March 21, 2023

A very sad day. Kelly was a wonderful person who was always good to talk to. We met over a decade ago at Ekoparty, we had a great time. Over the years we spoke many times. I will miss her.

SummerCon @SummerC0n

It is with profound sadness that we mourn the loss of our friend and mentor, @aloria. Kelly had an indomitable spirit, and our world is a bit darker without her.

1:25 AM ∙ Mar 21, 2023

---

-

This is a very interesting development. Detecting authorship is a very interesting problem.

Mike Conover @vagabondjack

GPT-4 is able to infer authorship from a passage of text based on style and content alone. Given the first four paragraphs of the March 13, 2023 @stratechery post on SVB, GPT-4 identified Ben Thompson as the author. stratechery.com/2023/the-death…

2:59 PM ∙ Mar 19, 2023

---

-

Bert Hubert 🇺🇦 @bert_hu_bert

After a tip from @thegrugq (thanks!) I've added a review of _The Widow Spy_ to berthub.eu/articles/posts…. It is an intriguing little book from one of the pioneering female @CIA officers, describing her work in Laos and (mostly) Moscow. Recommended!

berthub.euUseful Spy Books - Bert Hubert’s writingsReading a good book is a great joy. And recommending a good book is almost as enjoyable. I’ve long been fascinated by books on espionage, and this contributed in no small part to me eventually joining the Dutch intelligence world. On this page you’ll find a collection of ‘Useful Spy Books’ that can…

7:12 PM ∙ Mar 20, 2023

---

-

Ben Collins @oneunderscore__

Do you know how much fun you could have messing with people if you bought this decommissioned FBI spy van?

Chief Farmer Bruce Balloon @PhineasQDotcom

Anyone got 13 grand I can borrow real quick? https://t.co/8Nn4h9Y5uH

6:28 PM ∙ Mar 20, 2023

---

-

BINARLY🔬 @binarly_io

🔥New blog: "The Untold Story Of The #BlackLotus UEFI Bootkit". 🔬Binarly REsearch discovered new interesting data points about the nature of the BlackLotus code. It appears it based on the Umap GitHub (2020) or coincidently arrived at the same ideas. binarly.io/posts/The_Unto…

6:04 PM ∙ Mar 9, 2023

---

-

Dino A. Dai Zovi @dinodaizovi

That one time I stayed up all night, found a new remote browser bug in OSX, wrote the exploit, and sent it over to win the first PWN2OWN in one night and had a million google hits for my name for a bit...

Today In Infosec @todayininfosec

2007: Dragos Ruiu announced the first Pwn2Own contest, which was held that April in Vancouver, Canada. In recent years it has been held twice per year. https://t.co/keuXB0uTmn https://t.co/hDu40hDB2m

3:03 AM ∙ Mar 21, 2023

---

-

Banning software that is a necessary part of every modern intelligence agency’s toolkit will produce either outlaw agencies or ineffective ones. Neither is desirable.

This story is being framed as the result of “mercenary spyware,” which I believe is a huge mistake. A lawful government agency conducted (what appears to be)¹ unethical surveillance. Framing this as a problem of the tools available to spy agencies is actually beneficial to the bad actors here. “Honest guv’, I’m innocent, it was the spyware what made me do it.”

Spy agencies have agency. They aren’t lured into spying by the devious come-hither looks of some software. The decision to conduct an operation targeting this person was made at the agency; and it was either lawful or it was not.

1. If it was a lawful operation, then the problem is with the law that allows this to happen without sufficient oversight to prevent it.

2. If it was an unlawful operation, then the problem is with the agency that allows this to happen without sufficient oversight to prevent it.

In either case the problem to be addressed is the system that enabled this to happen, and that system is not the software.

Shashank Joshi @shashj

Greek intelligence looking extremely dodgy. “Two people with direct knowledge of the case said that Ms. Seaford had in fact been wiretapped by the Greek spy service from August 2021, the month before the spyware hack, and for several months into 2022.”

Stanley Pignal @spignal

An American citizen and Meta (Facebook) employee was placed under a yearlong wiretap by Greek spooks. It wasn't just a few local politicians that authorities were keeping tabs on. https://t.co/PG41nRmNQY

9:42 AM ∙ Mar 21, 2023

---

-

pourmecoffee @pourmecoffee

Congratulations, you just lost the element of surprise. Idiots.

Guardian Australia @GuardianAus

World’s biggest single eradication operation aims to remove mice from island https://t.co/2Gb2ioJQfP

2:15 AM ∙ Mar 21, 2023

---

-

Matina Stevis-Gridneff @MatinaStevis

.@Meta Manager Was Hacked With Spyware, Wiretapped In Greece The full story of @ArtemisSeaford, the first known American national to be targeted with Predator in the EU while also being surveilled by the Greek national intelligence service.

nytimes.comMeta Manager Was Hacked With Spyware and Wiretapped in GreeceArtemis Seaford, a dual U.S.-Greek national, was targeted with a cyberespionage tool while also under a wiretap by the Greek spy agency in a case that shows the spread of illicit snooping in Europe.

2:58 PM ∙ Mar 20, 2023

---

-

Classical Studies Memes for Hellenistic Teens @CSMFHT

NO IT'S A TRAP! Remember what happened last time someone was asked this??

8:35 AM ∙ Mar 20, 2023

---

-

Dr. Dan Lomas @Sandbagger_01

💬 "I've got a story to tell you, it's all about spies". Today, we're talking counterintelligence.

7:28 AM ∙ Mar 21, 2023

---

-

vx-underground @vxunderground

Breached administrator Baph has stated the forums will not be returning. He stated in an update today he believes law enforcement has compromised the forum following the arrest of Pompompurin. Full statement:

9:54 AM ∙ Mar 21, 2023

---

-

raptor@infosec.exchange @0xdea

CVE-2023–26604: "[...] This presents a substantial security risk when running systemctl from Sudo, because #less executes as root when the terminal size is too small to show the complete systemctl output." medium.com/@zenmovieforno…

8:36 AM ∙ Mar 21, 2023

---

-

Runa Sandvik @runasand

If you’re not familiar with the spyware scandal unfolding in Greece, check out this podcast from @MacroPolis_gr.

macropolis.grPodcast - Greece’s surveillance scandal: Is anybody listening?Since the summer, a surveillance scandal has been gripping Greece. It emerged that the leader of Greece’s third party, PASOK, was being spied on by the country’s National Intelligence Service (EYP) but that there had also been an attempt to install spyware on his mobile phone.

10:58 AM ∙ Mar 21, 2023

---

-

Phillip Kemkes @pkemkes

Important take-away from today's Between Two Nerds by @thegrugq and @tomatospy: As an attacker, vulnerabilities can be proven. As a defender, you can't prove something is not breachable. That's why defensive decisions in orgs are hard to justify. [10:19+]: open.spotify.com/episode/7xsogf…

10:43 AM ∙ Mar 21, 2023

---

-

Spy Collection @SpyCollection1

New video: A 2010 presentation leaked from New Zealand's #SIGINT agency, the #GCSB. It's an update from the #Waihopai (codename #IRONSAND) spy station to the rest of the #5EYES partners: youtu.be/s1ZkLoj3zR8 #HISTINT #Espionage

youtu.beGCSB COMSAT Advisory Board (CAB) Update from April 2010The Government Communications Security Bureau (GCSB) is New Zealand’s primary Signals Intelligence (SIGINT) agency, part of the FIVE EYES alliance. This vide...

7:20 PM ∙ Mar 20, 2023

---

-

RUSI @RUSI_org

'We could be entering an era where IS and Al-Qa’ida are not much more than labels of convenience – evocative brand names that local extremists adhere to while deciding their strategies and tactics for themselves' writes @EFittonBrown. #RUSICommentary

rusi.orgOut of Africa: Financial Networks of Islamic State 2.0The killing of a prominent Islamic State financier in Somalia sheds light on the group’s transnational financial networks and shifting centre of gravity.

9:07 PM ∙ Mar 20, 2023

---

-

raptor@infosec.exchange @0xdea

Interesting concepts to improve #fuzzing of closed source software by calculating a "fuzzability score" with a #binaryninja plugin Excavating Fuzzable Targets Through Static Analysis with Binary Ninja codemuch.tech/2021/06/07/fuz… Code is here:

github.comGitHub - ex0dus-0x/fuzzable: Framework for Automating Fuzzable Target Discovery with Static Analysis. Featured at Black Hat Arsenal USA 202…Framework for Automating Fuzzable Target Discovery with Static Analysis. Featured at Black Hat Arsenal USA 2022. - GitHub - ex0dus-0x/fuzzable: Framework for Automating Fuzzable Target Discovery wi...

9:11 AM ∙ Mar 21, 2023

---

-

raptor@infosec.exchange @0xdea

Nice #hypervisor #vulnerability! #Parallels Desktop Toolgate Vulnerability (CVE-2023-27326) blog.impalabs.com/2303_advisory_… Full #exploit is here: github.com/Impalabs/CVE-2… // cc @alisaesage

8:57 AM ∙ Mar 21, 2023

---

-

raptor@infosec.exchange @0xdea

Awesome #hardware #hacking work as usual by @raelizecom 👏 Espressif ESP32: #Glitching The OTP Data Transfer raelize.com/blog/espressif…

raelize.comEspressif ESP32: Glitching The OTP Data TransferRaelize company website!

8:22 AM ∙ Mar 21, 2023

---

-

Wonderful OPSEC on display here. James Craig arrested for poisoning his wife. He searched for “undetectable poison,” though to make sure it was secret he used a work computer. After hours. In the dark. While being watched by an office manager. Then:

James Craig texted that office manager to say he would soon receive a personal package in the mail and she should not open it, according to the affidavit. That package arrived on March 13 and had been opened by another employee. When the office manager looked inside, she saw “a biohazard sticker and what said ‘potassium cyanide’ on a circular canister,” the document reads. She sealed it back up and gave it to James Craig.

https://www.denver7.com/news/local-news/affidavit-aurora-dentist-researched-undetectable-poisons-purchased-arsenic-and-cyanide-before-wifes-death

1

Slight hedge in case there was a legitimate reason for the surveillance, which there doesn’t appear to be, but, like, still. Allegedly, etc.