The Info Op

Share this post

March 21, 2023

grugq.substack.com

March 21, 2023

the grugq
Mar 21, 2023
7
Share
Share this post

March 21, 2023

grugq.substack.com

A very sad day. Kelly was a wonderful person who was always good to talk to. We met over a decade ago at Ekoparty, we had a great time. Over the years we spoke many times. I will miss her.

Twitter avatar for @SummerC0n
SummerCon @SummerC0n
It is with profound sadness that we mourn the loss of our friend and mentor, @aloria. Kelly had an indomitable spirit, and our world is a bit darker without her.
Image
1:25 AM ∙ Mar 21, 2023
775Likes241Retweets

-

This is a very interesting development. Detecting authorship is a very interesting problem.

Twitter avatar for @vagabondjack
Mike Conover @vagabondjack
GPT-4 is able to infer authorship from a passage of text based on style and content alone. Given the first four paragraphs of the March 13, 2023 @stratechery post on SVB, GPT-4 identified Ben Thompson as the author. stratechery.com/2023/the-death…
Image
2:59 PM ∙ Mar 19, 2023
345Likes68Retweets

-

Twitter avatar for @bert_hu_bert
Bert Hubert 🇺🇦 @bert_hu_bert
After a tip from @thegrugq (thanks!) I've added a review of _The Widow Spy_ to berthub.eu/articles/posts…. It is an intriguing little book from one of the pioneering female @CIA officers, describing her work in Laos and (mostly) Moscow. Recommended!
berthub.euUseful Spy Books - Bert Hubert’s writingsReading a good book is a great joy. And recommending a good book is almost as enjoyable. I’ve long been fascinated by books on espionage, and this contributed in no small part to me eventually joining the Dutch intelligence world. On this page you’ll find a collection of ‘Useful Spy Books’ that can…
7:12 PM ∙ Mar 20, 2023
34Likes9Retweets

-

Twitter avatar for @oneunderscore__
Ben Collins @oneunderscore__
Do you know how much fun you could have messing with people if you bought this decommissioned FBI spy van?
Image
Twitter avatar for @PhineasQDotcom
Chief Farmer Bruce Balloon @PhineasQDotcom
Anyone got 13 grand I can borrow real quick? https://t.co/8Nn4h9Y5uH
6:28 PM ∙ Mar 20, 2023
975Likes110Retweets

-

Twitter avatar for @binarly_io
BINARLY🔬 @binarly_io
🔥New blog: "The Untold Story Of The #BlackLotus UEFI Bootkit". 🔬Binarly REsearch discovered new interesting data points about the nature of the BlackLotus code. It appears it based on the Umap GitHub (2020) or coincidently arrived at the same ideas. binarly.io/posts/The_Unto…
Image
6:04 PM ∙ Mar 9, 2023
176Likes83Retweets

-

Twitter avatar for @dinodaizovi
Dino A. Dai Zovi @dinodaizovi
That one time I stayed up all night, found a new remote browser bug in OSX, wrote the exploit, and sent it over to win the first PWN2OWN in one night and had a million google hits for my name for a bit...
Twitter avatar for @todayininfosec
Today In Infosec @todayininfosec
2007: Dragos Ruiu announced the first Pwn2Own contest, which was held that April in Vancouver, Canada. In recent years it has been held twice per year. https://t.co/keuXB0uTmn https://t.co/hDu40hDB2m
3:03 AM ∙ Mar 21, 2023
46Likes3Retweets

-

Banning software that is a necessary part of every modern intelligence agency’s toolkit will produce either outlaw agencies or ineffective ones. Neither is desirable.

This story is being framed as the result of “mercenary spyware,” which I believe is a huge mistake. A lawful government agency conducted (what appears to be)

1
unethical surveillance. Framing this as a problem of the tools available to spy agencies is actually beneficial to the bad actors here. “Honest guv’, I’m innocent, it was the spyware what made me do it.”

Spy agencies have agency. They aren’t lured into spying by the devious come-hither looks of some software. The decision to conduct an operation targeting this person was made at the agency; and it was either lawful or it was not.

  1. If it was a lawful operation, then the problem is with the law that allows this to happen without sufficient oversight to prevent it.

  2. If it was an unlawful operation, then the problem is with the agency that allows this to happen without sufficient oversight to prevent it.

In either case the problem to be addressed is the system that enabled this to happen, and that system is not the software.

Twitter avatar for @shashj
Shashank Joshi @shashj
Greek intelligence looking extremely dodgy. “Two people with direct knowledge of the case said that Ms. Seaford had in fact been wiretapped by the Greek spy service from August 2021, the month before the spyware hack, and for several months into 2022.”
Twitter avatar for @spignal
Stanley Pignal @spignal
An American citizen and Meta (Facebook) employee was placed under a yearlong wiretap by Greek spooks. It wasn't just a few local politicians that authorities were keeping tabs on. https://t.co/PG41nRmNQY
9:42 AM ∙ Mar 21, 2023
34Likes10Retweets

-

Twitter avatar for @pourmecoffee
pourmecoffee @pourmecoffee
Congratulations, you just lost the element of surprise. Idiots.
Twitter avatar for @GuardianAus
Guardian Australia @GuardianAus
World’s biggest single eradication operation aims to remove mice from island https://t.co/2Gb2ioJQfP
2:15 AM ∙ Mar 21, 2023
121Likes11Retweets

-

Twitter avatar for @MatinaStevis
Matina Stevis-Gridneff @MatinaStevis
.@Meta Manager Was Hacked With Spyware, Wiretapped In Greece The full story of @ArtemisSeaford, the first known American national to be targeted with Predator in the EU while also being surveilled by the Greek national intelligence service.
nytimes.comMeta Manager Was Hacked With Spyware and Wiretapped in GreeceArtemis Seaford, a dual U.S.-Greek national, was targeted with a cyberespionage tool while also under a wiretap by the Greek spy agency in a case that shows the spread of illicit snooping in Europe.
2:58 PM ∙ Mar 20, 2023
183Likes143Retweets

-

Twitter avatar for @CSMFHT
Classical Studies Memes for Hellenistic Teens @CSMFHT
NO IT'S A TRAP! Remember what happened last time someone was asked this??
Image
8:35 AM ∙ Mar 20, 2023
104,181Likes10,069Retweets

-

Twitter avatar for @Sandbagger_01
Dr. Dan Lomas @Sandbagger_01
💬 "I've got a story to tell you, it's all about spies". Today, we're talking counterintelligence.
7:28 AM ∙ Mar 21, 2023
59Likes6Retweets

-

Twitter avatar for @vxunderground
vx-underground @vxunderground
Breached administrator Baph has stated the forums will not be returning. He stated in an update today he believes law enforcement has compromised the forum following the arrest of Pompompurin. Full statement:
9:54 AM ∙ Mar 21, 2023
212Likes42Retweets

-

Twitter avatar for @0xdea
raptor@infosec.exchange @0xdea
CVE-2023–26604: "[...] This presents a substantial security risk when running systemctl from Sudo, because #less executes as root when the terminal size is too small to show the complete systemctl output." medium.com/@zenmovieforno…
Image
8:36 AM ∙ Mar 21, 2023
38Likes9Retweets

-

Twitter avatar for @runasand
Runa Sandvik @runasand
If you’re not familiar with the spyware scandal unfolding in Greece, check out this podcast from @MacroPolis_gr.
macropolis.grPodcast - Greece’s surveillance scandal: Is anybody listening?Since the summer, a surveillance scandal has been gripping Greece. It emerged that the leader of Greece’s third party, PASOK, was being spied on by the country’s National Intelligence Service (EYP) but that there had also been an attempt to install spyware on his mobile phone.
10:58 AM ∙ Mar 21, 2023
9Likes4Retweets

-

Twitter avatar for @pkemkes
Phillip Kemkes @pkemkes
Important take-away from today's Between Two Nerds by @thegrugq and @tomatospy: As an attacker, vulnerabilities can be proven. As a defender, you can't prove something is not breachable. That's why defensive decisions in orgs are hard to justify. [10:19+]: open.spotify.com/episode/7xsogf…
10:43 AM ∙ Mar 21, 2023
7Likes3Retweets

-

Twitter avatar for @SpyCollection1
Spy Collection @SpyCollection1
New video: A 2010 presentation leaked from New Zealand's #SIGINT agency, the #GCSB. It's an update from the #Waihopai (codename #IRONSAND) spy station to the rest of the #5EYES partners: youtu.be/s1ZkLoj3zR8 #HISTINT #Espionage
youtu.beGCSB COMSAT Advisory Board (CAB) Update from April 2010The Government Communications Security Bureau (GCSB) is New Zealand’s primary Signals Intelligence (SIGINT) agency, part of the FIVE EYES alliance. This vide...
7:20 PM ∙ Mar 20, 2023
4Likes5Retweets

-

Twitter avatar for @RUSI_org
RUSI @RUSI_org
'We could be entering an era where IS and Al-Qa’ida are not much more than labels of convenience – evocative brand names that local extremists adhere to while deciding their strategies and tactics for themselves' writes @EFittonBrown. #RUSICommentary
rusi.orgOut of Africa: Financial Networks of Islamic State 2.0The killing of a prominent Islamic State financier in Somalia sheds light on the group’s transnational financial networks and shifting centre of gravity.
9:07 PM ∙ Mar 20, 2023
47Likes26Retweets

-

Twitter avatar for @0xdea
raptor@infosec.exchange @0xdea
Interesting concepts to improve #fuzzing of closed source software by calculating a "fuzzability score" with a #binaryninja plugin Excavating Fuzzable Targets Through Static Analysis with Binary Ninja codemuch.tech/2021/06/07/fuz… Code is here:
github.comGitHub - ex0dus-0x/fuzzable: Framework for Automating Fuzzable Target Discovery with Static Analysis. Featured at Black Hat Arsenal USA 202…Framework for Automating Fuzzable Target Discovery with Static Analysis. Featured at Black Hat Arsenal USA 2022. - GitHub - ex0dus-0x/fuzzable: Framework for Automating Fuzzable Target Discovery wi...
9:11 AM ∙ Mar 21, 2023
14Likes3Retweets

-

Twitter avatar for @0xdea
raptor@infosec.exchange @0xdea
Nice #hypervisor #vulnerability! #Parallels Desktop Toolgate Vulnerability (CVE-2023-27326) blog.impalabs.com/2303_advisory_… Full #exploit is here: github.com/Impalabs/CVE-2… // cc @alisaesage
Image
8:57 AM ∙ Mar 21, 2023
16Likes4Retweets

-

Twitter avatar for @0xdea
raptor@infosec.exchange @0xdea
Awesome #hardware #hacking work as usual by @raelizecom 👏 Espressif ESP32: #Glitching The OTP Data Transfer raelize.com/blog/espressif…
raelize.comEspressif ESP32: Glitching The OTP Data TransferRaelize company website!
8:22 AM ∙ Mar 21, 2023
2Likes1Retweet

-

Wonderful OPSEC on display here. James Craig arrested for poisoning his wife. He searched for “undetectable poison,” though to make sure it was secret he used a work computer. After hours. In the dark. While being watched by an office manager. Then:

James Craig texted that office manager to say he would soon receive a personal package in the mail and she should not open it, according to the affidavit. That package arrived on March 13 and had been opened by another employee. When the office manager looked inside, she saw “a biohazard sticker and what said ‘potassium cyanide’ on a circular canister,” the document reads. She sealed it back up and gave it to James Craig.

https://www.denver7.com/news/local-news/affidavit-aurora-dentist-researched-undetectable-poisons-purchased-arsenic-and-cyanide-before-wifes-death

1

Slight hedge in case there was a legitimate reason for the surveillance, which there doesn’t appear to be, but, like, still. Allegedly, etc.

7
Share
Share this post

March 21, 2023

grugq.substack.com
Previous
Next
Comments
Top
New
Community

No posts

Ready for more?

© 2023 the grugq
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing