Last week I was off attending IRISSCON in Dublin and so there was no update, and this week I’ve been at the SAN EU security awareness summit - so while I have been hearting things for the last two weeks, I’ve not had a chance to put them down.
I don’t want to miss two weeks in a row - so I’ll give you a quick download and hopefully normal service will resume next week!
Chat app Knuddels fined €20k under GDPR regulation
The chat platform violated GDPR regulation by storing passwords in clear text and for this reason, the regulator imposed its first penalty under the privacy regulation.
- Chat app Knuddels fined €20k under GDPR regulation | Security Affairs
IOC Origins
Richard Bejtlich gives a historical view into the origins of IoC’s
- The Origin of the Term Indicators of Compromise (IOCs) | TaoSecurity
The spread of low-credibility content by social bots
The massive spread of digital misinformation has been identified as a major threat to democracies. Communication, cognitive, social, and computer scientists are studying the complex causes for the viral diffusion of misinformation, while online platforms are beginning to deploy countermeasures. Little systematic, data-based evidence has been published to guide these efforts. Here we analyze 14 million messages spreading 400 thousand articles on Twitter during ten months in 2016 and 2017. We find evidence that social bots played a disproportionate role in spreading articles from low-credibility sources.
- The spread of low-credibility content by social bots | Nature.com
The $1M SIM Swap
A 21-year-old has been accused of SIM-swapping the mobile number of a Silicon Valley executive in order to steal roughly $1 million in cryptocurrency.
A day in the life of a trickbot hunter
Nice writeup!
Crypto hacking
If you maintain any software libraries that deal with cryptocurrency wallet private key, there's a huge incentive for hackers to compromise your library's dependencies, and dependencies of dependencies. That's what happened with this npm package
- I don’t know what to say | GitHub
Get SaaSy
The NCSC's new SaaS security collection provides a lightweight approach for determining the security of any SaaS application. The collection also includes security reviews of the 12 most asked-about SaaS services used across UK government.
- SaaS security - surely it's simple? | NCSC
Today's Deep Learning "AI" Is Machine Learning Not Magic
Well, if AI isn’t magic, I should update my Uncybered browser plugin!
Chinese Ramp up AI
When I read stories like this, my worry that machines will take over human jobs subsides. In this story, Chinese cities have rolled out AI-powered facial recognition technology to identify jaywalkers (because I’m sure they’ve solved every other crime out there).
The results… well, can you say dystopian?
I hope to be this petty some day
Zuckerberg told Facebook execs to stop using iPhone after Tim Cook privacy comments | Apple Insider
Although, is it as petty as 50 Cent?
50 Cent buys 200 tickets to Ja Rule concert to keep seats empty in ongoing feud | CBS news
Other stories of interest
- I still miss my headphone jack, and I want it back | Fast Company
- AWS has released some free training | AWS
- Regular Exercise May Keep Your Body 30 Years ‘Younger’ | NY Times
- The Next Data Mine Is Your Bedroom | The Atlantic
- The Wartime Spies Who Used Knitting as an Espionage Tool | Atlas Obscura
