A look at the cyber weapons used in the Ukraine war.
-
GRU Illegals program really fucking things up.
On 19 August 2005, “Maria Adela”’s lawyers submitted an extra document: a baptism certificate from the Cristo Liberador parish in Callao. According to the church document, baby Maria Adela was born on 1 September 1978, and was baptised two weeks later, on 14 September 1978.
…this church… was established in 1987, nine years after the supposed baptism of Maria Adela had taken place.
A Russian spy, who presented herself as a Peru-born jeweller with a chaotic personal life, sought to befriend NATO staff and figures who worked at the organisation’s Allied Joint Force Command in Italy over several years.
-
At an overcrowded refugee camp on the outskirts of a sleepy town in the rural Netherlands, I met with Mikhail Sokolov, a former FSB informant and staffer for the jailed opposition leader Alexei Navalny
-
-
@galois is pleased to announce that we've open-sourced MATE. MATE is a suite of interactive tools for finding vulnerabilities in C and C++ programs. For more details, check out the software release announcement here: galois.com/blog/2022/08/m…
Langston Barrett and Scott Moore
-
When working to hold countries to account for malicious cyber activity, cooperation is key. 🤝🔑 In episode #7 of 👋 #TobyIHaveAQuestion, @CISAJen and I discuss the importance of public attributions and their impacts on the cyber landscape.
-
Recently @FidgetingBits presented at @HacksInTaiwan on a 6 year old Linux kernel use-after-free vulnerability (CVE-2022-32250) which we exploited to gain reliable priv esc on Ubuntu 22.04. research.nccgroup.com/wp-content/upl… by @NCCGroupInfosec EDG @saidelike @FidgetingBits @alexjplaskett"
-
I've been using the .stabs directives in GNU as to put the symbols back into stripped binaries, I think it's a neat trick! I wrote an article about using it to debug old UNIX binaries in gdb!
-
when I was born I only weighed 5.4 lbs
now I weigh 145lbs
here’s the 7 secrets i used to grow an impressive 10.5% YoY for the last 33 years
👇
-
New: Ciphr, one of the few remaining and established companies in the encrypted phone industry which caters to criminals, has locked its resellers from signing up or renewing customers. Company has made dramatic changes; may distance from criminal users
-
Identity and authentication provider Okta said in a disclosure today that it is one of the companies impacted by the recent Twilio hack
Okta says a threat actor named Scatter Swine used its Twilio account to collect OTP codes sent to some phone numbers
sec.okta.com/scatterswine
-
6/ A 2nd lesson is that industrial scale war has re-emerged from the 20th history books to plague the 21st century. This is an unwelcome development for democratic nations which have eschewed large military institutions since the end of the last Cold War.
17/ Machines and tools do not win wars; humans do. This war has offered many lessons on the human ingenuity, teamwork and leadership that remains the key to deterring, and winning, wars. This should be a core observation for the Australian defence review.
-
-
Nice 30-year-old bug 🐛 I guess nobody ever fuzzed telnetd or they didn’t care to report this bug 🤷
2-byte DoS in freebsd-telnetd / netbsd-telnetd / netkit-telnetd / inetutils-telnetd / telnetd in Kerberos Version 5 Applications
pierrekim.github.io/blog/2022-08-2…
@0xdea @daveaitel honestly? back when I was fuzzing, implementing a kerberos state machine to attack a protocol that no worthwhile target will ever use would not have been at the top of my list 🤷🤷
-
I'm seeing some misinterpretations of the leaked Intellexa documents, here's how I read the 3 pages:
It's not the sale of a single iOS 0-day for €8M, it's the service of infecting up to 10 devices concurrently with either Android or iOS 1-click 0-days for a year. 1/6
-
🚨 Today we're excited to release Ghidrathon, a Ghidra extension that adds modern Python 3 scripting (including Python 3.10) to Ghidra!
Blog 👉 mandiant.com/resources/blog…
GitHub 👉 github.com/mandiant/Ghidr…
-
The increased affordability of drone technology + innovations like NFTs & Crypto have allowed the spirit of volunteerism to directly fund efforts to acquire weapons and arms. Read my latest with the stellar @andro_mathewson in @TheNatlInterest
-
-
Although I think google was honestly well-intentioned here, it’s a great example of how protecting against malware often turns into protection against user choice, because user choice is how users get malware.
See also: preventing iOS apps from outside the App Store.
Neeva @Neeva
-
-
-
