Unsupervised Learning

Unsupervised Learning

206

Dec 9 • 21 min

Vietnamese BMW APT, Defense Contractor Prep, China replacing a culture, HackerOne Cookie Snafu, Chinese Also Worried About Privacy, China Mobile Face, CDC Flu Warning, AWS Sagemaker, Technology News, Human News, Ideas Trends & Analysis, Discovery,…

205

Dec 2 • 34 min

Spam trends, CWE’s latest 25, Uber audio recordings, Uber unauthorized drivers, Chinese research theft, Google state-actor notifications, bluetooth burglars, Nixon deepface, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations,…

203

Nov 18 • 18 min

Google health care, Google checking, Github open source, China policy hack, Hactivist bounties, healthcare attacks, facial protests, OSINT CTF, surveillance robots, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the…

202

Nov 11 • 14 min

Capital fired, DHS biodata, Twitter insiders, Baltimore Cyber Insurance, Airbnb Assessment, Google Play Malware, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…

201

Nov 4 • 19 min

Unify drama, Fancy cheating, NSO lawsuits, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…

200

Oct 28 • 17 min

200th episode!, White House cyber vacancies, AT&T SIM bribery, South Africa ultimatum, climate change power crash, Bahgdadi dead, RuNET, NYT insanity, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly…

199

Oct 21 • 18 min

Stolen Cards Stolen, Autoclerk Hacked, TeamViewer Hacked, Russia Pretending to be Iranian, JackSpotting, Pixel4 Faces, FrenchFacRec, Samsung Fingerprints, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly…

198

Oct 14 • 18 min

Eye reflection EXIF, WiFi gait, Russian Cyber Clusters, Russia African Americans, China Pressure, VPN drama, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…

197

Oct 7 • 24 min

Yahoo creep, DarkNet, E2E encryption, Cyber talent, RandomDeath, Private Data Property, Eyeballer, plus Technology News, Human News, Ideas Trends and Analysis, Updates, Discovery, Recommendations, and the Aphorism for the week!

196

Sep 30 • 24 min

New York is suing Dunkin (Donuts) for not revealing breaches in a timely manner (going all the way back to 2015), which is says jeopardized their customers. Good for New York. It’s one thing to be breached: it’s much worse to try to pretend it didn’t…

195

Sep 23 • 26 min

Here’s the new MITRE 2019 25 Most Dangerous Software Errors. Memory corruption bugs are huge right now. More There’s a ton of recent DDoS activity that’s leveraging IoT devices for UDP amplification attacks. Specifically, the WS-Discovery service (WSD) is…

194

Sep 15 • 24 min

Not sure how this isn’t bigger news, but Saudi Arabia shut down half its oil production after a number of drones attacked the largest oil processing plant in the world. Yemeni rebels claimed credit, but the US blames Iran. More DNS over HTTPS is coming to…

193

Sep 8 • 22 min

AIG says BEC has overtaken ransomware as the primary claim type against their cyber insurance policies in EMEA, accounting for 23% of claims. More Paper The NSA Cyber Chief wants to share digital threat information early and often. I like the fact that…

192

Sep 2 • 35 min

Ring has already partnered with over 400 police departments. As you know, I’m torn on this kind of tech. Neighborhood watch can be a good thing, and it can also be a bad thing. Technology tends to magnify both weaknesses and strengths, so it can make…

191

Aug 26 • 25 min

Protestors in Hong Kong are physically attacking and destroying facial recognition cameras. More Palo Alto says 7 out of 10 new domain registrations (NDRs) are either malicious or not safe for work, and they encourage companies to block them. More Lt.…

The Difference Between Data, Information, and Intelligence

Aug 18 • 5 min

The terms intelligence, information, and data are thrown around pretty loosely in most tech circles, and this inevitably leads to people confusing and/or conflating them. What follows is a simple explanation of how the related terms are different from…

190

Aug 18 • 22 min

There are some seriously nasty Windows RDP bugs out there. If you have RDP facing the internet, make sure you’re patched. And try to get to VPN as soon as possible. More A huge survey of firmware security has found virtually no improvement over the last…

189

Aug 13 • 8 min

Ring is developing two-way relationships with hundreds of police departments in the US. This allows Ring users to be alerted to crime in their area via 911 data, and police departments to pull video from participating Ring devices. This is the type of…

188

Jul 29 • 19 min

Marcus Hutchins got off with time-served, and people have feelings. The range basically goes from ‘he did nothing wrong’, to, ‘he should rot in prison’. In my mind this outcome was close to perfect. Remember, he went through two years of hell since being…

Humans Are Genebots

Jul 26 • 7 min

Unpacking the evolution-granted bliss of prep schools and elite institutions, and why they resonate so much with us.

Machine Learning Doesn’t Introduce Unfairness—It Reveals It

Jul 25 • 8 min

The difference between unfairness and bias in machine learning.

187

Jul 21 • 35 min

Lots of people in the security community went silly over the FaceApp application last week, basically saying that you shouldn’t be using the application because they’ll steal your face and then be able to impersonate you. Oh, and then it turned out to be…

Time Speeds Up When You’re Wasting It

Jul 20 • 4 min

An essay on why time can feel like it’s speeding up when you get older, and how to slow it back down. Support the show.

186

Jul 14 • 20 min

Parts of Manhattan had a power outage Saturday night, which happened to be the anniversary of another power outage in 1977. The power company apologized but didn’t explain what happened. The hacker in me thinks this could easily be a probing shot by a…

185

Jul 8 • 21 min

The Telegraph has found strong links between Huawei employees and Chinese intelligence agencies. The Huawei counter was that this was extremely common among telecom companies, and that it wasn’t a big deal. The counter to that counter was, basically,…

The World is Collapsing Into Two Countries—Green and Red

Jul 3 • 8 min

The world being sorted into two different countries—a Green country of the top 10% of income/wealk, and a Red country that’s everyone else. These countries are separated not by geography, but by class. Support the show.

184

Jul 1 • 18 min

I created a new tutorial on OWASP Amass, and just joined the team as a contributor as well. Tutorial Chinese hacking groups have been embedded deep inside multiple major US tech firms for many years, including Fujitsu, Tata, NTT, Dimension Data, and HPE.…

183

Jun 24 • 13 min

There’s a Linux vulnerability called SACK Panic (among other names) that takes advantage of a kernel feature called Selective ACK. The feature lets systems tell the other side of the conversation how much data it’s received, and it turns out it can be…

182

Jun 18 • 10 min

The US is supposedly ramping up attacks against Russian power grid through the use of new cyberattack powers granted by Trump. I am happy to hear of this, but it’s an example of where we as outsiders can only know a tiny fragment of the story. But any…

181

Jun 11 • 24 min

Some absolutely fascinating research has just come out on what percentages and types of vulnerabilities are actually exploited in the wild. It found that only 5.5% of vulnerabilities discovered between 2009 and 2018 were actually exploited, with most of…

Grit is the Ultimate Privilege

Jun 8 • 6 min

An argument that we should acknowledge grit as one of the most powerful causal factors in success, and figure out ways to bring its benefits to everyone.

Why Software Remains Insecure

Jun 6 • 4 min

A concise explanation of why software continues to have security and quality problems after decades of supposedly trying to address the problem.

179

May 28 • 17 min

The Deepfakes thing is already starting to have an impact, and it didn’t even involve actual Deepfake (GAN ML) technology. A video was spread of Nancy Pelosi speaking very slowly and seeming to stumble over her words, which made her look quite bad. The…

178

May 24 • 23 min

Trump has semi-banned the use of foreign telecom gear, which is really a direct shot at Huawei and China. more Baltimore’s IT systems are still being held hostage after 2 weeks. Of all the cities in the world that I could imagine this happening to,…

177

May 14 • 22 min

My Takeaways from the 2019 DBIR Report My Summary The Report The DOJ has unsealed the indictment against those who they believe hacked Anthem in 2015, and they are Chinese Nationals. They didn’t reveal the suspected motive, however. But as I wrote about…

Finding Clarity on the Exodus of the New Left

May 3 • 10 min

A short essay that attempts to wrap a simple narrative around what’s currently happening with the exodus of the New Left, and what it’s doing to the moderate left, center, and right that they left behind.

175

Apr 30 • 36 min

Deepfakes are about to seriously erode our collective ability to tell truth from fiction, and this is already a big enough problem without them. Think of every problem you care about, and realize this represents an exponent on each one. This video…

A Political Discussion with Jeremiah Grossman

Apr 14 • 105 min

Today’s standalone episode of Unsupervised Learning is a political conversation with Jeremiah Grossman, who many of you will know as the founder of Whitehat Security, current CEO of BitDiscovery, Jujitsu Blackbelt, and all-around great individual. In this…

173

Apr 14 • 24 min

Amazon has many thousands of people doing quality control on Alexa, meaning that they’re listening to incoming audio captured on Echo devices. This shouldn’t be surprising. The question is how they’re doing it, and what policies they have around privacy…

171

Apr 1 • 19 min

Mastercard is looking to create a Digital ID service that can bind your digital presence to your mobile device, which will be able to verify you to various services. Link Palantir has won an $800 million contract to build the next combat intelligence…

169

Mar 18 • 18 min

Multiple governments have now blacklisted Huawei, which Huawei seems very confused by. The best explanation I’ve heard so far about why this move makes sense for western countries came from Rob Joyce of NSA. He basically said that just like Kaspersky in…

167

Mar 3 • 34 min

This is a description of cyberwar that sounds quite realistic to me, and it’s based around the thousand-cuts idea. Ring Doorbells have a vulnerability that allows one to capture clear-text videos and other data from the cameras if you can get on the…

165

Feb 21 • 23 min

OpenAI text spoofing, Twitter DMs, Chinese tracking database, Ponemon Cyber Risk Score, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…

163

Feb 4 • 16 min

My takeaways from ENIGMA 2019—one of my two favorite conferences in the world. The US has charged Huawei with stealing trade secrets, money laundering, and fraud. This escalates the already tense situation with China on a number of fronts. An engineer…

An Overview of the OWASP IoT Top 10 for 2018

Jan 7 • 14 min

We just released the 2018 version of the OWASP Internet of Things Top 10, and in this episode I talk you through the list and give the philosophy, methodology, and next steps for the project.

159

Jan 7 • 28 min

German politician hack, NSA’s new RE tool, Weather Channel tracking, sick TSA agents, Facebook dust tracking, Technology, Humans, Ideas, Recommendations, and the weekly Aphorism…

155

Dec 11, 2018 • 16 min

Google+ breach, Android flaws, China’s long game against the US, Australia’s encryption blunder, NYPD drones, and more…

153

Nov 26, 2018 • 14 min

Ukraine malware, China’s Black Mirror, DARPA’s Mosaic, FBI trolling, Silicon Valley jobs, Technology News, Human News, Ideas, Trends, & Analysis, Discovery, Notes, Recommendations, and the weekly Aphorism!

147

Oct 25, 2018 • 12 min

OWASP IoT Top 10 Draft, Facebook compromise, Fornite cheating, Pentagon weapons, spam calls, technology news, human news, ideas, discovery, recommendation, and the weekly aphorism… Support the show.

141

Sep 4, 2018 • 58 min

AMA Summer 2018, Security News, Technology News, Human News, Ideas, Discovery, and the weekly Recommendation and Aphorism…

139

Aug 20, 2018 • 17 min

TLS 1.3, BurpSuite Improvements, Google Ad Database, Russian Attack Sattelites, Amazon Theaters, Google AI Cooling, Wheat Genome, Giant Magellan Telescope, Carb Ratios, Leg Exercise and Cognitive Health, Ideas, Discovery, Notes, Recommendations, and the…

135

Jul 22, 2018 • 27 min

GRU ATT&CK analysis, Assange to the UK, Cisco backdoors, DARPA electronics, faces from genomes, viz.ai, open plans are bad, Best Buy consulting, ultrasound vs. dementia, 4 day work weeks, ideas, recommendations, and the aphorism of the week!

133

Jul 11, 2018 • 34 min

Twitter deleting accounts, deepfakes, location leaks, Rekognition, bio databases, juggalo makeup, iOS 12 security, Siri upgrades, and more…

131

Jun 26, 2018 • 29 min

Predicting your credit rating based on the tech you use, Russians attack Germans, WPA3, China bird drones, AT&T and Verison to stop selling our location data, Facebook red team, Twitter Smyte, plus tech, humans, discovery, and more…

129

Jun 12, 2018 • 11 min

Reboot your router, China hacked a U.S. Navy contractor and stole around 600GB of top secret data. Newark, NJ is monitoring much of the city with surveillance cameras, and they’re making the camera footage available to the public. Facebook also shared…

128

Jun 4, 2018 • 10 min

Pentagon background checks, China using machine learning in schools, Rusian ethnicity detecting AI, US Military presence in Africa, Atlanta lost dashcam footage, Kidnapping insurance, Technology News, Ideas, Recommendation, Aphorism, and more…

127

May 29, 2018 • 9 min

VPNFilter botnet, Echo private convo, Ghostery GDPR fail, PornHub VPN, Technology News, Human News, Ideas, Trends, & Analysis, Discovery, Recommendations, the weekly Aphorism, and more…

126

May 25, 2018 • 9 min

VPNFilter botnet, LA + Palantir, Amazon Surveillance, Momentum report, Clapper says Russia turned the election, Chinese supply chain attacks, Tech News, Human News, Ideas, Discovery, Recommendation, the Aphorism, and more…

125

May 17, 2018 • 12 min

Regulators aren’t staffed to audit you on GDPR, inaudible Siri and Alexa commands, iOS 4 is bringing lots of privacy updates, California DNA storage, technology news, human news, Ideas, recommendation, the weekly aphorism, and more…

If You’re Not Doing Continuous Asset Management You’re Not Doing Security

May 16, 2018 • 7 min

How enterprises are completely ignoring the security activity that could help the most.

120

Apr 9, 2018 • 19 min

It’s 2 billion users now, Liinux beep, Digital Shadows finds fail files, cloud misconfiguration, AlterEgo, AI applications, Alexa sending payments, Tech, Ideas, Recommendation, Aphorism, and more…

119

Apr 2, 2018 • 27 min

Atlanta disabled, MyFitnessPal hacked, Cambridge Analytica election tampering, Drupal, Saks, DARPA drones, Cloudflare 1.1.1.1, Slack bosses, Democratic Chinese AIs, Georgia facepalm, tech, humans, ideas, and more…

116

Mar 13, 2018 • 17 min

Chinese at CanSecWest, Applebees POS, Palantir, Poisoning, TensorFlow DoD, Amazon laughing, Google 72-qbits, Amazon FinTech, Android P, and more…

115

Mar 6, 2018 • 12 min

GitHub DDoS, Celebrite Attacks, AI warnings, Palantir in New Orleans, Grub Backspace, 4G attacks, Space Corps, Amazon wins Defense Department deal, tech news, human news, discovery, notes, recommendation, aphorism, and more…

113

Feb 20, 2018 • 51 min

Parkland tampering, Avoid Huawei, Bongo S3, Facebook 2FA Spam, Android Cryptojacking, Spyware Hacking, Password Dating, Technology News, Human News, Trends, Ideas & Analysis, Data & Statistics, Discovery, Recommendations, Aphorism, and more…

112

Feb 12, 2018 • 22 min

Chinese AR glasses, Cisco ASA flaws, Russian Nuclear Cryptomining, Marine quadcopters, POS Skimmers, Chrome HTTP, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…

111

Feb 5, 2018 • 14 min

Olympic security drones, Alexa trickery, Chinese quantum satellite, Audio Adversary Examples, BeeToken Ethereum theft, App Store Security, Cryptomining, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…

109

Jan 22, 2018 • 14 min

Social engineering, breach impact, Chinese turncoat, Android spy kit, Hawaiian OPSEC, Russian cables, bypassing CloudFlare, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…

107

Jan 8, 2018 • 30 min

Meltdown & Spectre, India’s Database, Criminals and Monero, Equifax Non-action, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…

The Biggest Advantage in Machine Learning Will Come From Superior Coverage, Not Superior Analysis

Jan 3, 2018 • 8 min

Many people, in many fields, think Machine Learning won’t replace their analysts because their humans are better than an algorithm. But it’s not just about side-by-side comparisons. The bigger question is, “what percentage of the data can humans actually…

It’s Wrong to Fear-monger on IoT Security

Jan 3, 2018 • 5 min

How it’s shortsighted and irresponsible for InfoSec professionals to fear-monger on IoT Security, and what we should be saying instead.

106

Jan 3, 2018 • 28 min

Swatting death, Ethereum kidnap, Chinese dystopia, Alteryx S3 bucket, Starbucks Monero, Forever21, Microphone ads, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…

105

Dec 18, 2017 • 23 min

TRITON, 1.4 billion credentials, HP keyloggers, iTunes Bitcoin laundering, removing credit card signatures, technologgy news, human news, discovery, notes, recommendations, and the aphorism of the week…

104

Dec 12, 2017 • 25 min

NiceHash hacked, Apple bugs, Stealing Cars via Relay, Crypto Collusion, technologgy news, human news, discovery, notes, recommendations, and the aphorism of the week… Support the show.

103

Nov 27, 2017 • 28 min

Uber’s mess, Google tracking users, AI finding missiles, drone disclosure, net neutrality, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

102

Nov 20, 2017 • 26 min

Github security, China IW, Brexit IW, S3 again, Quad9 DNS security, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

101

Nov 13, 2017 • 35 min

Verizon’s DBIR Report, sleeping fingerprints, IoT legislation, S3 security tools, AI tricks scammers, SEALs kill Green Beret, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

100

Nov 6, 2017 • 23 min

Russian IW memes, POTUS Twitter, Texas Attack, Silence Trojan, NotPetya Damages, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

99

Oct 31, 2017 • 29 min

Information Warfare, AI vs. CAPTCHA, Google Bug Bug, DARPA Drone Swarms, USB Fail, Medical Extortion, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

InfoSec Needs to Embrace New Tech Instead of Ridiculing It

Oct 26, 2017 • 6 min

The InfoSec community needs to learn how to shepherd the public through new technology instead of joining them in fleeing from it. Support the show.

The Difference Between Violence and Terrorism

Oct 25, 2017 • 4 min

The ways that terrorism and violence are different, and why it’s important that we don’t confuse them. Support the show.

98

Oct 22, 2017 • 32 min

The Reaper botnet, Google Advanced Email Protection, Bitcoin Over $6,000, Duo’s $70 million, Dubai going to facial recognition, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

97

Oct 16, 2017 • 36 min

Major WPA2 Flaw, Suburu hack, Vulnerable Container Ships, F-35 Data Stolen, Accenture S3 Buckets, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

96

Oct 11, 2017 • 34 min

Russians vs. NSA, ArcSight vs. Russia, DISQUS breach, TrendMicro vulnerability, Stamos, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

95

Oct 2, 2017 • 11 min

IE leak, Whole Foods, Sonic, Apple Open-sources Kernels, Equifax $15 million retirement, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

94

Sep 25, 2017 • 33 min

Deloitte hacked, Equifax fumbles, SEC hacked, iCloud ransom, Adobe PGP facepalm, Verizon S3 buckets, CCleaner, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

93

Sep 18, 2017 • 42 min

Equifax fallout, BlueBorne, Microsoft RCE, iPhone X, Dumping AWS, Cassini, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

92

Sep 10, 2017 • 29 min

Equifax, Hutchins got Krebs’d, Russia used Facebook, Energy hacking, Anti-protester AI, High-pitched Assistant hacking, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

91

Sep 4, 2017 • 37 min

465K pacemaker patches, instagram leak, DJI bounty, Marketing departments messing up security news, false dichotomy in complex issues, IRS social media mining, death of the Sun, more fake Wells Fargo accounts, human echolocation, facial gestures as…

90

Aug 28, 2017 • 30 min

Swedish gov leak, OPM hacking arrest, cybersecurity spending $1T, Oreo, Whole Amazon Foods, intelligence genes, false dichotomy of conflicting ideas, OPSEC obscurity, discovery, aphorism, and more… Support the show.

89

Aug 20, 2017 • 35 min

Serious CANBUS issue, Cyber as a branch of the service?, iOS 11 Cop Mode, biometric wearables, Bill Joy battery, bitcoin forking again, ideas, discovery, aphorism, and more… Support the show.

88

Aug 15, 2017 • 22 min

Amazon Macie, APT28, Cuba sonic attacks, Palantir and police, DNA malware, confusing self-driving cars, ideas, discovery, aphorism, and more… Support the show.

85

Jul 10, 2017 • 26 min

The future of security testing, nuclear plant hacks, Android malware, satellite decryption, wildcard certs, military encryption, gsuite protections, WWE S3, tesla 3, jawbone, drone hacking, mental aging, millionare GPAs, discovery, recommendations, the…

83

Jun 27, 2017 • 26 min

Petya ransomware worm, RNC breach, Anthem settlement, Russians want source code, risk ratings, patching, ICOs, ideas, discovery, recommendation, aphorism, and more… Support the show.

82

Jun 12, 2017 • 19 min

Live from London, Gamestop hacked, PowerPoint malware, Chinese Apple Hack, XSS, WWDC summary, FDA approves cancer drug, heroin $51B, ideas, discovery, recommendation, aphorism, and more… Support the show.

81

Jun 4, 2017 • 27 min

OneLogin, Extortion, Coinbase, Pandemic, Booz, Mobile Apps, Electricity, AI voices, Sheets, Walmart, Karoshi, APIs, discovery, aphorisms, and more… Support the show.

Unsupervised Learning: No 79

May 23, 2017 • 32 min

WannaCry, Intel leaks, DocuSign phishing, cockpit codes, Delta facial recognition, China vs. CIA, WordPress bug bounty, Marines and drones, HPE R&D, Watts, graduates only making 40K, China’s DNA project, honeymoons vs. rings, Sherrif Eli, retirees…

78

May 14, 2017 • 30 min

The WannaCry ransomware worm, the president’s EO, Macron hacking, HP backdoors, laptop bans, Amazon releases, Chinese online commerce, CRISPR, Germany and renewable energy, beetles, dental health as social indicator, Reading superpowers, Net Neutrality,…

Unsupervised Learning: No.76

May 2, 2017 • 17 min

Verizon’s DBIR report, Chipotle (again), USAF bounty, NSA surveillance hampered, Android hacks, Taser and computer vision, Google fights fake news, Exercise types & mental skills, Perfect pitch recording, Lifecasting, RF X-Ray, discovered links, and more……

75

Apr 23, 2017 • 34 min

DoublePulsar in the wild, vigilante IoT worms, Bose listening headphones, PoS hacking sentence, Google ad blocking, best anti-aging exercises, unqualified Indian engineers, , discovered links, and more… Support the show.