Unsupervised Learning No. 231

MEMBER EDITION | EP. 231 | June 1, 2020

THIS WEEK’S TOPICS: US Protests & Unrest, Trump Goes Into the Bunker, NSA Warns on Exim, Octopus Scanner, Stanford’s SIO Virality Project, Windows 10 Update, SHA-1 Deprecated in SSH, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…

SECURITY NEWS

US Protests & Unrest:

• The United States has been engulfed in widespread protests, riots, and disorder, triggered by the death of a man named George Floyd while in police custody. More

• With fires raging near the White House, the lights were turned off and Trump was taken into an underground bunker used during terrorist attacks.

• Many large cities have imposed curfews. More

• After many Target stores have been looted, they've decided to close or reduce the hours of around 200 stores. More

• The president is going to designate Antifa as a terrorist organization. More

• Many health officials are worried that the protest activity will lead to a surge in COVID-19. More 

The NSA made an uncharacteristic warning on Thursday about how the Russian GRU is using a vulnerability in Exim to attack systems in the US. The attack allows one to execute shell commands on the host and network that Exim is running on, giving them a pivot point into other networks. It's a patched vulnerability, but many people still haven't updated. If you know anyone running Exim, try to get them to do so. More

Octopus Scanner is a piece of malware that attacks the software supply chain by embedding malware during the build process within Netbeans projects. More

Stanford launched the SIO Virality Project, which is a study looking to understand the disinformation ecosystem around COVID-19. More

The 2004 Release of Windows 10 is out, and it includes some security and privacy improvements. These include updates to its firmware protection, Chromium-Edge support for Application Guard, better support for FIDO2 keys, simplified access to security settings, and a bunch of other stuff. More

OpenSSH is deprecating SHA-1, which it's now possible to perform chosen-prefix attacks on for around $50K. More

There are a number of ways to attack YouTube creators with Denial of Service attacks associated with terms of service violations. Basically, you spam various types of complaints against particular videos, such as Circumvention of Technolgy, and it causes YouTube to take down the video and perhaps even disable the target's account. So what attackers are doing is hitting up YouTubers and sending them ransom notes, saying that if they don't pay they'll get their content taken down. YouTube needs to adjust to the fact that these types of complaints are being weaponized. More

The UK is looking to phase China out of its 5G infrastructure. More

The ACLU has sued Clearview AI for collecting and selling images of people's faces. This is a good suit in my opinion. I mean, Clearview AI was literally trying to make it so that their customers could know who anyone was, even if they hadn't consented to be a target. More

Advisories:

• Six Cisco servers were hacked using SaltStack vulnerabilities. More

• There's a new Android vulnerability that lets apps disguise themselves as other apps, create false UIs, and ultimately steal information. More

• Emerson has multiple issues in OneEnterprise, a SCADA control solution. More

Breaches:

• Joomla announced a breach on an S3 directory that revealed the data of around 2,700 users. More

• NTT says its Singapore cloud was hacked, resulting in the loss of Japanese customer data. More

Companies:

• Synack raised a $25M Series D. More

• Cisco is purchasing ThousandEyes, a Threat Intelligence company. More

• Vesta raises $125M to to fight payment fraud using AI. More

TECHNOLOGY NEWS

Sony is going to demo the first Playstation 5 games on June 4th. More

Google is now providing an Anxiety Self-Assessment link to anyone searching for anxiety-related terms. More

GE has exited the lightbulb business after 130 years. They got in around 1890, in other words. More

Amazon is offering permanent roles to around 125,000 recent COVID-surge-related workers. More

Ear and wrist wearables helped wearables jump 30% YOY in the first quarter of 2020. More

Microsoft is laying off dozens of journalists and editors that were responsible for picking stories for their MSN News service. They're being replaced with AI algorithms that do that work automatically. More

HUMAN NEWS

SpaceX took two humans to space from the US for the first time in around 9 years, and it was unexpectedly emotional for me. I was also elated to see so many women explaining the science and the mission as part of the broadcast. It truly felt like we were making human progress for a moment, and I'm thankful to them for that. More

Humpback whales are making a strong comeback in Australia, with numbers growing at around 10% a year. More

There's more evidence that Coronvavirus could be a blood vessel disease, which would explain a lot. More

The Census Bureau has found that a third of Americans show signs of anxiety or depression. More

Universities are about to be in really bad shape this fall, when tons of international students don't show up and pay their fees, they can't house students safely, and they can't run sports safely that generate revenue. More

Multiple American Indian tribes are being hit extremely hard by COVID-19. More

Meditation and mindfulness apps continue to thrive during the pandemic. More

71% of Americans believe the US economy is in a recession or depression. More

IDEAS, TRENDS, & ANALYSIS

Idea Generation, by Sam Altman More

People who believe in conspiracy theories tend to have certain mental characteristics, such as being anxious, feeling a loss of control, and feeling isolated and disconnected. And unfortunately, many people are feeling these right now. More

Maybe all hipsters are Absurdists. It’s not that they think they can get true meaning from all those micro-hobbies. It’s that they realize there is no such thing, so they over-index on small details in order to distract themselves. More

There's a theory called Meaning Maintenance that says we tend to search for and double down on our core identities and beliefs when we are faced with something that doesn't make sense. This is super interesting given the story above about conspiracy theories. More

The New Model Media Star is Famous Only to You More

Happiness During COVID-19, by Jonathan Haidt More

Pay for Your News More

UPDATES

I'm reading one of the best books I've read in a long time, called The Meritocracy Trap. It's about economics, social strife, the separating classes in America, and so much more. I also just finished Piketty's latest book, but I found this one far more descriptive, practical, and accurate. 10/10. More

DISCOVERY

I love sunglasses, so I might be trying out these new offerings from Futuremood that supposedly have the ability to alter your mood. They're not out yet, though. More

How to upgrade the lighting in your home office. More

A Red Team Maturity Model More

Minecraft Dungeons just came out, and it looks extremely fun. It's like a kid-friendly Diablo game, but in the Minecraft universe. More

A List of One-sentence Descriptions of AWS Services More

Cloudflare launched a new bandwidth speed test tool called, well, Speed Test. More

A Tone of Voice Guide for Writing More

5 Types of Zsh Alias More

Graphing MITRE using Bloodhound. More

Stop writing on Medium if you care about SEO. More

Someone made a custom Zoom background where he brings himself a drink. More

Pimp My Terminal More

RECOMMENDATIONS

Text ten friends that you haven't talked to in a while, and tell them you care about them.

APHORISMS

“Conviction is the conscience of the mind.”

~ Nicolas de Chamfort