November 6, 2022
New Lazerpig. The ad is probably the greatest ever made.
-
-
european students in the '70s: bruh i got an essay due tomorrow and i gotta kidnap the prime minister and bomb a bank by friday ๐ญ๐ญ๐ญ
-
Weekly analysis is out:
-๐ป๐ณ ops using hacked IoT
-๐ท๐บ crime ops in ๐บ๐ฆ๐ฌ๐ง
- 30๐ธ ops net $30 mil - inc via SWIFT
-๐ฎ๐ณ ops use stolen code signing certs
-๐ฐ๐ต ๐ฃ ops
plus:
- scanning for ๐จ๐ณ C2
- root cause from 100 DeFi hacks
- SPARK exploitation
bluepurple.substack.com/p/bluepurple-pโฆ
-
Interesting
Former NSA or Intel community? Come on back! We now have a vacancy listing to fast track former employees back in. Check it out.
apply.intelligencecareers.gov/job-descriptioโฆ
-
-
Juniper SSLVPN / JunOS RCE and Multiple Vulnerabilities ๐คฆ๐คฆโโ๏ธ๐คฆโโ๏ธ
// by @OctagonNetworks
octagon.net/blog/2022/10/2โฆ
-
-
A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain
-
To reinforce @shashj - I went through the history of negotiations in this piece. samf.substack.com/p/getting-to-nโฆ There was never an agreed deal and in his only public statement Johnson accepted that a deal might involve Ukraine abandoning idea of joining NATO.
Shashank Joshi @shashj
-
Crypto phones. Offensive cyber by states. A perspective. [NoScript, or Reader View to read]
In dit interview deel ik mijn onderzoek en inzichten naar de verzameling van inlichtingen door o.a. de politie in de cryptotelefoonzaken (EncroChat, Sky ECC, etc.): ftm.nl/artikelen/jan-โฆ -> Niet de politie en het OM stellen de grens over wat wel en niet mag, maar de wetgever.
-
CVE-2022-43995 is really something.
Sudo 1.8.0 through 1.9.12 contains an array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by local users with access to Sudo by entering a password of 7 chars or fewer.
github.com/sudo-project/sโฆ
-
-
Top officials tried to link protesters to an imaginary terrorist plot in an apparent effort to boost Trumpโs reelection odds, raising concerns now about the ability of a sitting president to co-opt billions of dollarsโ worth of domestic intelligence assets
-
check this story for the slides alone but also for quotes like this
"The greatest achievement to date of Project Merciless [โฆ] have come from successful penetration operations targeting vocal critics inside the FIFA organization."
swissinfo.ch/eng/business/-โฆ
-
Glibc heap exploitation: House of IO technique
Blog post by @Dooflin5
maxwelldulin.com/BlogPost/Houseโฆ
#glibc #heap #exploit #infosec #cybersecurity #learning
-
Prof Matt Qvortrup @drqvortrup is the worldโs leading authority on independence movements. Heโs subjected the SNPโs plans to ruthless analysis in his new book about how to create an indy nation. Thereโs good and bad news for the Yes movement. Iโll explain๐งตheraldscotland.com/politics/23104โฆ