Critical Projects

A year later, Biden’s cybersecurity executive order driving positive change

NIST Cybersecurity Framework update comments highlight a gamut of needed changes

Utility industry continues to deny that control system cyber incidents are occurring

The Texas electric grid can barely keep the lights on

6 top network security threats and how to beat them

ICS Patch Tuesday: Siemens, Schneider Electric Address 43 Vulnerabilities

What to Patch Now: Actively Exploited Windows Zero-Day Threatens Domain Controllers

CISA Temporarily Removes CVE-2022-26925 from Known Exploited Vulnerability Catalog

May's Patch Tuesday updates make urgent patching a must

Training on understanding, protecting, and securing Industrial Control Systems (ICS) from cyber-attacks.


Non - Work Stuff

Bitcoin falls to 10-month low as stock markets tumble

Satoshi-Era Bitcoin Wallet Awakens with BTC in It Worth 62x in USD

Layoffs and a Silicon Valley Sell-Off Create Shaky Low-Valued 'Unicorn Zombies'

Uber CEO Tells Staff Company Will Cut Down on Costs, Treat Hiring as a 'Privilege'

The End of Industrial Society

It Began as an AI-Fueled Dungeon Game. It Got Much Darker

Cybersecurity has a desperate skills crisis. Rural America could have the answer

Texas law that allows users to sue social networks for censorship is now in effect

The EU Commission is planning automatic CSAM scanning of your private communication – or total surveillance in the name of child protection.

Hawley introduces bill to strip 'woke' Disney of special copyright protections

Cracking the Code: Sneakers at 30

Thursday, May 12, 2022

Just finished Tokyo Vice #books

 I've spent time in Japan so when I saw the Tokyo Vice TV series on HBO Max I was intrigued.  Watched the series and it was good enough I decided to read the book.

 The book is very interesting.  Quite a bit of background on Japanese society and on the Japanese underworld.  Some very sympathetic characters and some real scumbags too.  I recommend it, it's a good casual read but not lightweight and you might expand you're horizons a bit.