- Unsupervised Learning
- Posts
- Unsupervised Learning Newsletter No. 280
MEMBER EDITION | EP. 280 | Monday: May 10, 2021
SECURITY NEWS
The US has declared an emergency due to the ransomware attack against the Colonial oil pipeline. The pipeline carries around 100 million gallons of oil a day, which is 45% of the oil requirement of the east coast. It went offline on May 7th and still isn't back up. The Darkside ransomware gang is evidently behind the attack, and you have to wonder if they knew the size of this bear before they punched it. This is the type of thing that gets you put on the drone list. More More
NSA is warning organizations against connecting OT technologies to the internet, saying doing so unsafely will result in "indefensible levels of risk". More
Recorded Future says we're about to see a major increase in the number of Deepfake attacks. People have been saying this for a while, but they're starting to see more people talking about them and selling them on the Darkweb, so they think we're close to critical mass. More
Insurer AXA has stopped ransomware payouts in France in order to remove the incentive for attackers. More
Google is about to start automatically enrolling people's accounts into 2FA. Bravo. Sometimes you have to help the customer drink. More
A number of US banks are deploying AI-powered cameras that can monitor both customers and employees for key behaviors and activities. Examples include: detecting open doors, open tills, people camping near ATMs, etc. More
The Strategic Support Force (SSF) branch of the People's Liberation Army (PLA) in China has purchased a bunch of antivirus software from American, European, and Russian companies. It's believed that they're using it either to test their own malware against it, or to look for vulnerabilities. More
Mental health startups are increasing in number, but what happens if they get breached? This happened to one of them and they lost the conversations had between customers and their therapists. More
The US Air Force and Navy are going to allow their Pentagon staff to work 50% remote indefinitely. More
Two men were arrested in Mumbai with 7kg of uranium. More
Vulnerabilities:
There are 21 new vulnerabilities in the Exim MTA, 10 of which are remotely exploitable. More
Pulse Secure has fixed an 0-day in their SSL VPN appliance. More
VMware has patched a critical vulnerability in vRealize Business for Cloud. More
Cisco has released updates to multiple products, including SD-WAN. More
MicroTik's RouterOS has a number of remote authenticated vulnerabilities. More
Peloton had a flaw in its API that allowed an attacker to pull customer data such as age, weight, location, and workout stats. More
Incidents:
The city of Tulsa was hit by a ransomware incident over the weekend. More
Companies:
TECHNOLOGY NEWS
Verizon has sold Yahoo and AOL to a private equity firm for $5 billion, which is a fraction of what they were purchased for just a few years ago. More
Zoom has launched a new feature called Immersive View that allows everyone to look like they're part of a single virtual room, like sitting at a table across from you. More
Google also provided guidance on remote work, asking employees to work in the office approximately 3 days a week, but also saying that they could work remotely if they wanted to. More
Companies
Oura raises $100 million to continue into personalized health. More
Square's revenue rose 266% in Q1, and brought in $5 billion in revenue vs. an expected $3.4 billion. This was greatly helped by a significant return on their Bitcoin investment. More
Cloudflare crossed 4 million customers in Q1 and their revenue beat expectations. More
HUMAN NEWS
The US added just 266,000 jobs in April, which was far less than expected. A number of experts are guessing that many people are staying out of the labor market because they're receiving significant government assistance. Montana is stopping some of its unemployment benefits in an attempt to get more people to apply to open positions. More
The US is supporting the waving of COVID-related patents to help increase the speed to market for new products. More
Canadians are flying south to get vaccinated in the US where supply is high and demand is falling. More
Doctors at UCSF say California is 'weeks away' from herd immunity to COVID. More
It looks like we're about to see psilocybin and MDMA become mainstream treatments for depression. More
A new study has shown it's possible to improve memory and even defend against Alzheimer's disease by eating a Mediterranean diet. More
The etymology of the word "decide" is the killing of choice. More
California's population has declined for the first time in over a century. More
CONTENT, IDEAS & ANALYSIS
Sustainable Content Creation — Exploring how content creators in security and other fields can remain content creators without sacrificing their mental health. More
NOTES
I am very close to finishing my re-read of The Red Queen, by Matt Ridley. It's quite a bit more security-relevant than I remember, but also more sexuality and mating related, which is a bit odd. My first reading was long before the Me Too movement and I now have different sensors for certain topics, including many in the book. Not that I think the book is bad, or wrong about anything that I can tell, but I doubt any author would frame things the same way today. But the book overall is fantastic, and I'd absolutely love to extract all the biological Red Queen concepts and do a multi-day workshop on how they apply to both infosec and business.
I'm working on a new Vim tutorial based on 5 levels of Goku. I think it might be epic. Teaser
DISCOVERY
ATT&CK v9 — What's new in v9 of the ATT&CK framework? More
80/20 is the new Half-ass. More
The best Ursula Le Guin books. More
Why rich parents have rich children. More
Belonging is Stronger Than Facts More
A Brookings Institute panel on China's Arctic Activities and Ambitions More
Herman Miller has brought back its Chicklet chair. More
There are towns in Italy that are paying for people to move there and telecommute. More
Someone please help me not buy this knife. Also this one. More
Sam Harris and Ricky Gervais are launching a paid podcast together, and it goes live today. More
WaybackURLs — A tool for pulling old URLs for a given domain from The Wayback Machine as part of security testing. More
RECOMMENDATIONS
If you used to enjoy finding and listening to new music, but you've found yourself only listening to your old favorites, force yourself out of the habit. I think one's ability to enjoy new music is something of a proxy for mental youth and curiosity. This is something you cen force yourself to maintain, and you can get it back if you have lost it. Find new music that's considered high-quality by other and force yourself to listen multiple times—like you used to. Learning to enjoy new things keeps the mind nimble.
APHORISMS
“Weakness is more opposed to virtue than is vice.”
~ Francois De La Rochefoucauld