- Unsupervised Learning
- Posts
- Unsupervised Learning Newsletter NO. 327
STANDARD EDITION | EP. 327 | APR 18 2022
SECURITY NEWS
Finland and Sweden are set to join NATO as quickly as this summer, despite severe warnings from Russia. “Russia is not the neighbor we thought it was.” More
The US says it was North Korea’s Lazarus group that hacked Axie Infinity for $625 million. Lazarus is known for hacking Sony Pictures back in 2014. More
Senior European Commission officials were targetted with Israeli-made NSO spyware last year, according to EU officials that provided documentation to Reuters. They learned about being targeted after receiving a notification from Apple. The development will likely add significantly more pressure on NSO Group and Israel to reign in the distribution of their software. More
Sponsor
A Live Walkthrough of the Axonius Platform
We invite you to join us for a 20-minute walkthrough of the Axonius Cybersecurity Asset Management and SaaS Management solutions, hosted on a monthly basis.
This live tour of the platform will explore different use cases and have questions about Axonius answered live and on the air. Axonius allows organizations to:
* Understand your assets – make your asset inventory easy and accurate
* Discover coverage gaps and risks – easily identify security coverage gaps and misconfigurations with custom queries
* Enforce security policies – don’t just find problems, but fix them as they are identified
A new study found that popular remote conferencing apps don’t stop sending your audio data to the server when you hit mute. In other words, mute might not be mute the way you imagine. This might be disturbing to some, but there’s a new feature that many apps have that detects if you’re trying to speak on mute, which requires that they receive your audio to know this. I think this study is a bit overblown, and that it’s best practice to assume everyone can hear you. More
The US says Russia’s Black Sea Flagship, the Moskva, was hit by missiles before sinking. This corroborates the Ukrainian narrative that they were the ones to sink it. Russia says there was an accidental fire on the ship. More
Vulnerabilities:
* Google Chrome | Detected in Wild More
* Cisco Wireless LAN Controller | Critical More
* Citrix Multiple Products | High Severity More
* Juniper Networks | Control of Affected Systems More
Companies:
* Obsidian Security raises $90 million to detect and fix SaaS security risks. More
TECHNOLOGY NEWS
Elon Musk tried to buy Twitter for $43 billion dollars, and was rejected. And then he joined and left the board within the span of a day, and sent a slew of tweets about the situation. He claims he’s doing it to protect free speech, but it’s not clear how that would work exactly , even if he could buy the company. More More | My Quick Take Take
It’s now possible to use Lambda functions without an Application Load Balancer. The new AWS feature is called Lambda Function URLs, and they allow you to hit Lambda functions directly over HTTPS. Yan Cui from Lumigo has a great write-up on it. More | by Lan Cui Cui
Pokémon Go’s Niantic is making a new AR game called Peridot. It’s a world full of adorable creatures, similar to Pokémon, but the creatures are they’re own IP instead of belonging to a massive, pre-existing brand. Similar to the previous game, gameplay revolves around caring for and breeding creatures. More
Zuckerberg wants to launch their AR glasses and have “an iPhone moment”, but they’re not looking to have them ready until 2024. That’s basically 11 years from now. More
It’s looking like Ethereum’s switch to proof-of-stake will come this fall instead of this summer. More
Robinhood added multiple new coins to its list of crypto options, including SHIBA, SOL, and MATIC. More
Observe.ai has raised $125 million to bring AI to “contact centers”, which I presume is a euphemism for customer service centers, which is a term that’s associated with human jobs. This company does clearly place itself as AI supplementation rather than replacement, because it is monitoring software vs. automated agent software. But I don’t know many that come out saying they’re looking to replace human workers. In other news, my partner got her nails done by a robot on Friday. More
HUMAN NEWS
Around 40% of China’s GDP is currently under some form of government lockdown due to Covid, and many in the country are vocally pushing back on the government policy and implementation. One such policy is evicting people from their apartments so they can turn the complex into temporary quarantine facilities. Multiple videos have emerged of people angrily screaming at white-uniformed authorities as they physically enforce the protocols. China initially got a good amount of positive press around how efficiently they dealt with the first rounds of Covid, but this time the cameras are recording and the rest of the world is watching. More More
New findings indicate that psilocybin frees up the brain and allows increased connection, resulting in improved mood for significant periods of time after usage. Early findings indicate that psilocybin might be able to do in a few treatments what anti-depressants do when taken daily. More
CONTENT, IDEAS & ANALYSIS
A Quick Thought on Musk Buying Twitter More
Disappearing Tools — I voiced my concerns on Twitter that the Project Discovery recon/security tools are so good that I’m worried about them disappearing from the internet. I have some contacts that say this won’t ever happen, but I still worry. It does make me thankful for open source, though, since many thousands of people have downloaded and forked these (and other similar) tools. More More
China’s Visible Crackdowns — As a Westerner who enjoys the fruit of democracy, I’m hopeful that the economic crackdowns against tech companies in China, now combined with their callous enforcement of what they’re calling Zero Covid, will cause significant portions of freedom-leaning Chinese creatives to leave the country permanently. It’s a difficult calculus for China. They believe they’re doing the right thing for the country, in both cases, but they do face the risk of having significant portions of their population wake up one day and choose imperfect freedom over an imperfect CCP. I hope they do. Not so China can fail, but so they can move to a more healthy hybrid between what they have and what we have in the West. More
NOTES
Had another long, in-person friend hangout with Clint Gibler this weekend, and I’m thankful that such things are becoming possible again. Clint is a wonderful friend and nobody should miss miss his TLDRSec newsletter.
I now have a functioning weather station in my backyard. Solar-powered. Rain, temperature, humidity, and wind direction/speed. I went with the Ambient Weather WS-2902C, which was an affordable entry into the space. More
I am also getting back into radio, which today means SDR. For that one I went with the Flexradio 6400, which was not an affordable entry into the space. I’m really looking forward to having a massive interface on my computer, which is paried with the SDR and antenna that sits elsewhere, and listening to all kinds of goodness from around the Bay Area. Also thinking about this console as well, but it seems excessive. More More
DISCOVERY
Jason Haddix has relaunched his blog! If you’re not subscribed you’re missing out on the best recon and OSINT content out there! More More
Jason and STÖK were on STÖK’s Bounty Thursdays show, and this episode was all about Content Discovery. It was a phenomenal episode, which also featured another great security pro named KUGG KUGG , and if you’re into Bounty or Recon at all you have to check out this episode and the show in general. More More
John Oliver did a great segment on Data Brokers and surveillance capitalism. More
Semgrep rules for auditing smart contracts. More
Nuclear weapons are not as destructive as you think. More
A video on the over-engineering of Japanese mechanical pencils. NSFW if you love pencils/pens/writing utensils. More
How to Write More Clearly, Think More Clearly, and Learn Complex Material More
CNN+ seems to be in serious trouble after its launch, with only around 10,000 daily viewers. As a point of reference, that’s about what my site gets, and they spent a couple hundred million to launch the site. More
Overheard in Silicon Valley — “Only Americans, dictators, and socialists talk about how America sucks; everyone else talks about either how dominant it is or how to move there.”
Actuarial Life Table More
Watch People Do The Thing More
CertRSS — A list of RSS feeds for government CERTS. More
Shubs with some insightful comments on doing offensive code reviews. More
RECOMMENDATION
Add a biography to your reading list. They not only teach you a lot about an interesting person, but they also tend to give you a great history lesson in the process. Two recommendations:
1. The Mind At Play: How Claude Shannon Invented the Information Age More
2. The Man from the Future: The Visionary Life of John von Neumann More
APHORISM
“The more we live by our intellect, the less we understand the meaning of life.”
— Tolstoy