- Unsupervised Learning
- Posts
- Unsupervised Learning No. 259
I spend my time reading 3-6 books a month on security, technology, and society—and thinking about what might be coming next. Every Monday I send out a list of the best content I've found in the last week to around 50,000 people. It'll save you tons of time.
STANDARD EDITION | EP. 259 | December 14, 2020
MY IDEAS & ANALYSIS
Analysis of the Recon/Attack Surface Management Space More
Summary: The Pentester's BluePrint — My review of Phillip Wylie and Kim Crawley's new book on how to become a penetration tester. More
Some Free-form Thoughts on Ayn Rand, Objectivism, and Other Big Ideas More
The Rise of Home Theater More
Amazon Will Dominate Through 10,000 Small Bets More
SECURITY NEWS
Sunburst — Russia's APT29, or Cozy Bear, has evidently hacked multiple US Government agencies and corporations through malware implanted in SolarWinds asset management software. This is the same group that hacked the State Department and White House email servers during the Obama administration, and according to FireEye the hack against them was part of the same campaign. SolarWinds software is used by more than 300,000 organizations around the world, including all five branches of the US government, NASA, and NSA. This will be a very early test for the new Biden administration in terms of how aggressive they'll be towards Russia, both publicly and behind the scenes. More
Someone has released a massive dump of data on members of the Chinese Communist Party, including where they live and work around the world. More
NSA is warning that Russian state-sponsored attackers are targeting companies using recent VMware flaws. More
Trucaller says spam calls grew 18% this year. More
Crowdstrike says ransomware made up half of all serious intrusions in 2020. More
The US military has picked 16 sites and started vaccinating troops for COVID-19. More
GitHub has rolled out dependency review, vulnerability alerts for pull requests, and dark mode. More
Vulnerabilities:
Companies:
Dragos has raised $110 million to secure industrial systems. Congrats to the crew over there! More
Palantir has won a major FDA contract to help review and inspect drugs before approval. More
Orca Security raises $55 million to scan cloud infrastructure and produce a data flow map that it monitors for security. More
At-Bay raises $34 million to do cyberinsurance, which is expected to be a $23 billion dollar industry by 2025. Their focus is on monitoring customers' systems and reducing the chances they get compromised. More
Salt Security raised $30 million to protect APIs from attack. More
TECHNOLOGY NEWS
Amazon launches HealthLake, a platform for storing and analyzing petabytes of health care data. "For example, HealthLake leverages natural language understanding and ontology mapping to identify whether a patient has been properly prescribed a drug, pulling out information from blood glucose monitoring systems, physicians notes, insurance forms and lab reports, and more to inform its conclusions." More
Multiple government groups are coming after Facebook for anti-competitive practices, but as Scott Galloway has pointed out many times, this could actually be good for investors if properties like Instagram and Whatsapp are broken out. More
Redhat has killed CentOS. I think in like 10 to 20 years it'll just be Amazon Linux and some hobby distros like Arch and Gentoo. More
Oracle, Palantir, HPE, and now Tesla are moving out of California. Many see this as a rejection of Calfiornia's extremely high taxes and restrictive regulations, combined with its deteriorating infrastructure and inability to solve bad roads and homelessness. Many of these companies are moving to Texas, which has less of all that. More
Cruise is starting to test driverless cars in San Francisco. This comes right as Uber sold their driverless business to someone else. More
Companies:
SpaceX has received $885 million to provide US rural areas with internet. More
C3.ai stock doubled after its $651 million dollar IPO. The company manages the process of spinning up the use of AI within a company, from data ingest, management, model creation, and deployment. More
Arthur.ai has raised $15 million to monitor the performance of ML models over time. More
Squire, a barbership tech startup, has tripled its valuation to $250 million by providing customer management, scheduling, and contactless payments. More
HUMAN NEWS
The US has approved the Pfizer vaccine, and millions of doses are being shipped immediately. More
Gallup says 63% of Americans would be willing to get an FDA-approved COVID vaccine. More
Plastic surgeons appear to be thriving because people want to fix how they look on Zoom calls. More
There's a super exicting study out of UCSF that has reversed age-related mental decline in mice within days.
Undocumented immigrants are half as likely to be arrested for violent crimes as US-born citizens. More
Wall Street now has a water futures market, like gold or oil. This is unrelated to the release of Dune in 2021. More
"Jimenez told me that, compared with yelling, quiet talking reduces aerosols by a factor of five; being completely silent reduces them by a factor of about 50. That means talking quietly, rather than yelling, reduces the risk of viral transmission by a degree comparable to properly wearing a mask." — A remarkable quote from this Atlantic article on how COVID spreads. This would also help explain why bars are especially bad, where the spaces are small and people are smashed together yelling at each other. More
Some are starting to look into the use of MDMA in couples therapy, specifically where one partner has suffered from PTSD. More
Disney launched around 10 new series' in the Marvel and Star Wars uinverses, and their stock jumped 15% on the announcement. More
HBO Max hits 12.6 million activations before Wonder Woman release. More
Companies:
Koan just raised another $1 million to help build its OKR and Status software. More
UPDATES
I'm enjoying some time off from work, but quietly. Not like I can travel or eat out or anything.
I purchased a new audio interface, the APOLLO Twin X, and will be trying out using that instead of my RODEcaster Pro. This is in preparation for transitioning to a true music creation setup in the near future. I'm also going to be tinkering with LUNA, the DAW from Universal Audio, and if I like it I might be trying that instead of Hindenburg, which is what I'm using now for the podcast. The other options I'll be comparing will be Logic Pro and Ableton 11 once it comes out. More
Currently reading:
Atlas Shrugged
Anna Karenina
Homeland (the UL Book Club Book)
DISCOVERY
CrowdSec, a modern replacement for Fail2Ban, has released their version 1.0, which includes a new local REST API, which allows you to deploy in different enterprise configurations. More
A compilation of publically accessible web shells. More
Kafka is Not a Database More
This guy wrote a blog post about how he's switching from Wordpress to Jeckyl, and spent half of it describing how he needed to create half of the basic features that Wordpress has, manually. I predict one of two things will happen here: either he stops blogging, or he comes back to Wordpress. More
Set your GitHub display preferences. More
Shopping Cart Theory More
A defense engineer gives more detail on the microwave weapons likely used against US diplomats. More
Follow your curiosity by reading your ass off and finding the source. More
To listen well, get curious. More
RECOMMENDATIONS
MORE is my favorite short film, and probably my favorite piece of art—ever—in any medium. It's 5 minutes long. Please watch it. It might improve your life. MORE
APHORISMS
“The first, and hardest, step to wisdom: avert the standard assumption that people know what they want.”
~ Nassim Nicholas Taleb