The Info Op

Share this post

March 24, 2023

grugq.substack.com

March 24, 2023

the grugq
Mar 24, 2023
3
Share
Share this post

March 24, 2023

grugq.substack.com

Twitter avatar for @moyix
Brendan Dolan-Gavitt @moyix
Two interesting security examples from the recently-released paper from MSR "Sparks of Artificial General Intelligence: Early experiments with GPT-4". It can solve a simple binary reversing challenge and do a port-scan + ssh bruteforce! arxiv.org/abs/2303.12712
Image
Image
Image
2:35 PM ∙ Mar 23, 2023
52Likes14Retweets

-

Twitter avatar for @stephenfewer
Stephen Fewer @stephenfewer
Our @rapid7 AttackerKB analysis of CVE-2023-27532 in Veeam Backup & Replication has been posted, detailing the vulnerability, plaintext credentials leak and remote code execution:
attackerkb.comCVE-2023-27532 | AttackerKBVeeam Backup & Replication is a data backup and replication solution. On March 7, 2023, Veeam published an advisory, along with patches, for https://nvd.nist.g…
2:21 PM ∙ Mar 23, 2023
49Likes21Retweets

-

Twitter avatar for @ShitpostGate
ShitpostGateway @ShitpostGate
Image
7:48 PM ∙ Mar 21, 2023
140,485Likes10,515Retweets
Twitter avatar for @Lol8ball
Cone @Lol8ball
This is just like how several advances in video encoding were made because anime fansubbers were competing with eachother.
Twitter avatar for @ShitpostGate
ShitpostGateway @ShitpostGate
https://t.co/LlHNLEmAwT
11:32 AM ∙ Mar 22, 2023
2,129Likes522Retweets

-

Twitter avatar for @vxunderground
vx-underground @vxunderground
Do Kwon, the co-founder and CEO of singapore-based Terraform labs, has been apprehended by authorities in Montenegro Do Kwon was wanted by Interpol for his role in the $40 billion collapse of the Terra Luna ecosystem during May 2022. More info:
Twitter avatar for @filip_adzic
Filip Adzic @filip_adzic
U PODGORICI UHAPŠEN JEDAN OD NAJTRAŽENIJIH SVJETSKIH BJEGUNACA Crnogrska policija lišila je slobode lice za koje se sumnja da je jedan od najtraženijih bjegunaca, južnokorejski državljanin Do Kwon, suosnivač i izvršni direktor Terraform Labs sa sjedištem u Singapuru. 1/2
2:09 PM ∙ Mar 23, 2023
110Likes24Retweets

-

Twitter avatar for @LabsSentinel
SentinelLabs @LabsSentinel
New Research -- "Tainted Love" APT Operation ✴️Targeting Middle East telecom. ✴️ Likely connected to a Chinese groups in the nexus of Gallium and APT41. Full Report: sentinelone.com/labs/operation… By @milenkowski @juanandres_gs @JoeyChen @QTrust
sentinelone.comOperation Tainted Love | Chinese APTs Target Telcos in New AttacksCyber espionage actor deploys custom credential theft malware in new campaign targeting the telecoms sector.
2:27 PM ∙ Mar 23, 2023
23Likes13Retweets

-

-

HowTo deepfake

One Useful Thing
A quick and sobering guide to cloning yourself
I think a lot of people do not realize how rapidly the multiple strands of generative AI (audio, text, images, and video) are advancing, and what that means for the future. With just a photograph and 60 seconds of audio, you can now create a deepfake of yourself in just a matter of minutes by combining a few cheap AI tools. I've tried it myself, and the …
Read more
4 months ago · 81 likes · 24 comments · Ethan Mollick

-

Twitter avatar for @julianor
Juliano Rizzo @julianor
1/ 🧵Access to valuable resources, like a significant number of @Cloudflare global API keys or password manager infrastructure, allows devastating hacks. However, attackers often seek plausible deniability instead of going on a hacking spree. Let's discuss why.
1:08 PM ∙ Mar 23, 2023
10Likes6Retweets

-

Twitter avatar for @SpyCollection1
Spy Collection @SpyCollection1
Excellent analysis on the (reportedly) #CIA hardware implant (bug) discovered in #Germany in 2018 to spy on a #WikiLeaks activist. Also used to spy on Julian Assange. It was installed in a #CryptoPhone IP19. cryptomuseum.com/crypto/gsmk/ip… #Tradecraft #BlackBagOp
cryptomuseum.comImplant
5:51 AM ∙ Mar 24, 2023
10Likes4Retweets
Twitter avatar for @electrospaces
Electrospaces @electrospaces
Interesting analysis by the @cryptomuseum of the sophisticated #bug that was found inside the CryptoPhone that was used by Andy Müller-Maguhn: cryptomuseum.com/crypto/gsmk/ip…
Image
3:55 PM ∙ Mar 23, 2023
32Likes20Retweets

https://media.ccc.de/v/rc3-11512-cia_vs_wikileaks

-

Twitter avatar for @HackingLZ
Justin Elze @HackingLZ
ChatGPT and all the other AI tech can’t be that bad if you’re using this simple test
Image
12:36 PM ∙ Mar 23, 2023
398Likes98Retweets

-

Twitter avatar for @Suhail
Suhail @Suhail
Buried on page 15 in a footnote: Have fun, Internet.
Image
11:00 PM ∙ Mar 20, 2023
2,513Likes189Retweets

-

Twitter avatar for @nemesis_pkg
nemesis @nemesis_pkg
“This week, we discovered that GitHub.com’s RSA SSH private key was briefly exposed in a public GitHub repository.” Well then… github.blog/2023-03-23-we-…
Eat Pedro Pascal GIF by Liseberg
6:29 AM ∙ Mar 24, 2023
135Likes44Retweets

-

Twitter avatar for @TecR0c
Rocco Calvi @TecR0c
🚨 Just disclosed CVE-2023-28760: a critical RCE vulnerability in TP-Link AX1800 Wi-Fi 6 Routers! Update your firmware ASAP! 🔗 Blog post: tecsecurity.io/blog/tp-link_a… 🔗 Exploit code: github.com/TecR0c/exploit…
github.comexploits/CVE-2023-28760.py at main · TecR0c/exploitsContribute to TecR0c/exploits development by creating an account on GitHub.
5:09 AM ∙ Mar 24, 2023
54Likes27Retweets

-

Twitter avatar for @AndrewMohawk
AndrewMohawkᴵ'ᵐ ᶠᶦⁿᵉ ᵗʰᵃⁿᵏˢ, ᴬⁿᵈʳᵉʷˀ @AndrewMohawk
TL;DR Any valid users on your @Cloudflare tenant have an API key that has the same perms, this key is automatically created for every account, if you think anyone has been phished/compromised at any time you need *them* to specifically change this key at dash.cloudflare.com/profile/api-to…
Twitter avatar for @tayvano_
Tay 🦊 💖 @tayvano_
🚨 If you're using Cloudflare for your web3 product, stop what you're doing right now. You NEED to: 1. Rotate the Global API Key for all your accounts 2. Remove all accounts added to your Cloudflare unless you rotated their Global API Key in step 1 https://t.co/z913LMCc85
4:53 AM ∙ Mar 24, 2023
12Likes7Retweets

-

You have to watch this video…

Twitter avatar for @vxunderground
vx-underground @vxunderground
RT @_BradleyVX: In 2010, Norton Antivirus released a series of commercials, one of which featured 80's metal band Dokken. In the commercial…
8:38 AM ∙ Mar 24, 2023

-

Twitter avatar for @0xdea
raptor@infosec.exchange @0xdea
This new multi-arch #assembly REPL and emulator by @netspooky is awesome 💚 github.com/netspooky/scare
Image
11:38 AM ∙ Mar 24, 2023
8Likes2Retweets
3
Share
Share this post

March 24, 2023

grugq.substack.com
Previous
Next
Comments
Top
New
Community

No posts

Ready for more?

© 2023 the grugq
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing