Unsupervised Learning Newsletter NO. 342

News & Analysis

🗞️ NO. 342 — STANDARD EDITION | AUG 1 2022

I hope you're doing well and that you have a great week.

— Daniel


North Korean Hacking
The US is offering a $10 million dollar reward for information that helps address North Korean hacking. "If you have information on any individuals associated with the North Korean government-linked malicious cyber groups (such as Andariel, APT38, Bluenoroff, Guardians of Peace, Kimsuky, or Lazarus Group) and who are involved in targeting U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act, you may be eligible for a reward." This is a doubling of the bounty offered back in March, and comes a week after the Justice Department seized $500,000 in Bitcoin from a hacking group in the country. More

Chinese TikTok Influence
Buzzfeed says it's talked to former ByteDance employees who said they were paid to force Chinese agenda items into the app, and that they were required not just to do it but take screenshots to prove that they had as part of the job. The content included promoting travel locations and encouraging people to move their startups to the country. Fairly harmless, but it speaks to a top-down pressure to have employees push pro-China content, and it's that mechanism that's most troubling. More

CISA Helps Ukraine
CISA has signed an agreement for increased cybersecurity assistance and collaboration with Ukraine. The collaboration will include the sharing of best practices as well as doing joint exercises. More


A Guide to Effective Security Advocacy

Security, Compliance, and Risk Management leaders need to be able to articulately advocate for their programs to gain collaboration from their peers, support from their leadership, as well as budget and headcount.

In this Hyperproof guide, you'll see how to gain active and passive support for your various security initiatives, and you'll get tips and talking points you can use in executive conversations to gain support and drive urgency.

CISA Confluence Warning
CISA is warning of ongoing attacks against Confluence using the recent hardcoded credentials vulnerability. This affects on-prem hosted instances with the Questions for Confluence App enabled. More

Amazon Ring Footage
Amazon has admitted to giving Ring footage to police without telling users. There have only been 11 "emergency" cases so far but that's 11 too many. At the very least they should have told the users after the fact and asked for future permission. I'm not against sharing footage with the police; I'm against it being 1) compelled, or 2) invisible. More

Macros Disabled, Again
Microsoft is unpausing their disabling of macros by default in Office. More

NFT Discord Compromises
TRM Labs put out a report showing over 150 compromises of NFT projects caused by Discord server compromise, and they indicate that many of the attacks are likely related. More


  • CRITICAL | SQL Injection in Global Management System and Analytics. More 

  • CRITICAL | Multiple vulnerabilities in NUKI smart locks. More | by NCC 

  • CRITICAL | Samba SMB Server Admin Password Change. More 


Ma Gives Up Ant
Jack Ma is giving up control of the Ant Group as part of continued pressure from the Chinese government. The government stopped Ant's IPO in 2020 after Ma made some undesirable comments about the government, and this is one of the carry-on effects of China aggressively pursuing control of big tech in the country. More

Cross-platform Apple Pay
Apple Pay might soon work in Chrome and Firefox instead of just Safari. More


New Moderna Booster
The US is buying 66 million doses of a new Moderna Covid booster that targets BA.4 and BA.5 Omicron variants. BA.5 has become the dominant strain of Covid in the US. More

Republican Death Rates
People in Republican counties have higher death rates than those in Democratic counties. Over recent decades, mortality rates have improved 22% in Democratic counties and only 11% in Republican counties. Factors included smoking, exercise, and racial demographics. More

Saudi's Mirrored City
Saudi Arabia is looking to build a 100-mile-long mirrored skyscraper city called The Line. It's designed for no roads and no cars, and you can move around freely by walking or by train, which takes only 20 minutes to go end to end. More

Goodbye Uhura
RIP to NIchelle Nichols of Star Trek. One of the first Black women to be seen in an important technical role on TV, and who knows how many young people benefitted from seeing that. Respect. More


✍🏼 Why Pinker Is Wrong About How Good Things Are (2018)
I just remembered a takedown of Pinker's Enlightenment Now I wrote back in 2018, and I'm struck by how many of my predictions are now playing out. More 

✍🏼 The Consumer Authentication Strength Maturity Model (2021)
My model for testing the strength of your (and your loved ones') personal authentication security. Most people are at levels 1-2. Good is level 3-5. And 6 and above is quite strong! More 

Human Reports + AI + Slack = The Ultimate ChatOps
Here's a thought: What if you could get an AI to read all the notes taken by the Blue Team last night, and turn that into a quick bulleted summary that was waiting for you in Slack every morning? What if that same AI could read a list of all customer complaints made last night and create a similar summary? How about a summary of all the new attacks being talked about on Twitter, or from your favorite security research companies? So we're talking about dozens, hundreds, or thousands of pages of content—all read and summarized in seconds—and delivered to you in near-perfect summaries. How valuable would that be? We're about to find out because that's where these new natural language models are taking us. Rig that all up to Slack with a smart ChatOps model and you will have a serious productivity booster. I'm writing a full member post on this right now and will release it as a standalone podcast as well!

Lost Secret Service Text Messages
The Secret Service lost text messages because they used Apple Messages and failed to make backups before doing a phone migration. And since backups are inaccessible through Apple unless you can decrypt them properly, they lost lots of messages. People are saying this is a great reason not to use Apple Messages. I disagree. I think it's a great reason to use them, but a reminder to be more careful to do proper backups during tech migrations. More


I am going to Vegas next week, just not sure how many days yet. One thing I know for sure is that I won't be at any major indoor events, which means zero parties. : ( Other than giving my talk, I'll either be alone in the hotel room or outdoors somewhere.

I'm often surprised, and somehow pleased, to see the variation in section lengths in the show. Sometimes Security is most of it, and other times it's all Technology. Good mix this week.

I've now got several people using CO2 detectors for their Covid threat assessment activities, and I'll be taking one of my Aranet devices to Vegas with me next week as well.

If you're interested in being featured in the show, or you know a company that would, reach out to us at [email protected]. We're opening up the first quarter of 2023 soon!



⚙️ APPSEC | Building an AppSec Pipeline for Continuous Visibility
An approach that combines SAST, DAST, SCA, Secrets Scanning, and SBOM creation. More | by Nikhil Mittal

⚙️ BLUE TEAM | Top 10 Open Source Adversary Emulation Tools
The top tools that help an organization model what they're likely to face from attackers. More

⚙️ BLUE TEAM | Detectree
Detectree is a tool for visualizing cyber security events and their relationships. When provided with detection events from an Elasticsearch index, Detectree determines the relationships between the artifacts (processes, network destinations, files, Registry keys) and displays these graphically. More

Github Recon: It's Really Deep More

US Army Camouflage Improvement Explained More

SBOMs, and Why Organizations Need Them More


Speak to yourself in the voice of a friend.


"The soul becomes dyed with the color of its thoughts."

Marcus Aurelius