Unsupervised Learning Newsletter No. 310
News & Analysis
Member Edition | Ep. 310 | December 6, 2021
Apple has warned some US State Department employees that their phones were hacked by an exploit called ForcedEntry, which resulted in the installation of Pegasus—the spyware developed by NSO Group. This will surely add additional scrutiny to the Israeli company, on top of just being sanctioned by the US for selling their tools to shady countries. More
The White House is pushing to fill 600,000 cybersecurity positions in both the public and private sectors. I wrote about a possible approach here. More
Crypto exchange BitMart confirms they were hacked, resulting in a loss of $200 million in crypto. More
CISA has added 5 new vulnerabilities to their Known Exploited Vulnerabilities Catalog. Qualcomm Chips, MikroTik Routers, Zoho (2), Apache More
A former Ubiquiti employee allegedly stole gigs of data from the company and then pretended to be an anonymous hacker asking for $2 million in ransom. He's been arrested and charged. More
Google has released a new Clout Threat Intelligence report, which they'll be doing monthly from now on. Top issues discussed included: cryptocurrency mining abuse, phishing campaigns, and ransomware.
Amazon Inspector — Automated vulnerability management for multiple cloud resource types, including both detection and automated remediation. More
Amazon CodeGuru Reviewer — A new automated tool for detecting secrets in source code and config files. More
AWS Shield Update — Now features automatic deployment of AWS WAF rules to mitigate layer 7 DDoS attacks. More
Real-user Monitoring for CloudWatch — Realtime user monitoring for running experiments and doing feature management in application code. More
Sagemaker Canvas — A visual, no-code machine learning capability for business analysts. More
Amazon Connect — AI-powered call summarization for customer service productivity. More
M1 Mac Instances — EC2 instances running the M1 Mac platform. More
Amazon says they'll ship more than UPS and FedEx in 2022. More
Amazon says they're making their own shipping containers and chartering their own plans and ships. More
Vitalik Buterin is recommending a change to Ethereum that will lower gas prices. This is separate from the big Proof of Stake change coming next year. More
Only 60% of the US is paying for cable TV now, down from 85% in 2010. More
It looks like TSMC may ship 3nm chips in 2023. More
Omicron has caused a massive spike in people getting vaccinated, with last Thursday posting the highest total count (2.2 million shots) since May when the first shots became available. More
A company in Switzerland believes their suicide capsule will be approved soon for use. It's a 3D-printed and futuristic-looking shell that you get into and turn on from the inside. It pulls all the oxygen out of the air and you basically feel dizzy and/or euphoric before dying in like 30 seconds. More
CONTENT, IDEAS & ANALYSIS
NFTs Are Digital Signaling — My short essay on why I think NFTs are with us forever, regardless of the form they take. More
Knowledge of Psychology Removes Villians — I read a good headline recently that said pop psychology has robbed us of villains, and I think that's right. I'm not sure how much we really need to believe in true evil, but it still feels like we lost something. Simplicity, perhaps. The Fox News narrative. It's pleasing to have a good guy and a bad guy. The story isn't as compelling when everyone is a random collection of trauma and privilege.
I had a rare Internet debate victory last week. I decided to do a thread on why it's a good idea to get a vaccine, or, more accurately, why it's not logical to avoid them. The arguments and/or conversations resulted in at least one person changing their mind, in real-time, and agreeing to get the vaccine. Such a small win, but it felt much bigger. More
Hakluke talks about the pursuit of the perfect automated bug bounty system. He's built 3 so far and is starting on his 4th. More
A fantastic piece about pulling SecurityTrails information into GigaSheet for massive and performant queries of recon data. More
pip-audit — A tool for identifying known vulnerabilities in Python environments and packages. More
Interlace — Turn single-threaded commands into multi-threaded applications. More | by Codingo
As we get close to the end of the year it's a good time to start thinking about goals.
My favorite tool for this is the Hypothetical Retrospective. Imagine yourself dying, in your 70s, 80s, or 90s, and looking back on your life.
Are you currently spending your years in a way that you would be happy with looking backwards?
If not, plot a course and prepare to take action.
If you know your life's work, and you're not doing it, find the courage and opportunity to make the change.
"All cruelty springs from weakness."