Unsupervised Learning Newsletter No. 282

News & Analysis

MEMBER EDITION |Ep. 282 | Monday: May 24, 2021

SECURITY NEWS

William Arkin, a former US Army Intelligence soldier from 1974 to 1978 says there is a secret Pentagon force of tens of thousands of civilians and contractors operating as intelligence personnel both in person and in a cyber capacity. Arkin was nearly prosecuted by the Army for publicly revealing the locations of US and Russian nuclear sites, and he's written a number of books calling out what he believes are secret government operations. His background both adds to and takes away from his credibility, in my opinion, and I honestly hope it's true. But either way the article is worth a read. More

CISA says certain Federal agencies known to be compromised need to disconnect from the internet for 3-5 days to fully evict SolarWinds hackers from their networks. More

CNA, one of the US's largest insurance companies, paid $40 million in ransom to regain access to their network. They're just now coming back online after being compromised weeks ago. More

DarkSide appears to have made around $90 million in ransomware payments over the last 9 months. More

China hacked RSA in 2011 and stole the seed values for RSA tokens, which at the time were used by governments and corporations throughout the US. After a 10-year NDA, the full story has now come out. More

An upcoming update to 802.11 (bf) will be able to use its signals to identify people and objects. Combine this telemetry with AI (which we already can) and the results are going to be both wonderful and terrifying. More

China has increased its spending on America-focused media operations by 500%, and is now the top spender on foreign influence operations in the US. More

It appears the Citizen neighborhood crime app is getting into the local policing business. More

Jason Healey at Atlantic Council has a paper on the various degrees of cooperation between APT groups and their home state governments. It has 10 levels ranging from 1) State prohibited, to 10) State integrated. Super interesting. More

The US Senate is looking at a $120 billion dollar science bill to counter Chinese innovation, with emphasis on supply chain dependencies. More

Vulnerabilities:

  • Cisco has patched a code execution flaw in its AnyConnect mobile client. More

Incidents:

  • Air India was hacked, resulting in the loss of 4.5 million passengers' data. More

  • Around 200K US military medical records have been leaked online due to an unsecured database exposed to the internet. More

  • Toshiba has been hit by ransomware, possibly by DarkSide. More

Companies

  • 42Crunch raised $17 million to do API security. More


TECHNOLOGY NEWS

Google is (sort of) bringing back RSS. An upcoming version of Chrome will have a Follow button for sites that have an RSS feed. I really hope this gains momentum. The fall of RSS was really bad for the internet, and I'm glad that Feedly and others have kept it alive. More

The new Ford F-150 Lightning electric truck looks to be extremely popular. They had over 45,000 pre-orders in less than 48 hours. I love seeing this space heat up. More

Spotify is getting into audiobooks with a partnership with Storytel. More


HUMAN NEWS

The Federal Reserve is exploring the impact of digital money, including the possible development of a national digital currency. More

We've had 7-13 million excess deaths during the pandemic. More

San Francisco has a shoplifting epidemic, and it's so bad that Walgreens is closing 17 stores. Essentially you can walk into a store and steal right in front of employees with no repercussions, and the thieves often set up shops on the street nearby to sell the stuff that was stolen. The police just let it happen. More

It looks like Amazon wants to buy MGM for $9 billion. More

The Biden administration is pushing vaccination by partnering with dating apps to display vaccination badges. More

Violent crime is spiking with homicides up 25-40% in 2020, the largest single-year increase since 1960. More

Three researchers at China's Wuhan Institute of Virology got sick enough to go to hospital in November of 2019, according to a newly disclosed US intelligence report. The first person was officially reported sick in Wuhan on December 8, 2019. More

China has released the first images from its Mars rover Zhurong. More


CONTENT, IDEAS & ANALYSIS

Analysis of the 2021 Verizon Data Breach Report (DBIR) — My annual look at takeaways from this industry-leading report. More

Why an NTSB Wouldn't Be Helpful for Ransomware — I explore the idea of an NTSB for cyber, and why I ultimately don't think the air travel metaphor works for infosec. More


NOTES

I am currently reading like 4 books, and I'm about to finish 2 and add Noise: A Flaw in Human Judgement and Top Secret America: The Rise of the New American Security State to the list.

Really looking forward to this month's UL Book Club next Sunday!

Getting close to finishing my Goku/Vim article. : )

I'm really enjoying my new Genelec 8351B studio monitors, which I'm building my whole new music studio and HiFi setup around. Right now I'm just using them as my main monitors/speakers on my computer desk, but soon I'll be adding mid-range and subs to the mix all powered by a Storm Audio MK2 which does DIRAC. Cannot wait.


DISCOVERY  

Is This a Cyberattack? — A friend's side project that answers whether or not a given incident was indeed a cyberattack. A much-needed public service. More

Canary Tools — High-signal detections for malicious behavior on your network. [SUP] More

Tosh — An SSH listener that has its IPv6 address rotate every 30 seconds based on a TOTP code. More

Tweet Shelf — Get the top tweets from people you follow. More

The Missing Semester of Your CS Education More

A List of Significant Cyber Incidents Since 2006 More

My friend Casey Ellis' home office setup, optimized for video and audio quality. It looked awesome somewhere and I asked him for a deeper write-up! Thanks, man! More
 
A list of APT Groups managed by MITRE. More

Vim Clutch — A foot petal for changing Vim modes. More

TL;DR Sec — Over a given month I get a good number of discovery links from my friend Clint's security newsletter, TL;DR Sec. If you're not subscribed you should check it out. More

The SF Tech Exodus More


RECOMMENDATIONS

  1. Open up your contact list.

  2. Click on people you haven't talked to recently that you used to be close with.

  3. Text them and say something nice.

  4. This costs you nothing; it's literally just an out of sight out of mind problem.

  5. Our tech is too convenient to not do this more often.


APHORISMS

“What's done is done. What matters now is what you're doing.”

~ Rigel J. Davidson