April 27, 2022

Apr 27, 2022

Russia is leaking a report on a war game run by a Polish think tank with a retired General. Not very interesting in terms of impact, but interesting as an operation in broad terms.

Lukasz Olejnik @lukOlejnik

"Hackers associated with the Russian intelligence stole materials from the analysis of the possible course of a Russian attack on Poland. According to unofficial information they obtained this material by breaking into the e-mail of the former commander of the PL land army (?)"

What I really love about this research is that they used the ads they were served as a means to measure what information was collected. This allowed them to demonstrate that Amazon Echo was collecting voice data and sharing it with data brokers. How cool is that?

https://arxiv.org/abs/2204.10920

Wonderfully clear explanation of a well known issue.

Tinker 🔆 @TinkerSec

Physical Pentest Challenge: What is the pin code for this door? (I tried to take a good picture that minimized glare. Take a good close look first.) Note: I have validated it. So there is a correct answer.

The intelligence war has been far more impactful than cyber. It’s not fair.

Michael Weiss 🌻🇺🇸🇮🇪 @michaeldweiss

“The U.S. gave Ukrainian forces detailed intelligence about exactly when and where Russian missiles and bombs were intended to strike, prompting Ukraine to move air defenses and aircraft out of harm’s way, current and former U.S. officials told NBC News.” nbcnews.com/politics/natio…

Some forever-root “feature” in windows.

Will Dormann @wdormann

Yeah, so KrbRelayUp works quite swimmingly. All an attacker needs is the ability to run code on a domain-joined host, and the result is that you get SYSTEM on that machine.

Mor Davidovich @dec0ne

Introducing KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings). All credits go to @tiraniddo @cube0x0 @harmj0y, most of the code was taken from their tools. https://t.co/gyTmaITNin

Good news though:

Kevin Beaumont @GossiTheDog

This one has been declared no fix by the way, so free forever zero day in all default config Windows setups.

“The NSA is going beyond information-sharing to defend US companies against growing threats from Russia and China”

This sounds like maybe a big deal.

https://www.businessinsider.com/nsa-beyond-info-sharing-to-defend-firms-from-russia-china-2022-4

New Thinkst coverage of infosec talks.

Thinkst Canary @ThinkstCanary

Even with Omicron delaying some conferences, we tracked over 2000 new infosec talks in Q1. You can read our top picks - with commentary and overviews at thinkst.com/ts ¹ __ ¹ As usual, no paywall, no registration needed

Russian disinformation activity by diplomats.

Marcel Schliebs 🇺🇦 @m_schliebs

Since the beginning of the war, 🇷🇺diplomats have tweeted disinformation thousands of times. In my analysis for @AP @washingtonpost @ABC et al., I find that 300+ 🇷🇺diplomats have gained millions of engagements, and are inconsistently labeled by @Twitter /1. washingtonpost.com/politics/for-r…

Accidental CISO @AccidentalCISO

We don’t need the pay the ransom, we’ll just restore from the dump that the attackers release on patebin. https://t.co/Hm5I4fGkse

Accidental CISO @AccidentalCISO

@CisoHelen Don’t pay the ransom.

Vuln dev talk.

c3xp1r @c3xp1r

Recently gave a small talk on some insights of v8 chrome bug as well as POC development for NUS Security Wednesday. Was incredibly nervous but I managed to do it eventually. Here is the video recording. If there be any mistakes, feel free to DM me!

youtube.com[SecWed] 6 Apr 22 | A Case Study of an Incorrect “bitwise and” Optimization in V8This presentation is an introduction to developing a proof-of-concept for a Chrome V8 Turbofan vulnerability. In this session, we will take a look at an exam...

Now this is really cool work! Identifying micro scratches on gorilla glass to determine the PIN code

MaraJade @CyberQueenMara

@TinkerSec Cool write up and technique. How well can you identify 6 digit numbers? I used laser interferometry to identify micro scratches on the gorilla glass. I can identify swipe patterns on glass as well.

Here is a dose of cool old illustrations. 13th century Arabic illustrations from Marvels of Things Created and Miraculous Aspects of Things Existing which is such an awesome title.

https://www.openculture.com/2019/07/marvels-of-things-created-and-miraculous-aspects-of-things-existing.html

Great explanation of when AI is a good solution.

Rich Harang @rharang

WELL HELLO THERE I HAVE SOME OPINIONS! "Why the hell even use Deep Learning?" -- You Asked for a Sentence But You're Getting a Thread edition. 1/

Erick Galinkin @ErickGalinkin

In a sentence: What is AI good at?

Not sure what the point of this signaling is.

Rewards for Justice @RFJ_USA

REWARD! Up to $10M for information on 6 Russian GRU hackers. They targeted U.S. critical infrastructure with malicious cyber ops. Send us info on their activities via our Dark Web-based tips line at: …m65flqy6irivtflruqfc5ep7eiodiad.onion rfj.tips/d320b9

Mandiant report linking the SolarWinds hack to APT29.

https://www.mandiant.com/resources/unc2452-merged-into-apt29

Esports are chewing kids up and spitting them out. What strikes me as relevant is how they spend so much time immersed in gaming, and then all their off time with their coworkers. It.. er… kinda reminds me of infosec, tbh.

https://www.washingtonpost.com/video-games/esports/2022/04/19/esports-age-retirement/