July 29, 2022

Rob Lee @RALee85

"the agents and their handlers believed Ukraine was weak, which was 'a total misconception.' People the Kremlin counted on as its proxies in Ukraine overstated their influence in the years leading up to the invasion, said four of the sources" reuters.com/investigates/s…

3:24 PM ∙ Jul 28, 2022

---

Great read on the FSB’s crappy agents of influence network inside Ukraine.

https://www.reuters.com/investigates/special-report/ukraine-crisis-russia-saboteurs/

-

Bailey Bickley @bailey_bickley

. @thegrugq praising bureaucracy was not on my bingo card for this week, but I love it! Happy Friday

Patrick Gray @riskybusiness

This week's SRB podcast is up! @tomatospy and I talk about how the US DNI will monitor commercial spyware, why rooftop solar is critical infra and why the TSA sucks... also has a segment we're calling Between Two Nerds* *May contain traces of @thegrugq https://t.co/T2M1dKE4QA https://t.co/YPIyWaq0oF

11:29 AM ∙ Jul 29, 2022

---

-

The latest post in the Logistics series is out, Bret Devereaux is always worth a read.

https://acoup.blog/2022/07/29/collections-logistics-how-did-they-do-it-part-ii-foraging/

-

Lukasz Olejnik @lukOlejnik

And of course @ICRC calls for more direct explanation of how international humanitarian law (laws of war) apply to cyberattacks. New this year: also to information operations, and disinformation! Intriguing transition, no details provided. #uncyberoewg documents.unoda.org/wp-content/upl…

2:08 PM ∙ Jul 28, 2022

---

-

Weird Dall-E Mini Generations @weirddalle

12:30 PM ∙ Jul 28, 2022

---

-

Scott @IntelScott

OSINT-Tool / Skylight (osint-tool.com) from @VortimoTech Facilitates OSINT-related API calls around email addresses, domains, hashes, CIDRs, and cryptocurrency wallets

osint-tool.comVortimo OSINT ToolWeb site created using create-react-app

1:02 PM ∙ Jul 28, 2022

---

-

The Record by Recorded Future @TheRecord_Media

NEW: The Cybersecurity and Infrastructure Security Agency (@CISAgov) signed an agreement on Wednesday with its counterpart in #Ukraine to strengthen collaboration on shared #cybersecurity priorities - @daryna_antoniuk

therecord.mediaCISA signs agreement with Ukraine to expand cybersecurity cooperationThe Cybersecurity and Infrastructure Security Agency (CISA) signed an agreement with its Ukrainian counterpart to strengthen collaboration on cybersecurity.

5:20 PM ∙ Jul 28, 2022

---

-

“Alex” @mangopdf

11:08 AM ∙ Jul 28, 2022

---

-

Aric Toler @AricToler

The Russian MFA's defense from cyberattack allegations is that they've only cyberattacked a few countries, and not every country in the West.

MFA Russia 🇷🇺 @mfa_russia

#Antifake We have taken note of a new @SkyNews story on “Russian cyber spies targeting NATO countries.” The information provided in the UK journalists’ tall tales doesn’t stand up to a moment’s scrutiny. 👉 https://t.co/yi1vagyByT https://t.co/aaJwAJtycr

5:15 PM ∙ Jul 28, 2022

---

-

Rachel Tobac @RachelTobac

*hacking risk intensifies* @defcon

4:29 PM ∙ Jul 28, 2022

---

-

https://www.x86matthew.com/view_post?id=embed_exe_reg

-

Rewards for Justice @RFJ_USA

Do you work for Yevgeniy PRIGOZHIN and/or #InternetResearchAgency? Want to earn up to $10M? 💰 LET'S CHAT. Drop us a line on the Dark web at: …m65flqy6irivtflruqfc5ep7eiodiad.onion #RewardsForJustice #Elections

1:00 PM ∙ Jul 28, 2022

---

-

CyberScoop @CyberScoopNews

.@pancak3stack launched “Who’s Behind The Keyboard?” July 24, a @SubstackInc dedicated to #doxxing cybercriminals. Substack apparently suspended the newsletter today. @AJVicens reports on pancak3's efforts to expose criminal hackers & ransomware gangs.

cyberscoop.comOn security researcher’s newsletter, exposing cybercriminals behind ransomwareAn anonymous researcher shares detailed information on people allegedly involved with some of the most prominent cybercrime groups.

8:02 PM ∙ Jul 28, 2022

---

-

Crypto, dumb shit, hilarity!

thaddeus e. grugq 🌻 @thegrugq

The rise and fall and fall and fall of SPICE DAO https://t.co/o3QWuL0DJS

Dan Olson @FoldableHuman

To recap Spice DAO: A dude (Soby) made a bunch of crypto by selling a cryptopunk to an NFL player that the punk kinda resembled. Then he saw that a copy of Jodorowski's Dune (the production bible, not the movie) was up for auction.

5:06 AM ∙ Jul 29, 2022

---

-

crazy ass moments in american politics @ampol_moment

(1997)

9:42 PM ∙ Jul 27, 2022

---

-

Police to share the code of the ANOM secure messging app (to the defense counsel in Australia)

https://www.abc.net.au/news/2022-07-29/police-to-share-coding-of-an0m-app/101281212

-

𝚎𝚌𝚑𝚎𝚕𝚘𝚗 @echel0n_1881

Brainflow: More like BrainOverflow Here is my #BGGP3 entry ->

devilinside.meUNLEASH THE BEAST | THE FUTUREExpect memes, food for thoughts, tech guidelines and trash talk daily.

7:40 AM ∙ Jul 29, 2022

---

-

Paul Seekamp @nullenc0de

I am convinced that if OAuth is being used, it is configured incorrectly. In the past 4 pentests I have done. Only 1 got it correct. I strongly recommend doing the labs: portswigger.net/web-security/o… Also, installing:

github.comGitHub - PortSwigger/oauth-scan: Burp Suite Extension useful to verify OAUTHv2 and OpenID securityBurp Suite Extension useful to verify OAUTHv2 and OpenID security - GitHub - PortSwigger/oauth-scan: Burp Suite Extension useful to verify OAUTHv2 and OpenID security

6:57 PM ∙ Jul 27, 2022

---

-

Jacob Torrey @JacobTorrey

Last night I went down a hole looking into the #javascript engine in Adobe #PDF. Turns out that the #SOAP APIs don't require special security permissions (other than clicking Trust document) whereas the HTTP ones do. So I built a small SOAP chat room in a PDF (with ICQ skin)!

8:49 PM ∙ Jul 28, 2022

---