Captain's Log, Stardate 2021.08.06

circle
circle

Captain's Log, Stardate is an ongoing series, published every Friday, highlighting interesting cyber news from the past week. To continue the discussion on any of these topics, join us on Slack

J1_Ambassador Hunter @2x

Pegasus Spyware: How It Works and What It Collects | Zero Day/Kim Zetter
Revelations about Pegasus surveillance software continue to come a week after a consortium of 17 media outlets began publishing stories about the spy tool. The media outlets that participated in the Pegasus Project Consortium, reported that the software sold to governments for monitoring terrorists and criminals has been abused by repressive regimesRead the full story...


Department of Energy Heavily Redacts Documents on Homer Simpson Blog | Vice/Aaron Gordon

On April 4, 2018, the Department of Energy's Office of Nuclear Energy published a blog titled "7 Things The Simpsons Got Wrong About Nuclear." Although the blog acknowledged "we do recognize that this show is a parody with the intent to entertain," it went on to point out that despite the animated series' depiction, fuel rods are not actually used as paper weights and Nuclear power plants do not cause mutations. Read the full story...

Watch a Hacker Hijack a Capsule Hotel’s Lights, Fans, and Beds | Wired/Andy Greenberg
When staying in a “capsule hotel,” the Japanese style of budget accommodation that packs guests into tiny, adjoining rooms not much bigger than their bodies, be considerate of your neighbors. Especially if the capsule hotel you're staying in offers digital automation features—and a hacker is staying in the next room over. That's a lesson one pseudonymous security researcher will share in a presentation on his experiences hacking a capsule hotel's automation systems today at the Black Hat hacker conference in Las Vegas. Read the full story...

DarkNet Diaries | Jack Rhysider
"True stories from the dark side of the Internet" is the tagline for this engrossing podcast series. Honestly, I can't stop listening. This is a podcast about hackers, breaches, shadow government activity, hacktivism, cybercrime, and all the things that dwell on the hidden parts of the network. Recent episodes include "Zero Day Brokers", "The Police Station Incident", "Mariposa", "The Pirate Bay"... you get the picture. Careful, though, this is as much of a blackhole as YouTube. You may never come up for air. Read the full story...

Policy as Code: How We Do It | Tony Ramirez
If you only read the first two sentences of this blog, this should be your takeaway:  Policy as Code provides a roadmap to verify the processes in security and governance that should be automated, while supplying teams a blueprint to build and meet those requirements. This blog post is the first in a multi-part series on understanding policy as code. Moving forward we cover topics such as how you should tackle your current gaps, and how to utilize automation overseeing your policy goals. Read the full story...

Resources

Modern Visibility in Cyberseccurity

avatar

Posted By Mark Miller

Mark Miller speaks and writes extensively on DevOps and Security, hosting panel discussions on tools and processes within the DevOps Software Supply Chain. He actively participates in the DevOps/DevSecOps community by building DevSecOps tracks at security conferences such as RSA Conference, InfoSec Europe, CD Summit, AppSec USA and AppSec EU.He is the Senior Storyteller and Senior Director of Community and Content at JupiterOne. As well, Mark is Executive Producer of the DevSecOps Podcast Series (475K+ listens), and the Executive Editor of the LinkedIn DevOps Group (115K+ members).

To hear more from Mark, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.

PREVIOUS ARTICLE