• Unsupervised Learning
  • Posts
  • UL NO. 459: New Active 0-day Exploitation, AI That Sees Your Open Apps, The RebootAI Project

UL NO. 459: New Active 0-day Exploitation, AI That Sees Your Open Apps, The RebootAI Project

A conversation with Rob Allen from ThreatLocker, UL's Black Friday sale, Finland's internet disrupted, and more...

Author

Daniel Miessler
November 18, 2024

SECURITY | AI | PURPOSE
UNSUPERVISED LEARNING is a newsletter about upgrading to thrive in a world full of AI. It’s original ideas, analysis, mental models, frameworks, and tooling to prepare you for the world that’s coming.

TOC

Hey there!

  • Had a great conversation with Rob Allen from ThreatLocker about their Zero Trust approach: deny-by-default, dynamic ACLs, and blocking ransomware at every stage.

The UL Black Friday Membership window is now open. GET IT 👇🏼

🦃 UL Membership Black Friday Sale 🦃

It’s time for turkey and cranberry sauce again, which means it’s also time for a Black Friday Sale of 20% off the first year of UL Membership.

Here’s what members get:

  • Access to the smartest, most curious, and KINDEST community out there

  • Direct access to Daniel and hundreds of security and AI professionals

  • Exclusive Member-Only content

  • Access to the UL Book Club, which has run monthly since 2017!

  • Access to our Mid-month Meetups, where we discuss career / life

  • DEEP discounts on paid courses and products

Best of all is the people.
It’s seriously the best community I’ve ever been a part of.

🫶🏼

“Daniel has created a place for civil discussion in a world that frequently prefers argument over discussion.”

- Ben Collins

Use coupon code BLACKFRIDAY20

  • Upgraded all my Ubiquiti gear and am making progress towards a 10Gbit world.

  • Heading to Saudi soon to speak at Blackhat MEA!

SECURITY

This one didn’t get nearly enough coverage last week. ChatGPT has a new feature that can read code from MacOS apps like VS Code, Xcode, and Terminal, making it easier for people to use AI in a live way without copy-pasting. The new feature called, "Work with Apps," uses MacOS's Accessibility API to read text right from your screen. MORE 

💡This is getting closer to what some other startups are working on, where they’re watching your screen and AI is operating on it. That functionality scares the crap out of me, though, so I’m only likely to use it with Apple and maybe Google if they haven an option to turn off the data harvesting / ads stuff.

For startups, I’m really worried about them getting all this data and then getting compromised. I see it as a virtual inevitability. I really only trust a handful of companies (mostly just Apple, actually) with this much—and this level—of data.

Something—or some one—has cut the data cable between Finland and Germany. Finland's internet access is currently routed through Sweden. Many are assuming shenanigans. MORE 

Sponsor

Are genAI tools integrated with your other apps?

Nudge Security discovers all genAI accounts ever created by anyone in your org, as well as the OAuth grants that enable data-sharing across apps.

Start a free trial to:

• Discover all genAI tools ever used in your org

• See all users, authentication methods, and OAuth grants

Get alerted of new genAI tools or integrations

• Vet unfamiliar tools with security profiles for each provider

Palo Alto Networks has released Indicators of Compromise (IoCs) for a new zero-day vulnerability affecting their firewalls. MORE 

VMware confirmed that threat actors are exploiting two vCenter Server vulnerabilities, CVE-2024-38812 and CVE-2024-38813, which were first disclosed at the 2024 Matrix Cup hacking competition. MORE 

Sponsor

Build a Cybersecurity Awareness Program That Works

Learn how Goodwin Motor Group crafted a successful cybersecurity culture that engages everyone—from execs to frontline staff. Discover actionable tips for creating compelling training, sustaining participation, and proving program ROI, shared by the champions behind this thriving program.

AI / TECH

Anthropic has a new Prompt Improver, that takes a given prompt and writes a better one. This is an example of ecosystem improvement I’ve been talking about. MORE

OpenAI might launch an "AI agent" tool called "Operator" in January. Operator will compete with Anthropic's "Computer Use" and Google's rumored agent. MORE 

💡I’m anticipating that in 2025 the biggest thing in AI will be the maturation of Agents. They started getting decent in 2024, next year they’ll get mature enough—and integrated enough—for real-world use cases.

The models will get smarter, but I think most of the benefit will be in the tooling and ecosystems around the models—not the models themselves.

For agents, it’s helpful to remember what the actual milestone is, which is pretty simple to track.

  • Constant monitoring of audio, video, text of everything you’re doing

  • That means cameras and microphones on your body

  • And full monitoring of the screens and I/O of your devices/computers

This is what’s going to feed your personal and work DAs with the full context it needs to serve you best. And that’s what all these efforts will eventually push towards, even if they’re not doing so yet.

Sam Altman and Arianna Huffington's Thrive AI Health is an AI assistant that aims to offer personalized advice on sleep, food, fitness, and more. MORE 

Google.org is putting $20 million in cash and $2 million in cloud credits into a new initiative to help researchers use AI for scientific breakthroughs. MORE

Apple's M4 Max CPU transcribes audio twice as fast as Nvidia's RTX A5000 GPU while using significantly less power. In a user test, the M4 Max completed an audio transcode in 2:29 minutes using Whisper V3 Turbo, consuming just 25 watts, compared to the RTX A5000's 4:33 minutes and 190 watts. MORE 

💡Really want one of these, but can’t justify it yet. The real question is whether our next AI rigs should be a cluster of Mac Mini’s, or a standard big beefy NVIDIA-based box.

I’m thinking it might be big box for the next one, and then the one after that is probably some other architecture we can’t see yet? Or perhaps an Exolab cluster of Apple-based systems?

iOS 18.2's Music Recognition feature now logs where you were when you heard a song. This new "Musical Memories" feature geotags songs, so you can remember the exact location you discovered them. MORE 

HUMANS

Pharma stocks have crashed due to RFK Jr. taking over Health and Human Services. Moderna is down close to 40%, and other stocks are suffering in a similar way. Not sure how this isn’t a buy opportunity, though. I don’t see how most people (and RFK) don’t figure out how to tell the difference between good and bad stuff these companies are doing. MORE 

Netflix hit a record 65 million concurrent streams during the Mike Tyson vs. Jake Paul fight, reaching 60 million households worldwide. But there were over 100,000 complaints about buffering and connection problems. MORE 

A new study shows that treating bullying as a collective issue rather than an individual one can significantly reduce its occurrence in primary schools. The approach involves engaging the entire school community, including teachers, students, and parents, to address and prevent bullying. MORE 

💡I love this concept, which reminds me of how some countries handle prostitution by going after the buyers rather than the sellers. It’s an economics way of looking at a whole system, and not just the obvious place.

With bullying, I think what needs to happen is some level of shaming of the kids who see it happen and do nothing about it, e.g., intervening, telling adults, etc.

IDEAS

RebootAI — An Offline AI Oracle for Emergencies
I want to build a local AI that can run offline in bad situations like earthquakes, meteor strikes, and any other scenario where we might have power (like from solar), but no internet. So the idea is that I want something I can ask how to do anything! Tourniquets, sterilizing water, building shelters, identifying edible plants, etc. So ideally this would be both text and image capable, and just as resilient an implementation as possible.

Who wants to help me build it? Or does anyone know of one already out there? Even better if it’s its own standalone box, and you can just update the model used every once in a while.

DISCOVERY

Cloudflare's robots.txt file is a mix of ASCII art and directives for web crawlers. It allows Twitterbot and DemandbaseWebsitePreview to access specific language pages, but blocks many others from accessing various parts of the site, like search results and feedback pages. MORE 

Managing High Performers — A guide on how to effectively manage high-performing employees. It covers strategies for keeping them motivated, providing the right challenges, and ensuring they feel valued within the organization. MORE 

Ian's Secure Shoelace Knot is the best shoelace knot I know of. I actually tie this for my sneakers and mostly leave them that way and slip them on and off. MORE 

RECOMMENDATION OF THE WEEK

  1. Check out the Aphorism of the Week below.

  2. Focus your efforts on being flexible after wrong notes, as opposed to being able to play perfect notes all the time.

2025 and the next few years are likely to be so crazy that we won’t be able to plan or play the right notes.

But what we can get good at doing is adapting once the wrong note is played.

APHORISM OF THE WEEK

If you hit a wrong note, it's the next note you play that determines if it's good or bad.

Miles Davis

Thank you for reading. Please forward to a friend and/or share on socials to help support the work.

🫶🏼

Daniel