Did it have any noticable effects on SL, which has either just now completed, or is about to complete, the uplift to AWS?
Evidently Amazon Web Services is or was having issues today and basically everything that uses AWS was crippled or inoperative because of it. Including, interestingly, my local news channel's website.
In October, Tesla offered some of its customers an upgrade to its “Autopilot” driver-assistance system called “Full Self-Driving.” Anyone familiar with how Tesla cars work knows that “Autopilot” isn’t really “autopilot,” and “Full Self-Driving” isn’t “full” either. For now, the feature allows a car to stay within lanes on a road, automatically brake in an emergency, turn, and respond to traffic signals on its own. But the company warns drivers to “not become complacent” because the vehicle “may do the wrong thing at the worst time.” Indeed, within days of FSD’s launch, a YouTube video showed a Tesla trying to drive itself into a parked car. Tesla called FSD “beta” to underscore that it was a work in progress.
Safety and automotive leaders condemned Tesla for exposing its customers—and everyone else who shares the roads—to unnecessary risk. PAVE, a nonprofit providing education about autonomous vehicles, blasted the company for “using untrained consumers to validate beta-level software on public roads,” calling this “dangerous and inconsistent with existing guidance and industry norms.” An association representing truckers warned that “while [FSD] may be a fun experiment for Tesla’s customers, public roads are our members’ workplace.”
According to a post on a company blog title Important steps for customers to protect themselves from recent nation-state cyberattacks, Microsoft list the following techniques that have been used by nefarious agents to conduct the relatively recent sophisticated cyberattacks.
While the above are highlights mentioned by Microsoft in this particular post, the company’s full 2020 Digital Defense Report goes further in-depth discussing specific criminal groups, their activity during the COVID-19 pandemic, and a community approach to cybersecurity among other things. Even as Microsoft attempts to become a proprietor of cybersecurity, the company acknowledges that its efforts are, “only a small piece of what’s needed to address the challenge.”
- An intrusion through malicious code in the SolarWinds Orion product. This results in the attacker gaining a foothold in the network, which the attacker can use to gain elevated credentials. Microsoft Defender now has detections for these files. Also, see SolarWinds Security Advisory.
- An intruder using administrative permissions acquired through an on-premises compromise to gain access to an organization’s trusted SAML token- signing certificate. This enables them to forge SAML tokens that impersonate any of the organization’s existing users and accounts, including highly privileged accounts.
- Anomalous logins using the SAML tokens created by a compromised token-signing certificate, which can be used against any on-premises resources (regardless of identity system or vendor) as well as against any cloud environment (regardless of vendor) because they have been configured to trust the certificate. Because the SAML tokens are signed with their own trusted certificate, the anomalies might be missed by the organization.
- Using highly privileged accounts acquired through the technique above or other means, attackers may add their own credentials to existing application service principals, enabling them to call APIs with the permission assigned to that application.
Slave labor is the answer.
“Just figure it out!” screams Jeff Bezos at underlings after hearing of man who provides overnight shipping worldwide on Christmas EveThough Amazon is known for its quick turnaround times between order placement and fulfillment, it has yet to achieve the feat this entrepreneur – referred to only as “Mr. C” in internal Amazon documents – is advertisingwww.thebeaverton.com
I suppose all the LED tricks are really just TOSLINK without the cable, lol
- LED-it-Go - exfiltrate data from air-gapped systems via an HDD's activity LED
- Fansmitter - steal data from air-gapped PCs using sounds emanated by a computer's GPU fan
- BitWhisper - exfiltrate data from non-networked computers using heat emanations
- POWER-SUPPLaY - steal data by turning the power supply into a speaker