December 20, 2022

Dec 20, 2022

Jameson Lopp @lopp

This video of cops in Nevada searching a suspect and finding a seed phrase is pretty wild. Imagine having your seed phrase become part of public record due to it being captured by an officer's body camera!

-

Meagan Visage 🧅 @themeagan

@muntazer_zaidi happy belated!

-

POC for the new injection technique, abusing windows fork API to evade EDRs.

https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417

https://github.com/deepinstinct/Dirty-Vanity

https://infosec.exchange/@AstraKernel/109534451991446739

-

GreyNoise has released a "Year of Mass Exploits" retrospective report for 2022 highlighting four of the most significant vulnerabilities of the year.
The list includes the Log4Shell (CVE-2021-44228) vulnerability, targeted in nearly one million exploitation attempts within the first week after its discovery.

https://www.greynoise.io/blog/2022-a-look-back-on-a-year-of-mass-exploitation

https://mastodon.social/@serghei/109540859647672144

-

Kevin Collier @kevincollier

New Mandiant report today assesses with moderate confidence that the GRU directed the pro-Russian "hacktivist" DDoS attack on Mississippi's Secretary of State, keeping it offline most of election day. I expect this to be a huge concern come 2024.

mandiant.comInformation Operations Targeting 2022 U.S. Midterm Elections Include Trolling, Narratives Surrounding Specific Races, Politicians | MandiantMandiant identified information operations activity from various foreign state-aligned campaigns during the 2022 U.S. midterm elections.

-

NASA InSight @NASAInSight

My power’s really low, so this may be the last image I can send. Don’t worry about me though: my time here has been both productive and serene. If I can keep talking to my mission team, I will – but I’ll be signing off here soon. Thanks for staying with me.

Wide-angle photo from NASA’s InSight lander on Mars shows the area in front of the lander in the late afternoon sun. Two science instruments tethered to the lander rest on the sandy surface nearby. Part of the lander’s robotic arm is visible extending down from the top left. Distortion from the wide-angle lens bends the distant horizon into a curved shape, while low-angle sunlight causes a small bluish lens flare on the right side.

-

Cryogenic horror stories

https://bigthink.com/the-future/cryonics-horror-stories/

-

Rick Aaron @RickAaron

This holiday season I will be in good spirits as long as good spirits are in me.

-

Ciaran Martin @ciaranmartinoxf

"It is often impossible to work out exactly where private risk ends and public risk starts" - why Govts are getting increasingly involved in cyber security Pt 2 of my series of articles on the two data breaches in Australia is now available on Substack!

ciaranmartin.substack.comLessons from Down Under’s Data Disasters, Pt 2Many of the problems in cyber security are economic and social, not technical. And digitisation privatises public risk like never before. That’s why Governments are increasingly required to step in

-

badidea 🪐 @0xabad1dea

I swore I'd get this out before Twitter went up in a fireball. So here it is: THE MUSICAL STRUCTURE OF GEOMETRIC ELAMITE do you like mysterious undeciphered tablets? do you like maybe the literally oldest music in existence? boy do I have the PDF for you academia.edu/93268214/Music…

photo of the Geometric tablets with screenshots of musical sequences superimposed

-

0xor0ne @0xor0ne

Cool series about fuzzing and LibAFL (credits @epi052) 1: epi052.gitlab.io/notes-to-self/… 1.5: epi052.gitlab.io/notes-to-self/… 2: epi052.gitlab.io/notes-to-self/… 3: epi052.gitlab.io/notes-to-self/… 4: epi052.gitlab.io/notes-to-self/… 5: epi052.gitlab.io/notes-to-self/… #fuzzing #libafl #infosec #learning

-

Wizards guide to debugging

https://wizardzines.com/zines/debugging-guide/

-

Andrew Dwyer @DrAndrewDwyer

This is very much the strategy of the United States, clearly laid out. https://t.co/O1UWwuEzDB

profdeibert @RonDeibert

Remarkable how matter-of-fact offensive cyber operations have become. Normalizing fast. In this case, disruptions across borders to preempt a hypothetical action in the future U.S. targeted adversary cyber infrastructure to safeguard midterm vote https://t.co/ddnFXBgGpQ

profdeibert @RonDeibert

Remarkable how matter-of-fact offensive cyber operations have become. Normalizing fast. In this case, disruptions across borders to preempt a hypothetical action in the future U.S. targeted adversary cyber infrastructure to safeguard midterm vote

reuters.comU.S. targeted adversary cyber infrastructure to safeguard midterm voteThe U.S. military’s Cyber Command hunted down foreign adversaries overseas ahead of this year’s mid-term elections, taking down their infrastructure before they could strike, the head of U.S. Cyber Command said.

-

Discussion about this post

No posts

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts