UL NO. 449: China Hits US ISPs, NIST CSF 2.0, Russian Intel Attacks, Stagnant Companies... 1

UL NO. 449: China Hits US ISPs, NIST CSF 2.0, Russian Intel Attacks, Stagnant Companies... 2

SECURITY | AI | MEANING
:: Unsupervised Learning is a stream of original ideas, story analysis,
tooling, and mental models designed to
help humans lead successful and meaningful lives in a world full of
AI.

Continue reading online to avoid the email cutoff…

NOTES

Hey there!

Super happy that we’ve been adding
way more content to the podcast—including shorter clips that cover one particular idea. Here’s a
good example of a clip about hiring the best talent.
LISTEN TO THE CLIP
|
SUBSCRIBE ON APPLE
|
SUBSCRIBE ON SPOTIFY
|
SUBSCRIBE WITH YOUR CLIENT

—

This new keyboard I am using has
the sexiest keypress sound and feel I’ve ever experienced. It’s
called the Aula F75. I’ve had way more expensive keyboards (this
one’s only like $70), but none have sounded and felt this good. Looked
better? Maybe. But not felt better.
MORE
|
TYPING SOUND

—

I continue to be blown away by the idea of encapsulating what people think
the biggest problem in the world is, using
extract_primary_problem. It’s a really powerful way to see what
people prioritize—or perhaps should prioritize? That’s the point;
it’s just very illuminating.
USE THE PATTERN

echo "victor frankl’s work" | fabric -sp extract_primary_problem

“The lack of meaning in life leads to suffering and existential
despair.”

🤯

—

My keynote at SANS went really well! Almost 30 minutes of questions
afterwards! Was really fun seeing and talking to everyone. 🙏

—

I’m experimenting with some micro art/fiction on X.
EXAMPLE

—

Working on a ton of Flagship content right now.

Defining Human 3.0
A piece on Security / Asset Management / AI
How to Write Fiction Using AI
A number of others
Can’t wait to get these out!
(NOTE TO SELF: This is NOT a substitute for doing the work!)

—

The End of Work

My big, depressing, and optimistic theory for why it’s so hard to find and
keep a job that makes you happy

danielmiessler.com/p/real-problem-job-market

SECURITY

Chinese government-backed hackers have been infiltrating U.S. internet
service providers to spy on users, according to private security
researchers. The attacks are described as unusually aggressive and
sophisticated, targeting at least two major providers with millions of
customers, along with several smaller ones. MORE

Halliburton confirmed a cyberattack where intruders accessed and exfiltrated
data, with the ransomware group RansomHub claiming responsibility. I really
hope it’s financial vs. espionage-related.
MORE

Predator spyware is back with new features that make it even harder to
track. Its infrastructure has re-emerged in places like the Democratic
Republic of the Congo and Angola, and the latest updates further anonymize
its operations. MORE

The latest version of the NIST CSF, CSF 2.0, introduces “Govern” as a new
step and focuses on continuous improvement to adapt to emerging threats.
Complementing CSF is the Continuous Threat Exposure Management (CTEM)
framework, which enhances threat detection and mitigation by continuously
monitoring and assessing threats.
MORE

Sponsor

AI Risk Management Frameworks: The Guide for Cyber Pros

Navigating the complexities of AI risk management can be daunting. But
with Hyperproof’s comprehensive guide, you don’t have to go it alone. Our Guide to AI Risk Management
Frameworks is your go-to resource for mastering AI risk assessment and ensuring robust, responsible AI deployment.

🔍 What’s Inside?

Expert Insights: Dive into the latest frameworks shaping the future
of AI risk management.
Practical Strategies: Learn actionable techniques to identify,
assess, and mitigate AI risks.
Real-World Applications: Discover how leading organizations are
successfully managing AI risk.

Whether you’re a seasoned pro or just starting out, our guide equips you with the knowledge to tackle AI challenges
head-on. Stay ahead of the curve and lead your organization with
confidence.

hypreproof.io/guide-to-ai-risk-management-frameworks

Read Now

Maltese security researchers have been charged after discovering a flaw
in the FreeHour app and reporting it for a bounty. Unlike many countries
that protect good-faith researchers from prosecution, Malta lacks such
laws, leading to their arrest and upcoming trial next year. MORE

The U.S. Space Force is gearing up for potential conflicts in space with
countries like China and Russia. They’re focusing on developing capabilities
to protect American satellites and other space assets.
MORE

Sponsor

Your SOC’s New Best Teammate

The reality for most SOC teams? Too many alerts, not enough hands to
handle them all. It’s exhausting, and important threats can easily slip
through the cracks. Enter Dropzone AI
– the AI SOC analyst that works around the clock. It doesn’t just flag
alerts; it digs deeper, pulls in the context, and gives you a clear path forward. It’s like adding an extra set of expert eyes to your team, but without
the burnout. Want to see how it could make a difference for your SOC?

dropzone.ai/request-a-demo

Watch It Work

The U.S. is offering a $10 million reward for information on the Russian
hacking group Cadet Blizzard, linked to the GRU’s Unit 29155, which has
been particularly focused on disrupting aid to Ukraine. They’ve been using
tactics like deploying WhisperGate malware and exploiting vulnerabilities
in Atlassian Confluence, Dahua Security, and Sophos’ firewall. MORE

The NSA is launching a new podcast called “No Such Podcast,” where they’ll
share stories about past missions, starting with their role in the takedown
of Osama bin Laden. Love this.
MORE

Evidently, a lot of people use the “I forgot my password” feature as a de
facto login method. This is why it’s so important to think about system
design and incentives when building UIs.
MORE

A Starlink satellite dish was used on a US Navy ship for an illicit Wi-Fi
network named “Stinky,” which was used for streaming and civilian
communication. The Navy demoted the senior enlisted leader responsible for
being awesome.
MORE

Continue reading online to avoid the email cutoff…

AI / TECH

Apple released their September updates yesterday and they were decent. I am
definitely getting a new watch, but I’m not sure if it’ll be a Black Ultra 2
or a new Series 10. I’ll decide when I see them on the morning of the 20th
after camping. : ) I’m also getting the new Airpods 4 just because mine are
glitching right now and there’s a chance that the version of the Airpods 2
Pro features I currently have have been updated in the Airpods 4. And if
not, I’ll just return them and get a new pair of Pro 2’s. For the phone I’ll
probably do the darkest grey/black 16 pro (not the max). Which are you
getting?

Nvidia’s RTX 50-series GPUs, including the RTX 5080 and RTX 5090, are
expected to have their designs finalized this month, with a potential launch
in late 2024 or early 2025.
MORE

Nvidia’s AI GPUs are cheaper to rent in China than in the U.S., with small
Chinese providers offering 8-way Nvidia A100 servers at about $6 per hour
compared to $10 in the U.S. This price difference is largely due to a robust
resale market and smuggling, despite U.S. export restrictions.
MORE

Trump is launching a crypto project, but there are concerns that 70% of
tokens are being allocated to insiders—a figure Coindesk calls “unusually
high.”
MORE

Ilya Sutskever’s new AI startup, SSI Inc, has just raised a $1 billion seed
fund, basically, to build safe superintelligence. A lot of people are seeing
this as being paid to build safe ASI, but it’s really being paid to build
ASI, safely. Big difference.
MORE

Visa is set to launch a new account-to-account (A2A) payment service in
Europe, allowing users to make direct bank transfers without using credit
cards.
MORE

Engineers from Cornell and Florence University have developed a biohybrid
robot that uses electrical signals from a king trumpet mushroom to move and
sense its environment.
MORE

The 2024 Annual Work Trend Index from Microsoft and LinkedIn reveals a shift
in employer preferences, with 71% of leaders favoring candidates with AI
skills over those with industry experience. Despite this demand, only 25% of
companies plan to offer AI training, leaving many workers to upskill
independently. As AI continues to reshape the job market, professionals are
advised to adapt quickly by learning AI tools to stay competitive.
MORE

The Wall Street Journal is highlighting a trend where small startups are
increasingly influencing the U.S. economy. These much smaller companies are
leveraging technology and remote work to compete with larger firms.
MORE

💡I’ve been thinking about this for the last few weeks, but I was going to
state it more forcefully.

I think people are about to realize that most medium to large companies
have become ineffective.

They lack vision and focus, there’s too much bureaucracy, and they have
giant workforces that are hired for a worker-bee mentality, not for being
exceptional or innovative.

This is another part of The End of Work
I talked about recently, where much of the innovation in the world moves
away from big companies and towards individuals and dynamic
startups.

This is also what Marc Andreessen talked about in his conversation with Huberman.

Related to that (perhaps), Paul Graham’s latest piece called
Founder Mode looks at how bigger companies make the mistakes talked
about above, and how it’s better if you stay in a more innovation-focused
mindset. It’s a great read.
MORE

Oakland Police are using Tesla’s Sentry Mode footage to aid crime
investigations by towing the vehicles when owners can’t be found.
MORE

Waymo is tackling the skepticism around its autonomous vehicles by launching
a new safety hub filled with data and charts to prove their safety over
human drivers.
MORE

Joshua Austin’s “A Manifesto for Radical Simplicity” argues for a
streamlined approach to software delivery, ditching subjective metrics like
story points in favor of focusing on real dependencies and outcomes. He
emphasizes working on one task at a time, embracing change, and ensuring
that software enhances rather than restricts human agency.
MORE

Bluetooth 6.0 is here, and it’s all about precision and security. The
Bluetooth Special Interest Group (SIG) has introduced a feature called
Channel Sounding, which uses phase-based ranging to achieve centimeter-level
accuracy in tracking the distance between devices.
MORE

Akara Etteh’s phone was snatched in London, and despite tracking it with
Find My iPhone, he watched it travel around the city before ending up in
Shenzhen, China.
MORE

HUMANS

Chinese President Xi Jinping has pledged to create over one million jobs in
Africa, alongside $51 billion in financing for 30 infrastructure projects.
MORE

💡I can’t stand seeing Africa become an extension of China. But it’s pretty
hard for the West to even notice, given their history. The question is how
long we’ll let that guilt be an obstacle to opposing China there.

A whole bunch of right-wing influencers received millions from Russia in
return for promoting pro-Russian talking points. Hilarious to me since their
whole narrative is to be skeptical and discerning. Except when it comes to
obvious Russian propaganda.
MORE

💡Here’s another way to think about it, from a guy who did some intel stuff
in the Army.

Here are two probably unrelated phenomena.

1) We know for absolute certain
that Russia is trying to use its significant propaganda capabilities to
influence the right wing in the United States to be pro-Russia and
anti-Ukraine.

2) The right-wing in the United States is now almost completely
pro-Russia and anti-Ukraine.

Probably just a coincidence.

💡A brief political aside:

I already know I’m going to get hate mail about the point above because
I’m a “crazy liberal”. Then I post lots of other stuff about the Far Left
and their idiocy, and I get tons of comments about being “too far
right”.

I ask you to consider another possibility: I’m actively considering each position from first principles. I’m not perfect, and I can be wrong, but I put a LOT
of effort into having my own opinions that are not part of a tribe of
pre-approved options.

Perhaps the best way to sum me up right now is that I am Liberal in my
goals, and somewhat Conservative in my approach.

Meaning:

I want a planet full of lots of different colors and ethnicities of
people—all thriving together. A secular society that encourages any
religion but doesn’t allow any of them to infringe on government or the
ideals listed here. Gender identity and private sexual behavior between
consenting adults are all personal choices and nobody’s business.
Basically, the freedom for everyone to strive to be the best versions of
themselves that they can, and a society that sees that as simultaneously
a matter of personal responsibility but also helps those on that path.
So, free speech, the ability to offend people with difficult ideas, the
concept of meritocracy, the emphasis on personal responsibility,
etc.—but also the acknowledgment that some people and groups need help
getting to the point where their personal responsibility can take root
and help them thrive. And that it’s society’s responsibility to give
that to them. In other words, if everyone had the same opportunity, I’d
be fiercely all about the meritocracy. But not everyone has the same
opportunity, so that’s the role of society, and charity, and kindness—to
help them
get to the place where their hard work can benefit them.

I see the Far Right AND the Far Left as being in opposition to these
liberal ideals right now.

The Far Right because they want the wrong things. And the Far Left
because they are so confused about how the world works that they’re
causing more harm than good.

Anyway, that’s a short version of where I currently stand. Please refer to the above if you ever think I’m too left or right. : )
Also, consider making your own North Star paragraph like the above so you
can answer similar questions about your positions.

North Star + First Principles is far better than picking a tribe and
endorsing everything they say.

Sweden’s health authority has issued new guidelines advising that children
under two should have no screen time, while teenagers should be limited to
three hours a day. Seems like a good start to me.
MORE

A lot of people are starting to say (and supported by numerous studies) that
exercise could be the most potent medical intervention we know of.
MORE

David Brooks discusses Ted Gioia’s essay on the decline of American culture,
where art is overshadowed by entertainment, and now even entertainment is
being consumed by distraction from platforms like TikTok and Instagram.
MORE

A photographer is documenting the life and beauty of America’s last
old-growth forests, capturing the intricate ecosystems and the unique
species that call these ancient woodlands home.
MORE

The article explores the belief that there’s a place for everyone,
suggesting that every person has a unique purpose and value. It argues that
our diverse traits and experiences create countless niches in society, yet
many people struggle to find their fit due to globalization of attention,
lack of guidance, and the misconception that fitting in should be
effortless.
MORE

Marco Giancotti argues that with millions of books available, only a select
few—what he calls “Damned Good Books”—are truly life-changing. These are the
books that transform you, offering new perspectives or knowledge that sticks
with you and becomes part of your mental toolkit. He suggests being ruthless
in selecting and discarding books to maximize the number of these
transformative reads in your lifetime.
MORE

Phoenix just hit 100 consecutive days of 100-degree heat, smashing the
previous record of 76 days set in 1993.
MORE

DISCOVERY

llm.sh — This is a bash wrapper around Python’s
mlx_whisper designed to utilize the GPU on a Mac for audio
transcription.
MORE

hnterm — Lets you browse Hacker News right from your terminal.
MORE

DungeonDash — A command-line RPG where you dive into dungeons,
battle enemies, and collect loot to level up and become the ultimate hero.
Each dungeon offers unique challenges, from battling the Forest Guardian in
the Enchanted Forest to facing the Magma Lord in the Volcanic Lair.
MORE

The NSA’s “National Cryptographic School Television Catalogue” from 1991 has
surfaced, listing around 600 training videos on COMSEC and SIGINT.
MORE

IDEAS

ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ ⚙️
@DanielMiessler

Here’s an extraordinarily simple template you can use to orient your
life.

—

I believe one of the biggest issues in the world is $PROBLEM.

Which I am looking to solve using $STRATEGY.

That is why I am doing these $PROJECTS.

And I’m measuring my success using $METRICS.

5:07 PM • Sep 7, 2024

31 Likes
5 Retweets

4 Replies

ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ ⚙️
@DanielMiessler

The more I think about it, the more I think a major career for creators
going forward will be building entire realities for people to live
inside of.

So think post-AG/SI and post UBI, and where games are extraordinarily
immersive.

I think there will be a huge market for…
x.com/i/web/status/1…

8:13 PM • Sep 4, 2024

18 Likes
2 Retweets

6 Replies

RECOMMENDATION OF THE WEEK

I’ve been a bit obsessed with problem definition lately, so here’s my
recommendation for the week.

Get really good at articulating and prioritizing your problems.

Like, write them out in vast detail. Make yourself an expert in them. It
takes away their power, kind of like staring directly at anger when
meditating.

This also happens to be the key to brilliant AI prompting. It’s an extension
of know thyself.