SECURITY NEWS
⛔️ There is likely to be a critical TLS vulnerability released this week. Consider getting your teams ready by looking for your instances before it drops. ZDNET | GLOBALSIGN | REDDIT DISCUSSION
The US accused 13 Chinese nationals of committing espionage-related offenses for China, including attempting to force a Chinese national in the US to return to China, attempting to interfere with a federal investigation of Huawei, and attempting to recruit US academics to spy for China. MORE
The Daily Mail says Russia hacked Liz Truss's personal phone and gained access to extremely sensitive conversations with Kwasi Kwarteng and others. MORE
The second-largest investor in Twitter—after Musk—is Saudi Arabia's Kingdom Holding Company (KHC), with shares valued at $1.8 billion. MORE
Apple has significantly upgraded its security research program, speeding up its turn-around times and adding more transparrency for submission statuses. MORE
University of Maryland made a sweater that confuses AI into not recognizing a person. MORE
DHL has surpassed LinkedIn as the most spoofed phishing brand. MORE
The New York Post got hacked, resulting in defamatation of the site and their social media. Someone named Thrax claimed credit and said they got access via Wordpress. MORE
Juniper patched high-severity flaws in Junos OS that affect enterprise networking devices. MORE
CrowdStrike has partnered with MITRE CTID to find attacker TTPs in cloud analytics. MORE
Samba released security updates for issues up to and including system takeover. MORE
Apple's new Ventura release patched over 100 vulnerabilities. MORE
Sponsor
🔭 Simple and secure password management for your business
Protect employee passwords in minutes with Keeper — the award-winning password manager that is secure, easy to set up, and easy to use. Keeper works out-of-the-box with identity, MFA, and SIEM solutions including Okta, Azure AD, Ping Identity, G Suite, YubiKey and many others.
Patented integration with Single Sign-On (SAML 2.0) solutions and SCIM provisioning gives users a passwordless login experience while preserving zero-knowledge security. Attend a demo and we will send you a free 3-year personal plan.
keepersecurity.com/unsupervised_learning
Learn More
TECHNOLOGY NEWS
Layoffs.fyi says the layoffs mostly happened during the summer, and are slowing down. MORE
Shutterstock will start selling AI-generated stock images powered by OpenAI. MORE
Mr. Beast is looking to raise $150 million for a $1.5 billion valuation on…himself. Love it. MORE
Hidden Door is a gaming company that wants to turn fiction into role-playing experiences. MORE
OpenAI invested $500 million in Descript, an AI-based tool for editing audio and video. MORE
HUMAN NEWS
Luis Inácio Lula da Silva (Lula) has defeated Bosonaro to become Brazil's president, again, 20 years after being the president the first time. MORE
It looks like the UK wants back into the EU. Rejoining the UK recently had a 14-point lead in a poll. MORE
The US economy grew by 2.6% last quarter. MORE
Teens are starting to use TikTok to figure out what's wrong with them mentally. "I have this." MORE
A record-high 56% in the US believe local crime has increased. MORE
IDEAS & ANALYSIS
✍️ Why Apple Keeps Winning MORE
NOTES
Book club was phenomenal this week. We got into a spirited discussion about whether AGI would happen before 2030. 1/3 said it would, and 2/3 either abstained or said it wouldn't. The chosen book of the month for November is The Science of Storytelling. MORE
The aunt of one of our UL members is featured in a podcast called The Lost Women of Science. LISTEN
I got in an uncharacteristic Twitter squabble about Apple on Sunday morning. Someone was attacking me for talking about what Apple is doing right, and he unfollowed me during the discussion. We talked for another hour or so, cooling down the tone, and it went from a scuffle to a conversation. At the end he followed me back, I thanked him for being so passionate for the right things, and I followed him back. The lesson? Civil conversations are still possible on the internet! :) THREAD
I now have lots of birds showing up to my feeder! Thank you all again. And I have two hummingbird feeders now too. And they're getting some traffic as well. Loving it. Next step: Continuous IP Camera + AI bird identification -> Alerting system. Hit me up if you're this kind of nerd.
Absolutely loving The Mars Volta's new album. MORE
Anyone know of a healthy cleanse recipe I can make at home with a Vitamix? HALP
❤️ I met my love 30 years ago today. ❤️
DISCOVERY
🛠️ dastardly, from Burpsuite, is a light-weight web application scanner that you can use to scan your web apps during CI/CD. Integrates with GitHub actions and many others. TOOL | by PORTSWIGGER
🛠️ sandman is a backdoor for red teams that sends traffic over NTP. TOOL | by IDO VELTZMAN
🛠️ private_detector is Bumble's image classifier for lewd images. TOOL | by BUMBLE TECH
🛠️ threatest is a Go framework for end-to-end testing of threat detection. TOOL | by DATADOG
🔭 [ Sponsor ] Keeper Security — Simple and secure password management for your business. Keeper works out-of-the-box with identity, MFA, and SIEM solutions including Okta, Azure AD, Ping Identity, G Suite, YubiKey and many others. LEARN MORE
semafor — A new news service by Ben Smith built on the idea of transparent, unbiased, and center-focused news. Meaning, much less tainted by the right and left narratives. Cool, sign me up. MORE | ABOUT
looka — An AI-based logo generator. You give it your company name and some seed material, and it makes you some logos. MORE
namelix — An AI-based company name generator. You give it some vibes and it comes up with some possible company names. MORE
pfpmaker — An AI-based profile pic generator. You give it an image and it makes you profile pics. MORE
snipd — Listen to AI-generated summaries for Lex Fridman's podcast. MORE
An absolutely packed episode of Lex's podcast, with guest Andrej Karpathy. I particularlly loved his explanations of ML, his points about AGI, his approach to leading organizations, and tons more. Must consume. MORE
Japan's Anime community is seriously upset about the rise of AI-generated art. MORE
The Lost Women of Science — For every Marie Curie or Rosalind Franklin whose story has been told, hundreds of female scientists remain unknown to the public at large. In this series, we illuminate the lives and work of a diverse array of groundbreaking scientists who, because of time, place and gender, have gone largely unrecognized. LISTEN
The Rising Tide of Global Sadness MORE
Is Listening to Audioreading Really Reading? — The author of this piece makes the point that listening actually came before print, because oral storytelling came before writing. MORE
Jim Cramer cries on TV for recommending META to his audience. MORE
Security is an Infinite Game MORE
The rich are now signaling using statement trees. MORE
passkeys.io — A demo site for enrolling in and using Passkeys. MORE
Don't Overreact to Weak Signals MORE
👀 The Art of the Desk Setup MORE
RECOMMENDATION OF THE WEEK
Don't stress about how much you're learning when you read or watch educational content. Maybe you're only getting X amount of retention, but it's hard to say what that number really is. Plus, learning can sink deep into us and affect how we see the world, which has a lot more impact than remembering facts. If you love a book or some piece of content, watch it again while taking notes, or use it to update a current methodology you're using to do something. But feel free to just listen to it as well, lettting it blow by. You'll likely absorb more than you think.
APHORISM OF THE WEEK
"The two most important days in life are the day you born and the day you find out why."
Mark Twain