Unsupervised Learning Newsletter NO. 341

News & Analysis

🗞️ NO. 341 — STANDARD EDITION | JUL 25 2022

Happy Monday,

We're now opening sponsorships for the first quarter of 2023! If you would like to get your company in front of some of the smartest eyes in the industry, reach out to our sponsorship team.

And have a great week!

— Daniel


FBI Warns on Targeted Attacks and AI
The FBI is worried that cyberattacks are becoming more sophisticated and targeted, and that AI will increasingly be used in attacks in the next few years. They're specifically worried about attackers being able to target and disable an entire industry, like commercial real estate, and they worry that deepfakes will become indiscernible from real content within ~2 years. More

Ukrainian Radio Station Hijacked to Spread Misinformation
Hackers out of Russia penetrated a Ukrainian radio station and broadcasted fake updates saying that President Zelenskiy was in critical condition and in intensive care. The president had to release a video to counter the false claims. More

LinkedIn Tops Phishing
Checkpoint says LinkedIn is still the most impersonated phishing brand, followed by Microsoft, DHL, Amazon, and Apple for the top 5. And LinkedIn came in at 45% while second place Microsoft was at 13%. More


Monitoring 1Password Logs

Spending too much time trying to investigate security issues across 1Password? With the Panther integration for 1Password, security teams can monitor potential risks around company data or credentials stored within their 1Password vaults and detect suspicious activity in real-time.

To detect anomalous activities in 1Password, Panther provides several out-of-the-box detections. For others, where a detection isn’t available, we have included a piece of code that security teams can readily use in their environment.

Enable your team to work smarter and faster while keeping your information secure.

Dragos Uncovers PLC Campaign
Dragos has uncovered an interesting password-stealing campaign targeted at industrial engineers and operators. The campaign used a technique to extract passwords from the PLC firmware directly and join the system into a botnet. More

Entrust Breach
Computer security company Entrust has been hit with a ransomware attack. Multiple government entities use Entrust for Identity and Access Management, including DoE, DHS, Department of the Treasury, and others. The attack took place in June and the ransomware group evidently purchased access through an access broker. More


  • CRITICAL | Atlassian has released a new set of patches for multiple vulnerabilities in Confluence, Bitbucket, and other products. More

  • CRITICAL | Cisco has released multiple advisories in Nexus Dashboard and Small Business Routers, including some that can lead to system takeover. More


Amazon Health?
Amazon continues moving into healthcare, this time buying One Medical for $3.9 billion. One Medical is a membership-based market solution to a failed US public healthcare system. For those that can afford it, you pay a fee and get the kind of primary healthcare and treatment that most people wish they had already. They also offer telehealth. In my mind this is another development on the battlefield of public (government) vs. private (corporate) services. People wonder what the play is for Amazon, and I think it's simple: slowly fill in all the services that people need to get from somewhere, which they often get from governments, and do it better and at scale. Healthcare and Education are obvious opportunities. More on that below. More

Minecraft Rejects NFTs
Minecraft has rejected NFTs on its platform. It's widely known now that many gamers hate everything about NFTs, and now one of the giants has solidified this in policy. They're specifically trying to avoid people thinking less about the game and more about monetization, and I think it's a smart move. At least for now, with NFTs in their current form. More

Netflix Loses Nearly 1 Million Subscribers
Netflix lost nearly a million subscribers last quarter, and they're looking at multiple ways to make up revenue. One is an ad-based tier, and the other is clamping down on people sharing accounts. In conjunction with the lockdown, they now have a new paid option to share your account with someone legitimately. More

Subscription Cars
BMW, GM, and other car companies are trying to get in on the subscription model. BMW is selling heated seat subscriptions in multiple countries, and GM made over $2 billion in subscriptions last year. They expect that to be $25 billion by 2030. I think Tesla might have moved us forward with this model given how much their cars feel like a software product. More 

Facebook Just Re-invented Facebook
They're adding a new featured tab where you can follow your friends' activity in chronological order. Amazing. They went so far astray they had to invent a new feature to be the thing everyone originally liked. More

Robot Checkmats a Kid's Finger
A Chess robot broke a 7-year-old boy's finger during a tournament in Moscow. No, it wasn't Terminator stuff. It evidently thought the boy's finger was a piece after the kid made a move. The Chess Federation President, Sergey Lazarev, said, "This is of course bad." Thanks Sergey. More

GenZ Prefers TikTok to Google
Nearly 40% of Gen Z is using TikTok and Instagram instead of Google for search.


Rich Artists
A massive study of 160 years of US demographic data indicates that people from rich families are far more likely to become artists. A family income of $100,000 makes one twice as likely to become an artist, actor, musician, or author than someone with a family income of $50,000. And if the family makes $1 million dollars, they're 10 times more likely. Basically, every $10K in pre-tax income raises one's chances by 2%. More

Google Fires Another AI Person
Blake Lemoine, the engineer who said the AI he was testing was conscious, has been fired by Google. Expected behavior given that he went public with a private project, but it still isn't a good look to have another AI person getting fired related to AI ethics. For the record: I think he was absolutely wrong about his claims, but he himself said he was making a spiritual claim and not a technical one. Surprised not surprised. More

Porn Disparity
A new, quite-large study says porn is bad for men's sex lives, but good for women's. That's interesting by itself, but I want to hear reasons beyond my own theories. More

Monkeypox Rising
The WHO says Monkeypox is now a global emergency, and the CDC says there have been nearly 17,000 cases in 74 countries. There is also now Monkeypox in 10 of the 11 San Francisco Bay Area sewer systems tested by Stanford's Sewer Coronavirus Alert Network (SCAN). More

Airbnb Penalizes Cancellations
Airbnb is raising the maximum host cancellation fee from $100 to $1,000. More


✍🏼 Principles vs. Agents: Sam Harris and Marc Andreessen
My new analysis of an idea I heard in Sam's recent conversation with Marc Andreessen. More

✍🏼 A Bourgeoisie Primer
A new quick summary of the history and meaning of the word Bourgeoisie, because it comes up in my reading constantly and I didn't think I had a good enough grasp of it. More

✍🏼 Why Aspiring Influencers Should Build Their Brands on Their Own Domain
My 2020 essay on why new influencers should avoid creating their content on networks like Medium. "Your domain is your brand." More


UL Bookclub is this weekend, and it's one of my favorite books ever: The Second Mountain. Can't wait for this one! Join Us

I want to mention again how much dictation is improved in iOS 16. First, it's just way faster and more accurate. Second, you can now speak and type simultaneously and interchangeably to edit text. Third, Siri now adds the proper punctuation to things by itself. And finally, you can add an emoji by voice. I've been using dictation for way more stuff because of these new upgrades.

Other books I'm reading: The Machiavellians, The Managerial Revolution, Recursion, Freedom.



⚙️ RECON | Metabigor
Metabigor is Intelligence tool, its goal is to do OSINT tasks and more but without any API key. Includes a wrapper for more efficient scanning of CIDR ranges using masscan, nmap. Also includes related domain discovery using multiple techniques. More | by J3ssie

⚙️ SUPPLY CHAIN | Hijagger
This tool checks every maintainer from every package in the NPM and Python Pypi registry for unregistered domains or unregistered MX records on those domains. More | by Christian Mehlmauer

⚙️ PENTESTING | Pentester's Promiscuous Notebook
One pentester's promiscuous notes on everything pentesting. More | by Snovvcrash

How to Drive Away Your Best Engineers More

The New Default Shell for macOS 10.15 Catalina is Zsh More | My Zsh Config

Good Managers Write Good More

Women Don't Like Men Who Pose for Pictures With Cats, But Dogs Are a Plus More

RSS Ressurection via SlackOps More

Tech Salaries Crash Due to Equity Valuations More
McKinsey makes 500K per presentation. Here's their deck structure. More

Building a Fast All-SSD NAS on a Budget More


Consider getting a CO2 detector for your home and/or for travel. The idea is that CO2 increases in "stuffy" rooms, and stuffiness means less air circulation and a likely higher chance of Covid spread if there are people present. So it's basically a proxy for how fresh and "open" a given space is. I have the Aranet4, which is $250 on Amazon, which works amazingly well, but there are less expensive options as well.


"Attention matters more than time. If you spend 80 years taking everything for granted it’ll be like you died at age 10."

Daniel Miessler