May 21, 2022

Sort of interesting news from Ukraine on the cyber front. I missed this earlier, but there’s apparently a link between missile strikes on Odesa and simultaneous calls for Russian hackers to attack Odessa. An interesting signal of coordination, but clearly not really well thought out or developed.

Some day I’ll have to write up about the serious limitations of “patriotic hackers.” They get disproportional coverage and “respect” compared to how strategically ineffective they are. They’re typically not even a tactical benefit. Indeed, they are, a net negative for national cyber offensive capacity. Complex technical jobs with national ramifications should not be left to the whims of amateurs outside of a command hierarchy.

https://www.ukrinform.net/rubric-ato/3477610-russian-hackers-coordinated-latest-missile-strikes-on-odesa.html

-

A report on Russian information warfare

Lukasz Olejnik @lukOlejnik

Interesting analysis of Russian information operations in Ukraine war. The authors do not mention (unclear why) that it's a coherent war-mode information op/propaganda, and it includes communication input using state/diplomatic persons/accounts. mandiant.com/resources/info…

5:52 PM ∙ May 20, 2022

-

There’s still money in pwn2own. Congrats to the winners.

Zero Day Initiative @thezdi

With all of the points totaled, @starlabs_sg has been crowned Master of Pwn for #Pwn2Own Vancouver 2022! They wan $270,000 and 27 points during the contest.

1:25 AM ∙ May 21, 2022

---

-

Qiuhao Li @QiuhaoLi

We released the VM escape PoC and write-up of recursive MMIO in hypervisors. Thanks @dragosr and other staff for such a wonderful conference! github.com/QiuhaoLi/CVE-2… qiuhao.org/Matryoshka_Tra… #CanSecWest #CANSEC2022 #Pwn2Own

11:22 PM ∙ May 20, 2022

---

-

Persistence technique thanks to a dumb bug.

Jasper @jzvw

Interesting read at arxiv.org/abs/2205.06114 by @naehrdine et al on persistence in always-on chips. My main surprise is that the BLE firmware image is not signature checked by the BLE core. Signature verification is table stakes; I guess some engineering/$ trade-off took place.

5:26 AM ∙ May 21, 2022

---

-

Save time by skipping stupid tests.

👑 Alyssa Miller 🦄 (Speaking @WWHackinFest 5/5) @AlyssaM_InfoSec

PRO TIP: Tired of those KnowBe4 Phishing test emails your infosec team sends you all the time? Setup an Outlook rule to find "X-Phishtest" in the headers and put them in a separate folder. Yes I'm serious. I've got plenty more #infosec circumvention tips. 😈😈

👑 Alyssa Miller 🦄 (Speaking @WWHackinFest 5/5) @AlyssaM_InfoSec

PRO TIP: Want to defeat the screen timeout but your IT team blocked you from changing it? Run a power point slide show in Windowed mode and just minimize it out of the way. Works on both Mac and Windows. You're welcome. Hit me up for more #infosec circumvention tips. 😈😈

2:01 PM ∙ May 19, 2022

---

-

Some interesting history.

Christina E. Crawford 🇺🇦 @cecrawford_

I was curious about the architectural history of #AzovStal, so I pulled out this 1935 Soviet publication on industrial building. Azovstal (right) was begun around 1930, @ the end of the first Five-Year Plan (FFYP). It was modeled on the Gary, Indiana (USA) steel plant (left). 🧵

1:50 PM ∙ May 20, 2022

---

-

phil @PhilJamesson

i never should have gone back to school

5:26 PM ∙ Feb 18, 2022

---

-

Tony Finch @fanf

i don’t fancy debugging this

12:25 PM ∙ May 21, 2022

---

-

Jealous.

Katelyn Bowden @medus4_cdc

Found this at a garage sale for $5

1:22 PM ∙ May 20, 2022

---

-

Good analytic thread.

Dmitri Alperovitch @DAlperovitch

Interesting piece on how it wasn’t the NATO expansions of the 90s but US-led action against Iraq and in the Balkans that eventually drove US-Russia relationship off the cliff But here is what I think the author is missing… 🧵 https://t.co/Kmajq5mEna

War on the Rocks @WarOnTheRocks

Looking at how Russian leaders have reacted to U.S. actions around the world over the past 30 years clarifies the vexed question of whether NATO expansion prompted Russian aggression https://t.co/BObXiwgEWe

12:36 PM ∙ May 21, 2022

---

-

drewtoothpaste @drewtoothpaste

companies programmed us to refer to art, music, video, and writing as "content" to make it seem like it comes from the website and not from a person who had to think of it and make it

11:57 PM ∙ Aug 12, 2021

---