Jan 6 2023

Jan 06, 2023

I’m gonna do a manual quote here to say that this is exactly the type of stuff we predicted, and especially with automation bias with people overtrusting model outputs. Police didn’t even check the height of the person they claimed did this, and neither was the person in Atlanta.
A black man wrongfully jailed for a week in Louisiana after face recognition error, report says. Lawyer says police didn't check man's height, weight or the mole on his face.
https://dair-community.social/@poppastring@dotnet.social/109634255362720798
https://dair-community.social/@timnitGebru/109634485377349541

https://peopleofcolorintech.com/articles/facial-recognition-tech-used-to-jail-black-man-for-louisiana-theft-hes-never-been-to-louisiana/

John Hultquist🌻 @JohnHultquist

Outstanding blog on a Turla (FSB) op in UA. Some of it may feel familiar to those of you who remember the Agent.BTZ/Operation Buckshot Yankee days. USB proliferation is back, but the twist here is they let someone else do the proliferating. 1/x

mandiant.comTurla: A Galaxy of Opportunity | MandiantA suspected Turla Team operation distributing a reconnaissance utility and malware to victims in Ukraine.

Dan Black @DanWBlack

Good article on Starlink's role in Ukraine and its comparative resilience to different forms of attack:

economist.comHow Elon Musk’s satellites have saved Ukraine and changed warfareAnd the worries about what comes next

Ryan Faircloth @RyanFaircloth

The House recreational marijuana bill is now online. Read here revisor.mn.gov/bills/text.php…

Ryan Faircloth @RyanFaircloth

Minnesota DFL lawmakers are holding a press conference on marijuana legalization. “I believe that 2023 is the year we will legalize adult-use cannabis in Minnesota,” said state Rep. Zack Stephenson, the bill’s author in the House. https://t.co/S91Y67Km1O

A nice paper on Ukraine drones.

https://www.kcl.ac.uk/drones-and-defence-innovation-in-ukraine-consolidating-wartime-ingenuity

This article from @lhn@mastodon.online on pig butchering scams is really good, and a great thing to send your friends and family. https://www.wired.com/story/what-is-pig-butchering-scam/

https://infosec.exchange/@hacks4pancakes/109638124006967163

@malwaretech Don't forget Kaspersky finding 20 expired C2s belonging to the the NSA and gaining access to a massive hacking campaign that had gone undetected for 14 years.
https://arstechnica.com/information-technology/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/
"Perhaps most costly to the attackers was their failure to renew some of the domains used by these servers. Out of the 300 or so domains used, about 20 were allowed to expire. Kaspersky quickly registered the domains and, over the past ten months, has used them to "sinkhole" the command channels, a process in which researchers monitor incoming connections from Equation Group-infected machines."

https://infosec.exchange/@dangoodin/109639202916246964

Frank Boldewin @r3c0nst

github.com/vitoplantamura… => „BugChecker is a SoftICE-like kernel and user mode debugger, supporting Windows versions from XP to 11, both x86 and x64)“ #SoftIce #Debugging #Oldschool

raptor @0xdea

Fuzzing the Shield: CVE-2022–24548 in Windows Defender // by @S2W_Official medium.com/s2wblog/fuzzin…

Matthijs R. Koot @mrkoot

NIST IR 8401: Satellite Ground Segment: Applying the Cybersec. Framework to Satellite Command & Control (Dec 2022) doi.org/10.6028/NIST.I… "The space cyber-ecosystem is an inherently risky, high-cost, & often inaccessible env. consisting of distinct yet interdependent segments."

Here's a couple very cool #vulnerability writeups by @SonarResearch@infosec.exchange that were published in 2022 ✊
Disclosing information with a side-channel in #Django

https://www.sonarsource.com/blog/disclosing-information-with-a-side-channel-in-django/

Path Traversal Vulnerabilities in #Icinga Web

https://www.sonarsource.com/blog/path-traversal-vulnerabilities-in-icinga-web/

https://infosec.exchange/@raptor/109641589815029639

The Info Op

Discussion about this post