Unsupervised Learning: No. 100

This is episode No. 100 of Unsupervised Learning—a weekly show where I curate 3-5 hours of reading in infosec, technology, and humans into a 30 minute summary. The goal is to catch you up on current events, tell you about the best content from the week, and hopefully give you something to think about as well…

This week’s topics: Russian IW memes, POTUS Twitter, Texas Attack, Silence Trojan, NotPetya Damages, tech news, human news, ideas, discovery, recommendations, aphorism, and more…

Listen and subscribe via…

Read below for this episode’s show notes & newsletter, and get previous editions

Security newsWe're finally seeing a clear picture of the various influence campaigns that Russia are using against the United States. Note that I said "are using", not "were using". This is ongoing. A number of researchers have identified the social media accounts being used and are tracking the memes that they're putting out. The content is brilliant in its ability to capture American identity politics, our various social pressure points, and then use that content to make us fight amongst ourselves. This is literally a state-funded attack against America designed to make us hate each other and destroy ourselves from within. Utter genius on their part. LinkThe president's Twitter account was deactivated by a rogue employee as their last action before leaving the company. This raises a number of important questions about the ability for Twitter employees to change things within the platform, e.g., could they tweet as someone else? It's an interesting question when you have people like the president using the product, and there's an assumption that he's actually the one writing the tweets. Imagine reading "I've just declared war on North Korea.", from his account. Would it really be that unbelievable? And what response could the tweet product on its own? LinkA white, former Air Force man went into a church on Sunday near where he grew up and killed 26 people with an AR-15. When he left the church an armed citizen fired on and injured the attacker, who was found dead in his crashed vehicle later. There are myriad issues to discuss here, but the one I'll mention is that many will want to label this terrorism just like they did in the New York attack last week. The difference (so far in a developing story) is that in the New York attack there was a clear modus operandi linked to terror, and the proclaiming of Allahu Akbar during the attack, whereas with this situation we appear to simply have another mentally ill person with no obvious motive. Mental illness based violence is not terrorism because it has no political goal it's trying to achieve. LinkResearchers have discovered a new trojan called Silence in some banking institutions. The MO is to stay silent for some extended period of time to learn more about the network, and then to start stealing money once they believe they can do it successfully. LinkMerck told financial analysts last Friday that NotPetya cost them at least $310 million dollars in Q3, and likely that much again Q4. Maersk lost around $300 million as well, as did FedEx. This makes NotPetya probably the largest cybersecurity incident of its kind. LinkThe Trump Organization appears to have been compromised by some Russian hackers in 2013. Multiple subdomains were registered under domains it owned, and many redirected to IP addresses in St. Petersburg, Russia. This could have simply been a Russian criminal group, however, and not anything state or politics related. Either way, it's not good. LinkA fake version of WhatsApp has been installed by over a million Android users. LinkCode signing of malware is evidently more common than we thought. LinkPatching: WordPress, TorTechnology newsBitcoin crossed $7,000. LinkHP is selling its main headquarters in Palo Alto and moving to Santa Clara, San Jose, and Milpitas. Not sure exactly what it means, but it definitely means change. LinkCisco is bringing AI to its conference room meeting hardware. LinkHuman news A massive new study of 600,000 people shows that long-term aspirin use significantly reduces many types of cancer risk. The reduction numbers are staggering: 47% for liver, 47% for esophageal, 35% for lung, 38% for gastric, etc. I really want to see this study get reproduced or otherwise validated. LinkYou can now order CRISPR kits through the mail, and hack DNA at home for around $100. Experts say there are way easier ways to do harm to someone, and it'd be pretty hard to modify pathogens to become more dangerous. But my problem with this is that it only takes one. And there seems to be no shortage of people willing to harm thousands or millions. LinkChina has opened 516 Confucious Institutes around the world, where they teach the world to speak Mandarin. They are in 142 countries, 42 of which are in Africa. LinkThe New York Times is on pace to become a $900 million dollar digital business by 2020 thanks to a major surge in its subscribers in recent years. Much of the increase is being attributed to people being willing to pay for high quality news in a world where it's hard to tell good information from bad. They currently have around 2.5 million paid subscribers. LinkIdeas? How Russia is Helping America Destroy Itself LinkIt's Not Bias When AI Tells Us Something True But Uncomfortable LinkThe New Luxury of Having Good Information LinkThere will be significant discussion about the role of an armed citizenry given the fact that an armed man attacked the Texas gunman today outside the church, and potentially stopped others from being killed. So guns simultaneously enabled the attacker to kill many people and let a citizen potentially stop more violence. It's safe to predict that both sides will claim victory on the issue. LinkA lot of people are saying that the thing that will change the world more than AI is 3D printing. I've not put much thought in it, mostly because I see both of them impacting the future so greatly, and it's hard to measure. But I feel like AI will impact business and the rich more, and 3D printing will do more to raise standards for everyday people. That's my first thought on it. Regardless, they're both going to be extraordinary. LinkImagine building an entire global infrastructure of services on Blockchain, only to have it destroyed by Quantum Computing. We need a solution other than hoping it won't happen. LinkDiscovery 

My Quick Thoughts on the iPhone X LinkFaceID adds a Step for Apple Pay, and For Good Reason LinkMy Preferred View in Feedly Link6 Less-known Gesture Tips for iPhone X Link

Detective is an automated research tool for sales teams, so they can spend less time researching people and more time selling to them. Great idea, wonder if it works. LinkA stellar infographic on what different colors represent in marketing. LinkAuditing SSH with SSH Scan LinkEarth (Free Landsat Data) on AWS Link? Reddit's /etc/passwd File Link200 Universities Just Launched 600 Free Online Courses LinkA Review of PentesterLab LinkResearchers Analyze 3,200 Unique Phishing Kits LinkCredSniper — A Flask-based phishing framework that supports capturing 2FA tokens. LinkHashCat — Advanced Password Recovery LinkNotesFor those who are signed up for the newsletter (which is the same content as the podcast in text form), you should check your spam folder and create a rule in your email platform. Lots of Mailchimp emails have been getting filtered recently, and it's hard for them to fix it on their side. Create a rule on my email address or on the Unsupervised Learning subject line and you should be good.I just started and finished reading Richard Florida's new book, The New Urban Crisis. It was excellent, and it spawned a whole new line of discovery for me. LinkI'm almost done reading Coming Apart, by Charles Murray, which is about class fragmentation in America. It was a big inspiration for my fragmentation essay above. LinkNext I'll be reading BoBos in Paradise, by David Brooks. It's in the same line as the two above—discussing the separation of the new upper class and how it differs from everyone else in America. LinkI'm adding a lot more perks for site membership ($10/month), which now includes the following three things: 1) access to special/limited content, 2) the ability to submit AMA questions that I answer on the show, and 3) access to live meet-ups/events. So for the questions, the idea is that I'd include a section in the show for AMA, and there I'll be answering any questions submitted by members. They could be about infosec, infosec careers, technology, or really anything you want to get my opinion on. If you're a member, feel free to start submitting questions by responding to any of the recent newsletters (I'll know you're a member that way) or by emailing me directly. Should be fun!Also, this is episode 100!RecommendationsFind the author of a book you like, and read everything they have written. Then find out what books they reference or recommend. Read those. Then find out who influenced them, and do the same with them as well. LinkAphorism“The creation of a thousand forests is in one acorn.” ~ Ralph Waldo Emerson 

No related posts.