The Info Op

Share this post
May 21, 2022
grugq.substack.com

May 21, 2022

the grugq
May 21
Share this post
May 21, 2022
grugq.substack.com

Sort of interesting news from Ukraine on the cyber front. I missed this earlier, but there’s apparently a link between missile strikes on Odesa and simultaneous calls for Russian hackers to attack Odessa. An interesting signal of coordination, but clearly not really well thought out or developed.

Some day I’ll have to write up about the serious limitations of “patriotic hackers.” They get disproportional coverage and “respect” compared to how strategically ineffective they are. They’re typically not even a tactical benefit. Indeed, they are, a net negative for national cyber offensive capacity. Complex technical jobs with national ramifications should not be left to the whims of amateurs outside of a command hierarchy.

https://www.ukrinform.net/rubric-ato/3477610-russian-hackers-coordinated-latest-missile-strikes-on-odesa.html

-

A report on Russian information warfare

Twitter avatar for @lukOlejnikLukasz Olejnik @lukOlejnik
Interesting analysis of Russian information operations in Ukraine war. The authors do not mention (unclear why) that it's a coherent war-mode information op/propaganda, and it includes communication input using state/diplomatic persons/accounts.
mandiant.com/resources/info…
Image
Image

May 20th 2022

2 Likes

-

There’s still money in pwn2own. Congrats to the winners.

Twitter avatar for @thezdiZero Day Initiative @thezdi
With all of the points totaled, @starlabs_sg has been crowned Master of Pwn for #Pwn2Own Vancouver 2022! They wan $270,000 and 27 points during the contest.
Image

May 21st 2022

20 Retweets117 Likes

-

Twitter avatar for @QiuhaoLiQiuhao Li @QiuhaoLi
We released the VM escape PoC and write-up of recursive MMIO in hypervisors. Thanks @dragosr and other staff for such a wonderful conference!
github.com/QiuhaoLi/CVE-2… qiuhao.org/Matryoshka_Tra… #CanSecWest #CANSEC2022 #Pwn2Own

May 20th 2022

63 Retweets145 Likes

-

Persistence technique thanks to a dumb bug.

Twitter avatar for @jzvwJasper @jzvw
Interesting read at
arxiv.org/abs/2205.06114 by @naehrdine et al on persistence in always-on chips. My main surprise is that the BLE firmware image is not signature checked by the BLE core. Signature verification is table stakes; I guess some engineering/$ trade-off took place.

May 21st 2022

15 Retweets38 Likes

-

Save time by skipping stupid tests.

Twitter avatar for @AlyssaM_InfoSec👑 Alyssa Miller 🦄 (Speaking @WWHackinFest 5/5) @AlyssaM_InfoSec
PRO TIP: Tired of those KnowBe4 Phishing test emails your infosec team sends you all the time? Setup an Outlook rule to find "X-Phishtest" in the headers and put them in a separate folder. Yes I'm serious. I've got plenty more #infosec circumvention tips. 😈😈

👑 Alyssa Miller 🦄 (Speaking @WWHackinFest 5/5) @AlyssaM_InfoSec

PRO TIP: Want to defeat the screen timeout but your IT team blocked you from changing it? Run a power point slide show in Windowed mode and just minimize it out of the way. Works on both Mac and Windows. You're welcome. Hit me up for more #infosec circumvention tips. 😈😈

May 19th 2022

269 Retweets1,762 Likes

-

Some interesting history.

Twitter avatar for @cecrawford_Christina E. Crawford 🇺🇦 @cecrawford_
I was curious about the architectural history of #AzovStal, so I pulled out this 1935 Soviet publication on industrial building. Azovstal (right) was begun around 1930, @ the end of the first Five-Year Plan (FFYP). It was modeled on the Gary, Indiana (USA) steel plant (left). 🧵
Technical drawings of two steel plants from the 1930s: Gary, Indiana and Azovstal.

May 20th 2022

768 Retweets3,105 Likes

-

Twitter avatar for @PhilJamessonphil @PhilJamesson
i never should have gone back to school
Image

February 18th 2022

71,010 Retweets624,337 Likes

-

Twitter avatar for @fanfTony Finch @fanf
i don’t fancy debugging this
a backplane from the Z31 computer from 1962, thin wires in different colours strung densely in all directions across about 1m x 30cm

May 21st 2022

9 Retweets34 Likes

-

Jealous.

Twitter avatar for @medus4_cdcKatelyn Bowden @medus4_cdc
Found this at a garage sale for $5
Image

May 20th 2022

131 Retweets2,894 Likes

-

Good analytic thread.

Twitter avatar for @DAlperovitchDmitri Alperovitch @DAlperovitch
Interesting piece on how it wasn’t the NATO expansions of the 90s but US-led action against Iraq and in the Balkans that eventually drove US-Russia relationship off the cliff But here is what I think the author is missing… 🧵 https://t.co/Kmajq5mEna

War on the Rocks @WarOnTheRocks

Looking at how Russian leaders have reacted to U.S. actions around the world over the past 30 years clarifies the vexed question of whether NATO expansion prompted Russian aggression https://t.co/BObXiwgEWe

May 21st 2022

86 Retweets346 Likes

-

Twitter avatar for @drewtoothpastedrewtoothpaste @drewtoothpaste
companies programmed us to refer to art, music, video, and writing as "content" to make it seem like it comes from the website and not from a person who had to think of it and make it

August 12th 2021

538 Retweets2,263 Likes
Share this post
May 21, 2022
grugq.substack.com
Comments

Create your profile

0 subscriptions will be displayed on your profile (edit)

Skip for now

Only paid subscribers can comment on this post

Already a paid subscriber? Sign in

Check your email

For your security, we need to re-authenticate you.

Click the link we sent to , or click here to sign in.

TopNewCommunity

No posts

Ready for more?

© 2022 the grugq
Privacy ∙ Terms ∙ Collection notice
Publish on Substack Get the app
Substack is the home for great writing