October 26 2022

SEKTOR7 Institute @SEKTOR7net

A primer to EDR evasion for Red Teamers, by Jorge Gimenez & Karsten Nohl. Main takeaway: "EDRs are mostly Cobalt Strike detecting tools [these days]" 😆 youtube.com/watch?v=CKfjLn…

youtube.com#HITB2022SIN EDR Evasion Primer For Red Teamers - Jorge Gimenez & Karsten NohlEDRs are everywhere, but relatively little is known about how the tools work and how to effectively circumvent them. We are effectively trusting black boxes ...

12:34 PM ∙ Oct 25, 2022

---

-

How to detect an online approach by Russian intelligence

https://www.dgsi.interieur.gouv.fr/la-dgsi-a-vos-cotes/contre-espionnage/sinformer/espionnage-et-petites-annonces-sur-internet

-

Shutterstock will start selling AI-generated stock imagery with help from OpenAI

https://www.theverge.com/2022/10/25/23422359/shutterstock-ai-generated-art-openai-dall-e-partnership-contributors-fund-reimbursement

-

**Stranger Strings: An exploitable flaw in SQLite**

https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/

Trail of Bits @trailofbits

Earlier this year, one of our interns found a vulnerability that affects applications using the SQLite library API. We are publicly disclosing that vuln today.

blog.trailofbits.comStranger Strings: An exploitable flaw in SQLiteBy Andreas Kellas Trail of Bits is publicly disclosing CVE-2022-35737, which affects applications that use the SQLite library API. CVE-2022-35737 was introduced in SQLite version 1.0.12 (released o…

11:30 AM ∙ Oct 25, 2022

---

-

The Bulwark @BulwarkOnline

"No astute Greek would have any problem identifying the events of January 6 as a step in the path by which self-government falls into tyranny." @BretDevereaux from the archives:

thebulwark.comAncient Insurrections—and OursWould-be tyrants keep trying until they succeed.

3:30 PM ∙ Oct 25, 2022

---

-

Electrospaces @electrospaces

Many more books about Signals Intelligence, the #NSA and the #Snowden revelations can be found here:

electrospaces.net<hr style=“height:1px;border-width:0;color:gray;background-color:gray;”>BooksThe most interesting books about the NSA, the Snowden Revelations, Signals Intelligence and related topics

6:43 PM ∙ Oct 25, 2022

---

-

BleepingComputer @BleepinComputer

Ukrainian charged for operating Raccoon Stealer malware service - @serghei

bleepingcomputer.comUkrainian charged for operating Raccoon Stealer malware service26-year-old Ukrainian national Mark Sokolovsky has been charged for his involvement in the Raccoon Stealer malware-as-a-service (MaaS) cybercrime operation.

7:02 PM ∙ Oct 25, 2022

---

Colin Cowie👨🏼‍💻 @th3_protoCOL

justice.gov/usao-wdtx/page… USA v. Mark Sokolovsky; aka Photix aka racoonstealer aka b1ack21jack7777 Originally filed on November 2nd 2021

5:53 PM ∙ Oct 25, 2022

---

-

Matt Levine @matt_levine

what is crypto

bloomberg.comBloomberg - Are you a robot?

10:26 AM ∙ Oct 25, 2022

---

-

Andy Greenberg’s new book is on the AlphaBay darknet market and how it was rolled up. Excerpts are ruining in WIRED.

https://www.wired.com/story/alphabay-series-part-1-the-shadow/

-

Source Incite @sourceincite

Eat What You Kill :: Pre-authenticated Remote Code Execution in VMWare NSX Manager: srcincite.io/blog/2022/10/2…. This post was presented by past #FSWA student @SinSinology and meme courtesy of @lystena :)

11:44 PM ∙ Oct 25, 2022

---

-

OffensiveVNA

This repo covers some code execution and AV Evasion methods for Macros in Office documents

https://github.com/S3cur3Th1sSh1t/OffensiveVBA

-

Tyler Rogoway @Aviation_Intel

Bizarre Theft Wave Targeted Same Rotax Engines Used In Iranian Drones

thedrive.comSame Type Of Rotax Engines Used In Iranian Drones Targeted In Bizarre Theft WaveAfter Ukraine displayed an Iranian drone with a Rotax 912 motor, the global targeting of those engines by criminals is even more intriguing.

10:26 PM ∙ Oct 25, 2022

---

-

Darsam 🥖🌹 @Darsam12_

Cyberpunk but French and from the 70s: it's called "Giscardpunk", it's an actual thing

9:28 PM ∙ Oct 24, 2022

---

-

Adamned Cerious @Browtweaten

[police academy] instructor: you failed the psych exam me: that sucks instructor: *handing me a badge* why

10:39 PM ∙ Oct 25, 2022

---

-

Tony "Abolish ICE" Arcieri 🦀🌹 @bascule

Signal usernames are coming, for real this time

community.signalusers.orgSignal Blog: Technology Deep Dive: Building a Faster ORAM Layer for EnclavesUsernames and hiding phone numbers publicly confirmed: Our new method is faster and more efficient. It lays the groundwork for the introduction of usernames and phone number privacy which will offer new privacy controls around your phone number’s visibility on Signal. @u32i64 thanks for changing…

3:31 AM ∙ Oct 26, 2022

---

-

Woodrow Peel @WoodyLuvsCoffee

People don’t understand bird watchers. I do it because I don’t trust birds.

9:49 AM ∙ Oct 19, 2022

---

-

Build a Passive Radar With Software-Defined Radio

https://spectrum.ieee.org/passive-radar-with-sdr

-

Matt Suiche @msuiche

Windows ARM64 Kernel Exploitation

github.comGitHub - msuiche/smbalooContribute to msuiche/smbaloo development by creating an account on GitHub.

5:08 PM ∙ Oct 25, 2022

---

-

bobby wasabi @bobbyteriyaki

“I can’t believe twitter is free” it isn’t, there is an inconceivable toll

10:31 PM ∙ Oct 24, 2022

---

-

Inside the elaborate set-up of a scam HQ, staffed by people forced to scam

https://www.channelnewsasia.com/cna-insider/inside-elaborate-set-scam-hq-staffed-people-forced-scam-3018966

-

Frank Endrullat 🌻 @FrankEndrullat

@thegrugq bsi.bund.de/DE/Service-Nav… There’s also link to download the PDF version of the report,

4:56 PM ∙ Oct 25, 2022

The Record by Recorded Future @TheRecord_Media

Germany’s federal cybersecurity office warned in its annual report that the threat from ransomware, political hacking, and other cybersecurity issues is at an all-time high (@AlexMartin)

therecord.mediaGerman cyber agency warns threat situation is ‘higher than ever’Germany’s federal cybersecurity office warned on Tuesday that ransomware, political hacking, and other cybersecurity threats facing the country are “higher than ever.”

1:56 PM ∙ Oct 25, 2022

---

-

Lukasz Olejnik @lukOlejnik

Negative Pressure Room is a technical-legal-sanity requirement for biolabs or infectious-control hospitals to prevent pathogens being leaked out. Now an attack is demonstrated to fool the sensors into turning it off ... with specially crafted sound. Scary! arxiv.org/pdf/2210.03688…

9:42 AM ∙ Oct 26, 2022

---

-