The Info Op

Share this post

The Info Op
The Info Op
Feb 2, 2023
Copy link
Facebook
Email
Notes
More

Feb 2, 2023

the grugq
Feb 02, 2023
5

Share this post

The Info Op
The Info Op
Feb 2, 2023
Copy link
Facebook
Email
Notes
More
Share

Wondering how, exactly, your phone is tracked at all times, with locations made available to law enforcement? This video tutorial from a creepy surveillance company is a great explainer:

https://standard.zetx.com/

https://defcon.social/@tprophet/109788222917825915

-

The 5×5—China’s cyber operations - Atlantic Council

https://www.atlanticcouncil.org/content-series/the-5x5/the-5x5-chinas-cyber-operations/

-

-

Twitter avatar for @emollick
Ethan Mollick @emollick
This paper shows that learning about how your firm works is equivalent to gaining Lovecraftian Secret Knowledge. Promising managers asked to do process redesign at their firm learn how messed up it all is, so they give up rising careers & become hermits at the edges of the firm
Image
Image
4:48 PM ∙ Aug 12, 2020
1,225Likes378Retweets
Twitter avatar for @emollick
Ethan Mollick @emollick
What causes people to make a sanity check is when they learn that the features of their organization are not, in fact, part of a Grand Plan, but rather socially constructed, random, & in flux. The highlighted quote says it all. Official link (paywalled): pubsonline.informs.org/doi/abs/10.128…
Image
8:09 PM ∙ Aug 12, 2020
439Likes100Retweets

Summary of the paper here

https://hbr.org/2019/12/can-you-know-too-much-about-your-organization

-

The curse of the corporate headshot

Do an image search for the word “business” or “manager”, and what comes back? Nothing that remotely resembles business or managers. It isn’t just that the people are attractive. It is what they are doing. Many stock photos feature well-dressed types sitting around a table. One of them is holding forth and everyone else is laughing madly, like cult members hearing that the Rapture has been brought forward a week.

https://www.economist.com/business/2023/01/26/the-curse-of-the-corporate-headshot

-

Twitter avatar for @Marlebean
Marl @Marlebean
Me: "One time I farted so long, I was surprised that my butt didn't have to stop and catch its breath." Interviewer: " ... and a weakness?"
2:42 PM ∙ Apr 30, 2018
2,646Likes1,148Retweets

-

Twitter avatar for @AShukuhi
Azim Khodjibaev @AShukuhi
a Royal ransomware threat actor named Baddie recently offered to buy any and all corporate network access on Exploit forum. Baddie claims to "be looking for professionals with their own access for his Royal ransomware program" He claims Royal is the "best toy out there"
Image
2:39 AM ∙ Feb 2, 2023
62Likes22Retweets

-

Twitter avatar for @QuinnyPig
Corey Quinn / @quinnypig@awscommunity.social @QuinnyPig
Sure, but how many of those affirmatively log into Facebook vs. “interacting with a Facebook tracking pixel somewhere on the web?”
Twitter avatar for @Techmeme
Techmeme @Techmeme
Meta says Facebook now has 2B daily active users, after adding 16M users in Q4; WhatsApp reached 2B+ daily active users in October 2022 (@karissabe / Engadget) https://t.co/5mCXByBcoL https://t.co/XVcs9x7hpp
4:51 AM ∙ Feb 2, 2023
103Likes9Retweets

-

Twitter avatar for @0xMatt
Bat Linton 🦇 @0xMatt
Proud to release my newest AI Chatbot, "ChatPhD". Its only responses are "Well, that depends" and "Have you considered bringing this to the other departments?"
10:47 PM ∙ Feb 1, 2023
73Likes20Retweets

-

Twitter avatar for @GrapheneOS
GrapheneOS | @GrapheneOS@grapheneos.social @GrapheneOS
On Android, verified boot won't detect malicious updates to APK-based components. An attacker can do privileged persistence via fake APK-based component updates after exploiting the OS. They can't do this for APEX components but many APK-based components are quite privileged too.
3:41 AM ∙ Feb 2, 2023
13Likes1Retweet
Twitter avatar for @GrapheneOS
GrapheneOS | @GrapheneOS@grapheneos.social @GrapheneOS
Our next release comes with massive improvements to verified boot addressing all of the issues we know about. It parses packages each boot instead of using a cache which adds less than a second to boot time and performs proper full verification of the signatures and versions.
3:45 AM ∙ Feb 2, 2023
14Likes1Retweet

-

Ronin 2.0.0 release

What is Ronin?

Ronin is a free and Open Source Ruby toolkit for security research and development. Ronin contains many different CLI commands and Ruby libraries for a variety of security tasks, such as encoding/decoding data, filter IPs/hosts/URLs, querying ASNs, querying DNS, HTTP, scanning for web vulnerabilities, spidering websites, install 3rd party repositories of exploitsand/or payloads, run exploits, write new exploits, managing local databases,fuzzing data, and much more.

https://ronin-rb.dev/blog/2023/02/01/ronin-2-0-0-finally-released.html

-

Exposed by an amusing OPSEC fail. Early in the DPRK work day, the threat actor connected directly from a DPRK IP address. OOPSEC.

Twitter avatar for @mikko
@mikko @mikko
New report from us: ”No Pineapple”. We asses that this attack campaign is coming the 3rd Bureau of North Korean People’s Army. We believe North Korea used this attack for technological and commercial espionage.
labs.withsecure.comNo Pineapple! –DPRK Targeting of Medical Research and Technology SectorDuring Q4 2022, WithSecure™ detected and responded to a cyber attack conducted by a threat actor that WithSecure™ have attributed with high confidence to an intrusion set referred to as Lazarus Group. Attribution with high confidence was based off of overlapping techniques tactics and procedures as…
9:55 AM ∙ Feb 2, 2023
33Likes16Retweets

-

5

Share this post

The Info Op
The Info Op
Feb 2, 2023
Copy link
Facebook
Email
Notes
More
Share

Discussion about this post

No posts

Ready for more?

© 2025 the grugq
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More