Unsupervised Learning Newsletter No. 281

News & Analysis

STANDARD EDITION | Ep. 281 | Monday: May 17, 2021


Darkside, the ransomware group that ransomed Colonial, has largely gone dark after its servers and Bitcoin were seized. Its blog, payments collection site, and its CDN have gone offline. The most interesting thing to me about this story is that the attack appears to have been somewhat accidental, and the attack was actually on the company's IT systems and not their OT systems. But it turns out that if your IT systems don't work you can't do things like, "operate your business", so it ends up hurting almost as much as an OT attack anyway. More

Biden signed an executive order on cybersecurity, with three top highlights: 1) multifactor authentication for all federal agencies within 6 months, 2) breach disclosure requirements based on the severity of the incident, and 3) a star rating system for the security of software sold to the government. More Analysis

Verizon DBIR 2021: The primary trends for this year's DBIR report were web application attacks, ransomware, and credential stuffing. 85% of breaches involved a human element. Ransomware doubled to 10% of breaches. And external cloud assets were compromised more than on-prem assets. More

A security researcher has found a collection of major vulnerabilities in WiFi that affect most products that are in use today. Practical attacks don't appear trivial to carry out yet, but that could change as the bugs are better understood and people have time to make tooling. Patches have started to come out from some vendors, but it will take time due to the fact that the bugs affect so many products over multiple decades. More

Microsoft has released a free tool called Counterfit for testing AI-based security systems. It automates the launching of different types of attacks to see how AI-based systems respond, and they partnered with MITRE to release an ATT&CK style Adversarial ML Threat Matrix. More

OpenSSH 8.2 now works extremely well with U2F/FIDO2 security keys, meaning you can easily create a hardware-based keypair using ssh-keygen -t ecdsa-sk and have things work well without elaborate hacks of your SSH configs. More

Insurer AXA recently decided not to pay out for ransomware payments, and they are now dealing with a ransomware attack of their own. A ransomware group called Avaddon says they've stolen 3TB of data from AXA's Asian operations. More

The Pentagon is thinking about shutting down the JEDI cloud project due to all the legal drama around who it was awarded to. Amazon has been fighting the situation ever since the contract ever since it was awarded to Microsoft. More

The DHS is now monitoring public social media posts for signs of extremist beliefs and behaviors in an attempt to prevent situations like January 6, 2020. They appear to be focusing less on finding people, but rather on specific themes, narratives, and related plots. More

Vizio makes nearly as much from selling your data and selling ads as it does from selling the actual hardware. This is yet another example of where 'cheap' often equates to 'subsidized by selling your data'. More

A report from the Center for Countering Digital Hate says only 12 people are responsible for 65% of COVID-related misinformation being shared online. More

Cloudflare is looking to replace CAPTCHAs with physical security keys. It's a cool idea, but requires that websites adopt it. More More

Arlington Research says 85% of customers running Microsoft 365 have suffered email data breaches. More

Brian Krebs says adding Russian or Ukrainian as a virtual keyboard language will stop a lot of malware. More


  • Microsoft Patch Tuesday Analysis: .NET, Exchange, NNI, and more. More

  • SAP patches major flaws in Business One and Netweaver. More

  • Magecart hackers are hiding PHP backdoors in favicons. More


  • Ireland's publicly funded healthcare systems had to shut down all its IT systems after it was infected by ransomware. More

  • Insurance company CNA has finally recovered from their ransomware incident. More

  • Rapid7 says their source code was accessed as part of the Codecov supply chain hack. More


  • SecurityScorecard has partnered with HackerOne to bring vulnerability data to its security ratings. More

  • Cisco has purchased Kenna Security. More

  • Panaseer has raised $26.5 million to monitor the state of security controls across company assets. More


GPT-Neo is a new, free version of GPT-3. The biggest difference between GPT-3, which is not free, and GPT-Neo is that GPT-3 has much larger models. GPT-Neo has 2.7 billion parameters while GPT-3 goes up to 175 billion. More

STADIA, Google's video gaming service, looks to already be in major trouble. Google seems completely unable to make a cohesively good product anymore (functionality + usability). I don't understand how their product people are allowed to constantly fail, for like a decade, without anyone catching on that there's a problem. Someone said they've become the Oracle of the tech world, and I am starting to agree. More

Esports seems to be moving away from teams and leagues and towards influencers and streaming. A big reason for this is that the athletes themselves were prohibited from promoting themselves over their teams, which wasn't sustainable. I think the more sustainable model is individual first—connected through looser and more temporary affiliations. More


  • Kin raises $64 million for data-driven home insurance. More


Top industry experts are now saying that the lab leak theory of how COVID initially spread is not conspiracy thinking, and that it needs to be taken seriously. This is something we've talked about here at Unsupervised Learning multiple times. Basically there were legitimate political sensitivities around being anti-China that were stopping this from being explored, but the fact is that this exact type of research has been going on for a very long time, and similar leaks have happened multiple times both in the US and in Asia. So it's quite possible that it simply happened again in the case of COVID-19. More

Consumer prices (see inflation) rose the most since 2009 in April, and it caused a major disturbance in the stock market. More

McDonald's, Chipotle, and others are raising wages to address the lack of applications to open positions. More

China has landed its Zhurong rover on Mars. More

It's really hard to sell a book. The New York Times says 98% of books sold in 2020 sold fewer than 5,000 copies. And Bookstat says 96% of online books sold fewer than 1,000 copies. Only 11 books sold more than 500,000. More

Consumer Reports says Tesla Model 3 owners are the happiest car owners. As one such owner, I can say I'm definitely part of that cohort. More

Target has stopped selling Pokemon cards in physical stores because of the risk of violence between people trying to attain them. More

California has a $75 billion dollar budget surplus due to higher than anticipated tax revenue. More

The University of California is dropping the SAT for admission consideration. More

The firefighter community has a problem with arsonists. One expert says around 100 serial arsonists, working as firefighters, are convicted every year. More


The Ultimate Drug is Belonging — I think Belonging is at the bottom of most conspiracy thinking and truth denial we see today. Facts can and will be ignored if they're coming from a group that people think has abandoned them. Namely, "the elites". We must understand this if we want to make progress in any given conversation, and it shows us very clearly why "the deplorables" narrative does nothing but make things worse. More


Currently re-reading How Innovation Works by Matt Ridley. More


The Purpose of Purpose More

43 years and 14 billion miles later, Voyager 1 is still sending us valuable data. More

Game Developer Salary Comparisons More

Ten Rules for Negotiating a Job Offer More

An EFF Threat Modeling Lesson More

Why Israel and Palestine Are Fighting More

FireEye's DARKSIDE gang analysis. More


I'm really enjoying this hilarious, improv-based podcast called A Mission to ZYXX. It's basically a bunch of voice actors doing a sci-fi adventure. Really good. More


“Freedom is nothing else but a chance to be better.”

~ Albert Camus