Unsupervised Learning Newsletter No. 314

News & Analysis

MEMBER EDITION  | EP. 314 | JANUARY 18, 2022


A new joint Cybersecurity Advisory (CSA) has been released from CISA, FBI, and NSA addressing increased concern around Russian State-sponsored attacks against US Critical Infrastructure. The advisory comes amid increased tensions regarding Ukraine and Kazakhstan. More

Russia's FSB says they raided and arrested multiple members of the REvil ransomware gang. They hit 25 residences owned by 14 members across multiple Russian cities. This is widely seen as a response to pressure from the US and other countries around Russia's allowing ransomware groups to operate in the country. Cynical voices in the security community wonder how much this was for show, how severely they'll be punished, and how many of them will just end up working for FSB. Acqui-Raid? More Raid Video

DHL-branded emails have dethroned Microsoft as the most-used brand lure for phishing emails. Interesting that it's DHL and not a more popular carrier like Amazon/UPS/FedEx. More

Microsoft is warning of a nasty strain of malware that's currently being targeted at Ukrainian organizations. At first it looked like ransomware, but more reports are saying it's actually wiperware. More | More

CISA has added 15 more known-exploited vulnerabilities to its catalog, including all-time hits from bands like VMware, Chrome, Win32K, WinVerify, Oracle WebLogic, Fortinet, PAN-OS, IBM WebSphere, and Elastic Kibana! More

You've heard of package thieves. Well, now it's moved to the trains that carry the packages. One representative at Union Pacific estimates around 90 cargo containers a day are compromised, often by organized crime groups. This is what happens when some people are less useful to the economy than a robot or an AI, and a small percentage at the top wait to have their expensive packages delivered to their doorsteps. And then combine that with a lack of policing. More | Viral Tweet of Ransacked Containers


  • January 2022 Patch Tuesday | Curl, Libarchive, Windows More

  • Windows HTTP Protocol Stack RCE | 9.8 More

  • Zoho Desktop Central and Desktop Central MSP | Critical | Read Data | Write Files More

  • Cisco Unified Contact Center Management Portal and Unified Contact Center Domain Manager | 9.6 | PrivEsc to Admin More

  • 3 WordPress Plugins | 84K sites | High | CSRF More


Moxie Marlinspike has stepped down as the CEO of Signal. More

You can now use Shazam to identify music using a Chrome Extension. More

The founder of Second Life is coming back to play his hand at metaverse. I like his odds, because it seems he saw the vision of what was coming a long time ago. More


Israeli researchers found that a fourth booster is largely ineffective against Omicron. These results are calling into question the wisdom of continued vaccine mandates. I'm personally pro-mandate, but when the data change, we should change our minds with them. The problem is that—for the time being—government bureaucracy will always move slower than the science of variants and vaccine efficacy. And ignorance, cynicism, and conspiracy bloom in the gap between them. More

Inflation is at a 40-year high, with prices jumping 7% in just one year. More

People devote a third of their waking time to mobile apps, with TikTok use growing the fastest. More

More than 1 million fewer students are in college. More

Netflix has raised its prices from $14 to $15.50 in the US, and from C$15 to C$16.50 in Canada. More

Gallup says Americans are reading less than in 1990 and 1999, when we peaked at an average of 18.5 books read per year (including only partially). I call bullshit. Most Americans I casually ask about reading haven't read 18 books in their entire life, let alone per year. I think this is the kind of polling that got Trump elected in 2016, i.e., giving answers they thought the interviewer would want to hear. More


Gaming is Metaverse 1.0 — How gaming and metaverse are more alike than different, and the two many axes that they progress along. More

Your Value Comes From Your Output — My latest piece on how to avoid distracting shortcuts when trying to get a seat at the table, whether that's at work or in a particular community you admire. More

Beware of Alternate Meaning Loops (2017) — With all this talk about metaverse, I thought this was a timely addition. The piece talks about how we might be bad at maintaining multiple Life Loops. More


I enjoy James Clear's 3-2-1 newsletter, which is basically a set of quotes. The first set of three are his own, and I like the section a lot. I sometimes think I have a good aphorism to include in our aphorism section here, but I detest the idea of quoting myself. It produces a visceral reaction in me. Yet—at the same time—I think the aphorism is such a powerful mechanism for expressing ideas, and I do think I'm capable of producing useful content in that form. So I'm going to have a go at it. If it annoys you tremendously, feel free to tell me. And if you hear gagging, that's me trying not to throw up in my mouth. This will either be a new, albeit occasional staple, or it'll be a one-time thing. Thank you for being part of the experiment.

I'm having tremendous fun reading The Stormlight Archives, but I also need to get going with the UL Book of the Month!

I'm absolutely loving my daily Readwise email, which has snippets from my favorite books. Thank you for the recommendation Ben Collins!

I purchased my first VR system—a Quest 2—and have been massively enjoying Beat Saber, which is my main reason for buying the rig. The other standout title so far has been SuperHot, which is like a BulletTime action game that you have to play to understand. Truly epic use of VR technology. Thanks to all of you who recommended the Quest 2 to me!

I'm concerned I have too many negative stories in the show. To some degree that's understandable, but I feel like I should put the effort into finding the positivity. I might even create a section for it.


You Feel Like Shit (a self-care game) More

America is Falling Apart at the Seams More

New York State Covid Breakthrough Data More

SSH Bastion Host Best Practices More

Pareto Security is a Mac app that lets you confirm your security configuration. More

MLK's I Have a Dream Speech More

I'm in love with these drawings of the innards of pens. I'm supporting this artist? More | The Artist

dsq — a command-line tool for running queries against JSON, CSV, Excel, Parquet, and other data file formats. More


Text this to 10 people you care about but never talk to:

"Hey, I know we don't talk or even text enough, and I'm sorry for that. I just want you to know that I miss talking to you, and that I hope you're doing well. Let me know when you have some time to catch up, and in the meantime I hope you have a great week!"


"Wisdom is realizing that two or more opposing ideas can be true at the same time. For example: 'The new mRNA vaccines are modern miracles, and Big Pharma is harmful to society'. These can be true at the same time because both life and truth are multi-faceted."

Me, Tweet This