NO. 363 | FrontView Mirror: 2023 Edition


Exploring the intersection of security, technology, and society—and what might be coming next…

Standard Web Edition | January 3, 2023

NO. 363 | FrontView Mirror: 2023 Edition

New Content

💡FRONTVIEW MIRROR: 2023 EDITION 
💡MY PHILOSOPHY AND RECOMMENDATIONS ON THE LASTPASS BREACHES

SECURITY NEWS


In a bit of Deja Vu from LastPass, Okta has now revealed that attackers have stolen source code from its GitHub repositories. This comes after it was hit by Lapsus earlier in 2022. They said no customer data was accessed, but LastPass has us all waiting for other shoes to drop. MORE

Two people have been charged in a Ring camera swatting spree after hacking Yahoo! email accounts for access. They used the stolen credentials to gain access to the accounts and then made fake emergency calls to the victims’ addresses so they could watch the responses through the hacked Ring cameras. MORE

A ransomware attack at a Louisiana hospital has impacted 270,000 patients. The attack happened in October of 2022 and resulted in the loss of names, addresses, DOBs, medical records, financial information, and more from the affected victims. MORE

Americans lost $10 billion to Indian call center scams in 2022. MORE

The owner of Madison Square garden programmed the MSG facial recognition systems to ban his enemies. Lawyers who were suing him got put on a special list that excluded them from attending events. MORE

Snyk raised another $197 million at a $7.4 billion valuation. MORE

Serbia put its troops on high alert over rising tensions with Kosovo. Kosovo broke away from Serbia during the war in 98′-99′, and now Serbia is accusing Kosovo of planning terror attacks against Serbian areas in Kosovo. MORE

Ukraine is getting 10,000 more Starlink antennas to help with the war, and the funding issues have evidently been solved by multiple European countries pitching in to pay for them. MORE

 
TECHNOLOGY NEWS


Mastodon has gone from 300,000 users to over 2.5 million (in November). MORE

Around 50% of Ethereum-based NFT trading was “wash” trading, which is basically people buying their own NFTs to pump the price. Now do your surprised face. MORE

Hue has a new Natural Light scene that gives you the proper temperature of light based on the time of day. MORE

A study has found that the Apple Watch can accurately predict stress levels based on its health telemetry. MORE

Adobe has a new podcast audio cleanup tool that’s unbelievably good. I don’t see how one would use it in a regular workflow, but for one-off cleanups it’s quite impressive. I hope it ends up in some sort of tool that can be part of a production chain. MORE

HUMAN NEWS


Croatia is now on the Euro and part of the passport-free Schengen zone, meaning if you have an EU passport, you can freely move to and from other member countries. MORE

There’s a new blood test that detects signs of Alzheimer’s years before signs of cognitive decline are detectable. It detected indicators in 10 people in the control group and follow-ups years later revealed that they all ended up with impairment. MORE

The New York Harbor used to be full of sewage, and due to environmental controls, it’s full of life—including Bald Eagles, Humpback Whales, Osprey, Sturgeon, and many other animals. MORE

IDEAS & ANALYSIS


💡FrontView Mirror: 2023 Edition (Members)— My read on what’s on the horizon for 2023 and beyond. READ 

💡My Philosophy and Recommendation on the LastPass Breaches READ

💡My Answer to the “GPT Isn’t Really Creative” Argument READ

NOTES


A Massive 2023
2023 is going to be completely insane for me, and for UL, in the best possible ways. For those that are wondering, I’m essentially doing three main things: 1) consulting using a set of offerings that I’ve built over the last several years, 2) building a number of products and services—one is an Attack Surface Product, another is a Health application, and another two that I’m not ready to talk about yet, and 3) doing the newsletter/podcast. Basically, everything I learn while studying, consulting, and building products gets folded back into the show. The UL community itself isn’t a project; it’s my life. It’s the center of everything. So it’s ever-present and continuous regardless of whatever else I’m doing. Same with studying, reading, and writing. I’ll also be doing some paid speaking on the topics of pursuing fulfillment, coming trends in society, continuous attack surface monitoring, and building security programs. And to be able to do all this, I’m going to be hiring some people to help delegate and scale things. It’s nice to have goals to do 10 different things, but unless you can delegate, and keep things running simultaneously while you work on other things, you’ll end up executing them poorly. Or not at all.

CLI Updates
I like to update my CLI universe every year or two, and over the last few weeks I watched like 15 hours of video on Neovim, Tmux, and just general CLI optimization. I ended up updating my iTerm setup, redoing my Neovim config completely—including a full migration to pure Lua-based configuration, as well as some updates to how I use Tmux (and how Neovim and Tmux work together). For anyone interested, here are my two primiary Vim config files. REPO | SCREENSHOT
 
Infectious Positivity
Overall I’m just super pumped for 23′. I have an energy and mindset like I’ve never had—like I’m removing heavy backpacks and realizing I can run. I can’t wait to see what I can accomplish this year. I’m also imbued with a desire to help others get to a similar place. I’ve been like this all my life. When I experience something cool I try to get all my friends into it. Well, you all are my friends. So please forgive me if you feel me pushing you to do X or Y. I’m not always right, of course, and even when I am, what’s good for me isn’t always good for other people. So feel free to discard the incoming passion and enthusiasm as needed. Just know it’s coming from a good place. 🙂

DISCOVERY


⚒️ uncover — Another phenomenal tool by Project Discovery that uses search engine APIs to discover vulnerable hosts. Includes integrations with Shadan, Censys, FOFA, Hunter, and many more.  TOOL | BY PROJECT DISCOVERY

⚒️ clif — A command-line interface for application fuzzing. Basically like ffuf for local apps. TOOL | BY 0X4NDY | DEMO

Sam Harris’ comments on Elon and Free Speech. Crystal clear, as usual. MORE

Robert Reich on how corporate America is consolidating. MORE

Laid-off tech workers seem to be finding jobs quickly. MORE

RECOMMENDATION OF THE WEEK


1. Buy a domain and start a blog. Not just a blog, but a website. A digital presence.
2. If you already have one, make sure it’s on your own domain, and get everything you do digitally to emanate from your own site.
3. Commit to writing more. You don’t have to take selfies with your food and become an “influencer”. Just be yourself, in public, to whatever degree makes you comfortable.

Those are my tangible recommendations, and if you want my reasons, I’ve captured them here.

This is the year people need to break their reliance on companies for their identity. You are not an employee; you’re a human. And I want to hear from you.

APHORISM OF THE WEEK


“Do whatever you feel most lazy about.”

Unknown





Source link