Unsupervised Learning Newsletter No. 304

News & Analysis
October 25, 2021

MEMBER EDITION  | Episode 304 | Monday: October 25, 2021


CISA, FBI, and NSA are warning of BlackMatter ransomware tool attacks targeting US critical infrastructure, including two entities within US Food and Agriculture. More

Microsoft says Russia-based Nobelium, which was behind the Solarwinds attack, is still targeting the global IT supply chain, and that they've attacked 140 MSPs and cloud service providers since May of 2021—with at least 14 of those resulting in successful breaches. More

Microsoft says Russia's top intelligence agency, the S.V.R, has launched another cyber campaign to penetrate thousands of US government, corporate, and think tank computer networks. This comes only months after Biden sanctioned Russia for previous similar operations.
Cybersecurity talent will soon be able to make up to $332,100 working for the Department of Homeland Security. They are also going to change how they hire talent, placing more emphasis on things like simulations and external validation of skill, such as hacking competitions. I think this is super smart of them, and congrats to Jen Easterly for making these changes. More 

Researchers trained an ML algorithm to guess 4-digit pins 41% of the time, even if the subject is covering the pad with their hands. More

New York Times journalist Ben Hubbard had his phone compromised with NSO Group's Pegasus spyware in 2020 and 2021. There is evidence the attacker was Saudi Arabia, but the evidence is not conclusive. More

Russia and China held joint warship patrols for the first time in the Western Pacific last week, which were closely watched by Japan. More

A woman on TikTok did a video about requesting her data from Amazon and getting back thousands of audio recordings organized into folders. She also got back a bunch of contacts she didn't remember sharing. She probably accepted all this in the EULA, but it's still interesting to see what smart speakers are storing, and I'd love to see this type of analysis on all the platforms. More

There's a large black market for fake vaccine certifications, especially for those from the EU and the CDC. More


  • Malware found in UAParser.js NPM Package More

  • Tesco website hit by attackers in UK, resulting in a multi-day outage where people couldn't buy groceries online. More


  • CISA is urging people to patch a critical RCE in the Discourse forum/mailing list management system. More

  • Kubernetes Ingress-Nginx More

  • The ZTE MF971R portable router has multiple vulnerabilities, including XSS, Config Overwrite, and a Malicious Redirect. More


  • Deep North raises $16.7 million to track people from camera footage. More



Facebook is looking to change its name to something related to the Metaverse. I think this is super smart, and super cool that they're going so hard into metaverse. But I also agree with Kara Swisher that it's a way to deflect criticism on the social media side towards a new person not named Mark Zuckerberg. More

Amazon is now a bigger shipper than FedEx, putting them at third behind UPS and the USPS. Their trajectory is quite steep compared to the top two, however, so they could become number one within a year or two. This is after having zero percent of the share in 2014. More

Nassim Taleb has clarified that he's not "bearish" on Bitcoin, saying it's just as dumb to short it as it is to buy it right now. Don't really know what to say about that. Taleb is a character, and he's smart. I guess that's what I can say. More

Parralel is a sci-fi card game based on Ethereum, and they've raised $50 million at a half-billion dollar valuation. They're currently selling content for the game as NFTs, but the game itself hasn't yet been built. The world is strange right now. More

Google just released the Pixel 6 phone, and it's getting far more attention from general enthusiasts and the media than any other Android phone I can remember. They're also getting great reviews, and they're hundreds of dollars cheaper than iPhones. Good job, Google. Respect. If I weren't in the Apple ecosystem I'd definitely be using Pixel devices. More

Android 12 just came out. As an Apple enthusiast I have to give the team props. At least from the videos I've seen and the descriptions of features, the OS is starting to look really good. I'm particularly impressed with how color is used in a contextual way. More



Johns Hohpkins Medicine has received the first federal grant for research on psychedelics in 50 years. More

Paris is looking to become a 100% cycling city witihn four years. More

There's a new meme in Republican circles called, "Let's Go, Brandon", and it comes from an interview after a racecar event where someone named Brandon had just won something, and in the background the fans are chanting "Fuck Joe Biden!". Brandon could hear it and was ignoring it, and the reporter said, "...you can hear the crowd chanting 'let's go Brandon'". It's not clear if she knew or not, but I'm betting she was doing real-time reality adjustment for the sake of TV. More

78% of Republicans want to see Trump run in 2024. More

The risk of taking daily asprin has just been massively re-evaluated, and most people who take it are now being advised not to. The TL;DR is that brain bleeding risk is now believed to be much higher than before, thus overiding the benefit from lowering the chance of heart attack. Although they still recommend it for people with a high chance of heart attack. More

Vikings were chopping down trees in America in 1021, over 400 years before Columbus arrived. More

The wealthiest 10% of Americans own 89% of all stocks. More



Some Quick Thoughts on Crypto (October 2021) — A short piece of UL Member Content on how I see crypto, the metaverse, NFTs, and Bitcoin. And why I'm in Ethereum. More

Everyday Threat Modeling (2020) — My approach to threat modeling, with some examples from everyday life. More

Wokeism Will Elect Trump in 2024 — A predictive piece illustrating how the extreme left will get Trump elected again in 2024. More



I have decided the main way I'm going to delineate public from UL-Member content. Basically, anything that's oriented towards helping UL Members prepare for the future—whether that's analysis of trends, career stuff, pattern analysis, resilience against possible outcomes, etc.—that's mostly going to be for members. The essay above on crypto/metaverse/NFTs is an example of that. I like that feeling. Basically, it's me, and us in the community, in Slack, etc., all trying to figure out what's coming next, and how best to be ready for it. What do you think about that delineation?

The new Dune movie is very good. 9/10 from me. What I liked about it is that the narration strategy allowed the acting to be the main character. And the visuals worked to enhance rather than detract from the acting.

I'm currently reading Pinker's new book, Rationality, and finishing our book club book of the month.



Potion — A new website builder based on Notion. More

The Usefulness of Useless Knowledge — A great argument, with examples, for how giving creative people the freedom to tinker is essential to progress. More

We Analyzed 425,909 Favicons More

The Dowling Method for learning Latin More

JS-Sequence-Diagrams — Turn text into UML sequence diagrams. More


A Metaverse Primer — An in-depth 9-piece series of explainers on the Metaverse. More



"Life consists in what one is thinking of all day."

~ Ralph Waldo Emerson