Unsupervised Learning Newsletter NO. 321

News & Analysis

STANDARD EDITION | EP. 321 | MAR 7 2022

SECURITY NEWS

Ukraine:

  • CISA has added 95 additional vulnerabilities to its Previously Exploited Catalog, including many that are known to be used by Russia-based attackers. More

  • Russia Has Essentially Been Canceled — Hundreds of the world's most significant companies and organizations have pulled out of or stopped providing services for Russia. These include Nike, Visa, Mastercard, Apple, Spotify, Netflix, TikTok, Addidas, H&M, IKEA, Airbnb, UPS, FedEx, American Express, PWC, KPMG, Google Ads, Microsoft, Meta, Snap Ads, YouTube, Disney, EA Sports, Shell, BP, ExxonMobil, Mercedes-Benz, Volkswagen, GM, Volvo, Harley-Davidson, Toyota, Jaguar, Aston Martin, BMW, Mazda, and countless others.

  • Volodymyr Zelensky has survived at least three assassination attempts in the last week. More

  • Police in Russia are stopping people on the street and going through their phones looking for anti-Russian posts or messages. More

A ransomware group called Lapsus$ claimed the hack against NVIDIA, and say they'll release the company's crown jewel source code unless they reenable the ability for their GPUs to mine cryptocurrency. They've already started releasing some data, including usernames and hashes for over 71,000 employees. More

The same group, Lapsus$, also just leaked 190GB of alleged Samsung source code, including source code for Galaxy. More

Republican Senator Lindsay Graham has called for someone to assassinate Putin. What a dumbass. More
 

Sponsor

The Dept. of Know Live!: A Series of 15-minute Conversations and Live Q&As with Experts on Web App and API Security
 

You’ve probably been to dry security webinars that resort to fear-mongering. At Fastly, we’re tired of the security status quo, too. That’s why we created The Dept. of Know Live! Virtual Speaker Series.

Every Thursday in March, Kelly Shortridge, Fastly, and Bea Hughes, PagerDuty, will host 15-minute conversations and live Q&As with security leaders that cover everything from how we define success in modern security to how security falls short of developer expectations to why we can’t ignore asset management.

Vulnerabilities:

  • Aveek Das of Unit 42 Found Nearly 75% of Infusion Pumps Have Severe Vulnerabilities More

  • Google Chrome | New Version Addresses Multiple Vulnerabilities | Up to System Control More

  • CISA Warning Regarding Schneider and GE Digital SCADA Software | High | System Takeover More

Incidents:

  • Toyota shuts down its Japanese factories after a reported cyberattack against a key supplier. More


TECHNOLOGY NEWS

Tesla has approval to start building vehicles at a new plant outside Berlin, Germany. More

Researchers at Dartmouth have built an AI system that can detect mental disorders like depression, anxiety, and bipolar disorder by looking at Reddit conversations. The system focuses on trends across multiple posts rather than analysis of single posts. More

Amazon is closing all 68 of its Books, 4-star, and Pop-up physical stores. They're refocusing on grocery and fashion stores instead. More


HUMAN NEWS

Scientists have watched a memory form in a brain for the first time, and they've learned that different types of memories create different structures of neural connections. Fear-laden memories, for example, appear to be more robust and elaborate than other types of memory, which leads to them being more vivid for longer. More

The CDC estimates that 43% of Americans have had Covid. More

Researchers found that the worse the economy was doing (as measured by unemployment rate), the more people reported having physical pain. This isn't for a given person and their employment status, but rather that overall reports when up with the unemployment rate. More

Belgium has approved a 4-day work week and given employees the ability to ignore their bosses after hours. More


CONTENT, IDEAS & ANALYSIS

Crypto is Exciting Because It Changes Incentives — A new piece on how crypto/NFTs/Web3 is less about technology and more about incentivizing new types of business and consumer behavior. If you're skeptical about crypto*, you should read this. More

The Anti-Putin Narrative Could Have Gone Very Differently — It's worth reflecting on what could have happened if the US had fallen for Putin's narrative. More

Sponsored Conversation: Ed Kontsevoy of Teleport — I had Ed Kontsevoy on the pod last week to talk about his new company, Teleport. In this series I have organic conversations with entrepreneurs as if having lunch with them and hearing about the product for the first time. They give their pitch, and I dig deeper with questions. More

Andrew Ringlein's 5 Crypto Accelerators in Gaming and Business — I had my friend Andrew Ringlein on the pod on Sunday to discuss a different way to think about crypto. It's like a conversational form of the essay above talking about crypto incentives, centered around Andrew's 5 Principles. Whether you're crypto-bullish, crypto-skeptical, or crypto-curious, I highly recommend this one. More


NOTES

Well I finally got my first NFT. It's through a gift by the CryptoCVEs Project, which is a neat idea where they make NFTs for specific CVEs (vulnerabilities). They gifted me the CVSS 10.0 Log4j Vulnerability! (CVE-2021-44228). Do I think this is my path to retirement? No. Do I think it's interesting and awesome? Yes. That's where I am with most things crypto right now. My NFT | The Project

I've returned to playing table tennis at my favorite place: ICC Table Tennis in Milpitas. Haven't been there since February 2022, and it's been great to be back. Hopefully we get some time before the next variant shows up.

I'm considering adding a dedicated section for positive news and/or humor. For now I'll continue integrating it into Discovery, but it really does merit its own section I think. Thoughts?
 


DISCOVERY

A Twitter thread on words that are very nearly but not quite the same. More | by Dr. Kat Day

Brandon Sanderson, a fantasy author, did a publicity stunt on March 1st that was pretty impressive. He announced that he'd written a novel in private, and then proceeded to admit that it was actually two novels! Actually three. Nope. 4. Well I guess, all told, it was FIVE. He secretly wrote FIVE novels in the last couple of years. And then the did a Kickstarter to raise $1,000,000 to publish them. But it quickly became the top Kickstarter of all time, crossing like $20 million within a day or two. What the actual hell. I also happen to be reading the Way of Kings series, so this was especially interesting to me. More

Write Everything in Text Files More

The Road to Success is Paved With Rejection Letters More

Why Ethereum is switching to proof of stake, and how it will work. More

A video of how much space debris orbits Earth. More

"By substituting your morning coffee with green tea, you can reduce up to 88% of what little joy you had left." More

Compare Tech Salaries Instantly More

Why You Need a Domain Name More

Self-host Your Static Assets — A great argument of why you should host things like jQuery on your own site rather than linking remotely. More | by Harry Roberts

[ OFFSEC ] Osmedeus — An Offensive Security Workflow Engine More | by Ai Ho

[ COURSE ] AWS Security Fundamentals (Second Edition) More
 


RECOMMENDATION

If you're talking to someone who disagrees with you about something major, like politics, start by steel-manning their argument. Try. Make an effort. Look for the best version of what they're saying. Look for the best version of the person saying it. Then listen. And then make your own points. You still might be unsuccessful, but this gives provides your only real chance of convincing someone. You have to listen to be heard.


APHORISM

“Genius is an ability to distinguish the difficult from the impossible.”

Napoleon I