Unsupervised Learning Newsletter NO. 322

News & Analysis

MEMBER EDITION  | EP. 322 | MAR 14 2022
 

SECURITY NEWS

The White House gave a private intelligence briefing to around 30 TikTok influencers last week. This comes after significant sharing of intelligence with the public before the invasion started, which was an attempt to counteract the disinformation coming from Russia about operations on the ground as well as the reason for the invasion. I think both of these moves have been pivotal in keeping the global non-Russia-non-China coalition united against Russia's actions. And now with this briefing of TikTok influencers…the whole US approach to controlling the narrative has been absolutely brilliant. More

Western intel groups are investigating a cyberattack against broadband satellite internet services in Ukraine. The attacks happened right at the start of the invasion, and satellite modems for tens of thousands of European customers were taken offline as a result of the attack. Most believe Russia is responsible. More

Google's Threat Analysis Group (TAG) has issued a report on the threat landscape related to Ukraine. Some of the highlights: FancyBear/APT28 has run several large phishing campaigns against UkrNet, which is a Ukrainian media company. Ghostwriter/UNC1151 out of Belarus has conducted phishing campaigns against Polish and Ukrainian military organizations and web users of a number of internet providers. Mustang Panda has targeted European entities with malware lures related to Ukraine. Multiple DDoS campaigns have also been identified targeting Ukrainian sites. More

Sponsor

JupiterOne — 7 Cybersecurity Leaders Share Their Experience and Vision

In this exclusive eBook from JupiterOne, seven cybersecurity leaders share their stories of failure and success, roadmaps you can use to improve your cybersecurity programs, and their visions for the future of cybersecurity.

Ukraine's Ministry of Defense is now using Clearview AI's facial recognition for multiple purposes, including to vet people at checkpoints, identify Russian operatives, reunite refugees, and identify the dead. Clearview AI says they have not offered the technology to Russia. I personally think resisting this technology is like resisting database technology, or machine learning. It's simply too useful to keep in a bottle. Databases, ML, and facial recognition can all be used for good or harm; the question is how we shape ourselves more towards the former and less towards the latter. Our efforts need to be spent on that rather than fighting the inevitable. More

A document produced by the Russian Department of Information and Telecommunication Support, a Kremlin security apparatus, has advised Russian media that, “It is essential to use as much as possible fragments of broadcasts of the popular Fox News host Tucker Carlson, who sharply criticizes the actions of the United States [and] NATO, their negative role in unleashing the conflict in Ukraine, [and] the defiantly provocative behavior from the leadership of the Western countries and NATO towards the Russian Federation and towards President Putin, personally.” So nice of Carlson to be standing up for Putin against those pesky Americans. Also, how in the hell did the GOP become the pro-Russia party? This is one place I'm firmly with Regean, and if he saw this he'd lose his shit. More

Russia may be looking to use ransomware payments to bypass sanctions. More

Vulnerabilities:

  • SAP Monitoring Solutions | Critical More

  • HP EUFI Firmware Flaws | High | Millions of devices More

Companies:

  • Cybersixgill | Threat Intelligence | $35 million raise More


TECHNOLOGY NEWS

President Biden released an executive order around cryptocurrency. To me the entire thing basically says one thing: "We're here. We see you. We're watching closely. More to follow." I actually kind of liked that approach. They are hinting at creating an official digital currency but mostly just talking about how to make sure the entire space is safer, more transparent, and generally better for everyone—including the environment. I know a lot of people won't agree with that because the government is always evil or whatever, but I appreciated the messaging. I'd rather this than a) saying nothing, or b) declaring they're going to burn it all down. More

Amazon just launched a Twitter Spaces / Clubhouse clone called Amp. The key difference is that rather than hosting conversations, it's all about hosting DJ'd music shows. They're basically looking to disrupt the radio industry using a Clubhouse-style app. No reason they won't do conversations this way as well, and perhaps it'll be an inroad into something like live podcasting. More

Stripe now supports crypto businesses such as exchanges, on-ramps, wallets, and NFT marketplaces. They went all-in, in other words. More

Android rolled out a cool new feature that lets you say, "Hey Google, pay for my parking.", which will help you avoid using cards or coins at parking meters. More

The owners of Bored Apes has acquired the CryptoPunks NFT collection. So we have some consolidation in the space. These two properties combined are currently worth around $3.6 billion dollars. More


HUMAN NEWS

China just put millions of people into Covid lockdown. Their reported cases doubled Sunday to 3,400, and Shenzen has been hit especially hard. More | More | Hacker News Discussion

Obama tested positive for Covid. He appears to have minor symptoms. More

DeepMind is being used to translate damaged ancient texts in a project called Ithaca. More | Free Interactive Version

Someone spent $518,000 on Tom Brady's "final touchdown pass" 4 hours before he announced he's coming back for another season. More


CONTENT, IDEAS & ANALYSIS

Not All MFA is Equal, and the Differences Matter a Lot — A piece on the most important factor in modern MFA systems—anti-phishing defenses! The updated version of the CASMM model (see below) makes it more clear that only Levels 7 and 8 are codeless options. All others are still vulnerable to phishing because they provide the user with a code that they can then pass to an attacker via form field or voice. More

The Consumer Authentication Security Maturity Model V6 — I've updated the CASMM to version 6, with this version more clearly differentiating between MFA-code and MFA-codeless options at the top tiers. More

How to Tell the Difference Between a Letimiate NFT and a Rug Pull — Analysis of the NFT space and a possible way to tell real projects from those that are doomed. More

Stolen Fingerprint Databases Aren't That Threatening (Yet) — A Twitter thread where I respond to someone saying biometric authentication is scary because you can't change your face/finger. I have a strong intuition here but I'm cautious of being wrong because I've not yet heard the best arguments against. More

"If the project doesn’t make sense by itself, it also doesn’t make sense as an NFT or as something-something-crypto." Tweet This


NOTES

On average I review around 3,000 stories a week to prepare for a given show. I then trim that to around 150 saved items, which I then read in more depth. From there I end up with the 25-50 or so stories for a given show. So from around 3000 to around 50. The process takes between 10 to 20 hours, depending on the week.


An idea I'm throwing around: When I do commentary in the news section, italicize it so I clearly delineate where the news stops and my analysis starts. I think it's normally pretty easy to see and hear, but I wonder if it'd be nice to call it out even more. Thoughts?

I just added this new biography on John Von Neumann to my reading list. More


DISCOVERY

Two people I recommend you follow on Twitter: Renee DiResta for her brilliant analysis of m/disinformation, and Tim Tyler for his constant thirst for knowledge.

Why Putin Can't Back Down More

I Read the Top 100 Scientific Papers of All Time More

🔥 Hiding Images in Plain Sight — Matt Ferraro made a physical object that looks totally transparent but has the ability to create 2D and 3D images. More | by Matt Ferraro

How to get the most out of your 1:1s. More

Regrets of the Dying More

We Are In the First Open Source Intelligence War More

Sam Curry (one of the best bounty people out there) is going to do a talk at KernelCon where he talks about vulnerabilities in crypto web apps. More | Sam Curry

The Age of House Plants More

What Things Cost in Ancient Rome More

🔥 [ WEB SCRAPING ] How to Do Hardcore Web Scraping At Scale More | by Nikolai Tschacher

[ CI/CD OFFSEC ] Common Threat Matrix for CI/CD Pipelines More | by Hiroki Suezawa

[ INSIDER THREAT ] The Insider Threat TTP Knowledge Base — The Insider Threat Tactics, Techniques, and Procedures (TTP) Knowledge Base aims to advance our collective understanding of the technical mechanisms that insider threats have used. More

[ CLOUD OFFSEC ] AWS Scaled Command Bash Script — Run AWS Commands across multiple profiles. More | by Johann Rehberger

[ HARDWARE HACKING ] FirmWire — A full-system baseband firmware analysis platform that supports Samsung and MediaTek. More
 


RECOMMENDATION

This week, and as an update to your routine, do your best to avoid the Regrets of the Dying, which include:

  1. Not living true to yourself vs. what others expect of you

  2. Working too hard

  3. Not expressing your feelings

  4. Not staying in touch with your friends

  5. Not letting yourself be happy


APHORISM

"A sane person to an insane society must appear insane."

Kurt Vonnegut