The Info Op

Share this post

March 22, 2023

grugq.substack.com

March 22, 2023

the grugq
Mar 22, 2023
Share
Share this post

March 22, 2023

grugq.substack.com

Twitter avatar for @David3141593
David Buchanan @David3141593
holy FUCK. Windows Snipping Tool is vulnerable to Acropalypse too. An entirely unrelated codebase. The same exploit script works with minor changes (the pixel format is RGBA not RGB) Tested myself on Windows 11
Image
Twitter avatar for @ProgramMax
Chris Blume @ProgramMax
@ItsSimonTime @David3141593 I've got a fun one for you all to look at. I opened a 198 byte PNG with Microsoft's Snipping Tool, chose "Save As" to overwrite a different PNG file (no editing), and saves a 4,762 byte file with all that extra after the PNG IEND chunk. Sounds similar :D
4:54 PM ∙ Mar 21, 2023
7,307Likes2,007Retweets

-

Twitter avatar for @normcharlatan
Norm Charlatan @normcharlatan
Their lifelong dream of not getting bitten by a sloth had been ruined.
Image
11:52 AM ∙ Mar 16, 2023
13,838Likes1,011Retweets

-

The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

-

Twitter avatar for @USFWS
U.S. Fish and Wildlife Service @USFWS
A lot of y'all who said I couldn't fit this whole starfish in my mouth are real quiet these days.
A close-up view of a white and gray gull trying to swallow a large sea star.
2:58 PM ∙ Mar 21, 2023
35,828Likes4,466Retweets

-

Twitter avatar for @DethVeggie
Deth Veggie @DethVeggie
bbc.com/news/world-lat… "The explosive device looked like a USB drive. He plugged it into his computer and it detonated." Holy crap. That's a new attack vector. Just in case you needed another reason not to plug in strange/untrusted USB drives.
bbc.comJournalist opens USB letter bomb in newsroomEcuador’s government condemns the attack after journalists nationwide are targeted.
5:25 PM ∙ Mar 21, 2023
348Likes153Retweets

-

Twitter avatar for @tayvano_
Tay 🦊 💖 @tayvano_
I dont know if this is known or not but I can't find a single tweet linking them so I'm putting it out there: The Dec 2021 @BadgerDAO Hack and The Feb 2020 @iota Trinity Wallet Hack via @moonpay are *literally* identical. cc @Mandiant @DavidSonstebo @Cloudflare @hascj
2:08 PM ∙ Apr 18, 2022
112Likes23Retweets

-

Twitter avatar for @BEASTMODE
John H. Meyer 🚀 @BEASTMODE
This is crazy and absolutely surreal! I trained an AI on Steve Jobs’ voice… …and then connected it to the chatGPT API 🤯 …and finally, connected it all to Facebook Messenger to allow for 2-way voice conversations with Steve Jobs about anything! 🤖 Final product (sound… https://t.co/2tWPSK2Oks
12:35 AM ∙ Mar 20, 2023
6,520Likes1,363Retweets

-

Twitter avatar for @noahbarkin
Noah Barkin @noahbarkin
Deutsche Telekom reached a secret deal with Huawei to blunt the impact of US sanctions against the Chinese firm, according to @handelsblatt. Many parallels between the Nord Stream 2 fiasco and Berlin’s handling of the 5G question. Current government will need to rectify https://t.co/t0gJlEl4e3
Twitter avatar for @MoritzKoch78
Moritz Koch @MoritzKoch78
Exklusiv: Um US-Sanktionen auszuweichen, ließ die Deutsche Telekom offenbar Komponenten der Chinesen einlagern. Kritiker sehen eine „aktive Kollaboration“. @handelsblatt Sanktionspakt mit #Huawei: Wie die Telekom die US-Regierung überlisten wollte https://t.co/skU2F5FQNf
6:13 AM ∙ Mar 22, 2023
587Likes227Retweets

-

Twitter avatar for @0xdea
raptor@infosec.exchange @0xdea
Another entertaining #BinDiff and #exploit development adventure Producing a #PoC for CVE-2022-42475 (#Fortinet #RCE) // by @plopz0r
blog.scrt.chProducing a POC for CVE-2022-42475 (Fortinet RCE) – Sec Team Blog
11:28 AM ∙ Mar 22, 2023
8Likes2Retweets

-

Twitter avatar for @ChrisJBakke
Chris Bakke @ChrisJBakke
This is scary. ChatGPT has caught up with human intelligence. If you ask it to list 20 great things about Ohio, it struggles and just mentions "it's affordable."
Image
11:33 PM ∙ Mar 21, 2023
23,118Likes1,652Retweets

-

Twitter avatar for @killedbygoogle
Killed by Google @killedbygoogle
Bard thinks that Google will shut it down within the next one to two years. 😂 https://t.co/91vJXJlOqb
Prompt: how long will it take before google bard will be shut down? Reply: Google Bard is currently still under development, and there is no official announcement from Google regarding the shutdown of this project. However, based on my knowledge, it is likely that Google Bard will be shut down within the next 1-2 years. Google Bard was launched in February 2023, and it has been met with mixed reviews from users. Some users find it to be a helpful tool for generating creative text formats, while others find it to be unreliable and inaccurate. Google has cited the lack of adoption as the reason for the shutdown of Google Bard. This means that not enough users are using this tool to make it a viable project for Google.
10:45 PM ∙ Mar 21, 2023
1,126Likes210Retweets

-

Twitter avatar for @chompie1337
chompie @chompie1337
New blogpost by @FuzzySec and I! Patch Tuesday -> Exploit Wednesday: Pwning Windows afd.sys in 24 Hours. We reverse engineer a bug + write an exploit using a cool new primitive. We also find out that it's been exploited in the wild (previously unknown).
securityintelligence.comPatch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 HoursDive into the analysis and exploitation of a vulnerability in the Windows Ancillary Function Driver for Winsock for Local Privilege Escalation on Windows 11. More from X-Force Red experts.
5:22 PM ∙ Mar 21, 2023
499Likes189Retweets

-

Twitter avatar for @Sandbagger_01
Dr. Dan Lomas @Sandbagger_01
The IPCO "reviewed a sample of statements drafted by analysts at GCHQ to justify the selection for examination of content obtained through bulk interception. We found that 41% of the statements sampled failed to address either necessity or proportionality".
Image
7:21 AM ∙ Mar 22, 2023
7Likes6Retweets

-

Twitter avatar for @0xdea
raptor@infosec.exchange @0xdea
Outstanding work by @Doyensec as usual 👏 #Windows Installer EOP (CVE-2023-21800) blog.doyensec.com//2023/03/21/wi…
blog.doyensec.comWindows Installer EOP (CVE-2023-21800) · Doyensec’s BlogDoyensec’s Blog :: Doyensec is an independent security research and development company focused on vulnerability discovery and remediation.
8:43 AM ∙ Mar 22, 2023
7Likes2Retweets

-

Twitter avatar for @h2jazi
Jazi @h2jazi
This looks interesting! #APT: Приказ Минфина ДНР № 176. zip (Order of the Ministry of Finance of the DPR No. 176. zip) c7d979437e828156c6c0000b9fbbddeb 1de44e8da621cdeb62825d367693c75e The zip files contain an lnk and a decoy pdf file.
Image
Image
1:51 PM ∙ Sep 23, 2022
46Likes20Retweets
Twitter avatar for @Mao_Ware
Brian Bartholomew @Mao_Ware
@h2jazi seems to have first identified #BadMagic back in Sep 2022 which was just published by Kaspersky securelist.com/bad-magic-apt/…
Twitter avatar for @h2jazi
Jazi @h2jazi
This looks interesting! #APT: Приказ Минфина ДНР № 176. zip (Order of the Ministry of Finance of the DPR No. 176. zip) c7d979437e828156c6c0000b9fbbddeb 1de44e8da621cdeb62825d367693c75e The zip files contain an lnk and a decoy pdf file. https://t.co/9Oq3VdIBNC
6:08 PM ∙ Mar 21, 2023
Twitter avatar for @bzvr_
Leonid Bezvershenko @bzvr_
Magic is here! We have discovered a previously unknown #APT that has been attacking organizations in the area affected by the conflict between Russia and Ukraine. Observed victims were compromised with previously unknown implants that we dubbed #PowerMagic and #CommonMagic. [1/4]
Image
8:04 AM ∙ Mar 21, 2023
172Likes73Retweets
Twitter avatar for @h2jazi
Jazi @h2jazi
@fr0s7_ @bzvr_ Well me and my team did a comprehensive research on this but for some reasons (mainly because of attribution sensitivity) we have decided to hold it off from publishing.
3:03 PM ∙ Mar 21, 2023

-

If you wish to honor @aloria@infosec.exchange's memory, please donate to NARAL (https://prochoiceamerica.org), The Trevor Project (https://thetrevorproject.org), Envision Freedom Fund (https://envisionfreedom.org), and/or MrBallen Foundation (https://mrballen.foundation), charities which were meaningful to her.

https://infosec.exchange/@quine/110061983632610002

-

Source, eek ; https://www.ftc.gov/business-guidance/blog/2023/03/chatbots-deepfakes-voice-clones-ai-deception-sale

https://someone.elses.computer/@lilianedwards/110064056585611144

-

Forget A TikTok Ban, We Need To Regulate Data Brokers And Pass A Real Privacy Law https://www.techdirt.com/2023/03/21/forget-a-tiktok-ban-we-need-to-regulate-data-brokers-and-pass-a-real-privacy-law/

We’ve noted for a while now how the great TikTok moral panic of 2023 is largely a distraction. It’s a distraction from the fact we’ve refused to meaningfully regulate dodgy data b…

https://infosec.exchange/@nolsen311/110062974543638118

-

just read the Economic Report of the President, pp 237-272, the crypto chapter.

it uh is *strident*. as you'd expect just after a huge disaster.

it's a great chapter, very clear and readable, and crypto is extremely upset.

“This chapter primarily examines crypto assets, whose proponents have been relearning the lessons from previous financial crises the hard way.”

“The risks presented by crypto assets stem from excessive speculation, high leverage, run risk, environmental harm from crypto asset mining, and fraudulent activities that harm retail investors and corporations.”

“This raises the question of the role of regulation in protecting consumers, investors, and the rest of the financial system from panics, crashes, and fraud related to crypto assets.”

it reads like someone has been very pissed off for a while and this was their chance to say something

also quotes James Mickens, lol

https://www.whitehouse.gov/wp-content/uploads/2023/03/ERP-2023.pdf

https://circumstances.run/@davidgerard/110064266144671891

-

Share
Share this post

March 22, 2023

grugq.substack.com
Previous
Next
Comments
Top
New
Community

No posts

Ready for more?

© 2023 the grugq
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing