Archive • the grugq's newsletter

January 13, 2025 Academic work on honeypots and deception are often kinda disappointing, but this paper by @debi_ashenden and Reeves is worth the skim...

January 12, 2025

January 12, 2025 Ships Must Practice Celestial Navigation An interesting point here, actually. The Navy conducts live-fire weapons drills, damage control...

January 11, 2025

January 11, 2025 [POC2024]An insider perspective on the offensive industryhttps://t.co/RYKwC1MAkp@qwertyoruiopz— xvonfers (@xvonfers) January 10, 2025 Just...

January 9-10, 2025

January 10, 2025

January 9-10, 2025 From https://t.co/XFEpKzhGim pic.twitter.com/b6HXJIy5FL— Alberto Acerbi (@acerbialberto) January 9, 2025...

January 8, 2025

January 8, 2025 Hundreds of police license plate cameras are misconfigured to stream to the open internetA privacy researcher took these streams and turned...

January 7, 2024

January 7, 2025

January 7, 2024 AWS introduced same RCE vulnerability three times in four years https://t.co/Ooljsa6Nji— /r/netsec (@_r_netsec) January 4, 2025 How to become...

January 6, 2025

January 6, 2025 https://archive.ph/2025.01.05-232824/https://www.wsj.com/tech/cybersecurity/typhoon-china-hackers-military-weapons-97d4ef95?st=4zK2ke Ollie...

January 5, 2025

January 5, 2025 False alarm.It's porn: https://t.co/rckofBv3N7 https://t.co/Q0UgAxpJsz— Proton (@ProtonPrivacy) January 3, 2025 John Regehr: "meta's AI...

January 4th, 2025

January 4, 2025

January 4th, 2025 CF Hero CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web...

January 3, 2025

January 3, 2025 Interested in all the new macOS malware of 2024!? 🍎🐛I've started my annual "The Mac Malware of " report.Each day, I'll be adding details of a...

January 2, 2025

January 2, 2025 From fault injection to RCE Analyzing a Bluetooth tracker by Nicolas Oberlihttps://t.co/AkGMEAyJOuhttps://t.co/lgwhI1Zb2a...

January 1. 2025.

January 1, 2025

January 1. 2025. Anyone that ever opened a PE file in ida knows this is bullshit, without reading a single line of 7z code https://t.co/2nJZoSX30o...

December 31, 2024

December 31, 2024 Happy New Year! By popular demand, as promised, I compiled a short thread of the funniest and most absurd of Russia's recent arsons (with a...

December 29-30, 2024

December 30, 2024

December 29-30, 2024 During the US Election 2020, on Facebook, misinformation (strictly defined) spread more slowly than true information, mostly relying on...

December 28, 2024

December 28, 2024 NEW: Data-loss prevention startup Cyberhaven said hackers took over its official Chrome extension, pushing a malicious version designed to...

December 26-27, 2024

December 27, 2024

December 26-27, 2024 Last month @ASU I presented my work on formalizing automated bug discovery, developing a framework to characterize the full spectrum of...

December 25, 2024

December 25, 2024 As much as I love fail2ban, I love @drk1wi's portspoof even more :phttps://t.co/s0sQnW2tlY https://t.co/IP9Jc65CBs...

December 24, 2025

December 24, 2024

December 24, 2025 JUST IN: DPRK-related addresses have swapped nearly $200k via MetaMask, who has profited $1,985 in swap fees.Ya'll, DPRK doesn't trade....

December 23, 2024

December 23, 2024 Happy war on Christmas to all who celebrate. in case you didn't know, this is how you're actually supposed to do software versioning...

December 22, 2024

December 22, 2024 Just dropped my latest paper on kernel callbacks in Windows. It breaks down key internals and explores how red teamers can exploit them and...

December 21, 2024

December 21, 2024 Things are starting to add up — why did Lockbit ransomware group issue a threat to Christopher Wray, the current director of the United...

December 20, 2024

December 20, 2024 just accidentally closed a tab i've had been meaning to read for the past 2 years— yyy (@yx3io) December 18, 2024 Apple Platform Security...

December 19, 2024

December 19, 2024 Thank you for all the recommendations so far!Some of you asked for me to share the list of what I got, so here it...

December 18, 2024

December 18, 2024 TIL : There's a way to prevent the Win+R phishinghttps://t.co/PgmKfhLLS3 pic.twitter.com/aHrenapjPq— Florian Roth ⚡️ (@cyb3rops) December...

December 16-17

December 17, 2024

December 16-17 What Did Ada Lovelace's Program Actually Do? Great read What Did Ada Lovelace's Program Actually Do?In 1843, Ada Lovelace published the first...

December 15, 2024

December 15, 2024 Ukraine uncovers Russian spy network recruiting teens for espionagehttps://t.co/UbW4AHRjFz— Dr. Dan Lomas (@Sandbagger_01) December 14,...

December 14, 2024

December 14, 2024 FLARE is releasing a tool today that I've been working on over this year that helps break down binaries into smaller functional clusters...

December 13, 2024

December 13, 2024 Happy Friday the 13th to all who celebrate. For personal reasons km afraid the next few days will be a light newsletter. The Paranoids @...

December 12, 2024

December 12, 2024 I told one of the brothers our temporary code to the doors in the rectory will be "1234.""That will be easy to remember," he said. "Because...

December 11, 2024

December 11, 2024 Microsoft Rolls Out Default NTLM Relay Attack Mitigations https://t.co/uEPMLkRjHH— Nicolas Krassas (@Dinosn) December 10, 2024 DarkFlare -...

December 10, 2024

December 10, 2024 Craziest thing that happened in World War II in your area?— Hush-Kit Aviation News, History & Satire (@Hush_Kit) December 9, 2024 The IRA...

December 9, 2024

December 9, 2024 Hooka - shellcode loader with multiple capabilities. It is based on other tools like BokuLoader, Freeze or Shhhloader, and tries to...

December 8, 2024

December 8, 2024 The lack of end-to-end encryption through the telco infra is the vulnerability. We improved Internet infra security by largely de-...

December 7, 2024

December 7, 2024 A Russian state-sponsored hacker group, known as Gamaredon, has been targeting Ukrainian-speaking victims in an ongoing cyber-espionage...

December 6, 2024

December 6, 2024 Hot take: by being actively hostile to end to end encryption apps, FBI and DOJ has created the playing field on which Salt Typhoon now...

December 5, 2024

December 5, 2024 Me reverse engineering: Haha fuck yeah!!! Yes!! Me engineering: Well this fucking sucks. What the fuck.— Battle Programmer Yuu (@netspooky)...

December 4, 2024

December 4, 2024 @dagrano.bsky.social on BlueskyWe've just released our Q3 Adversarial Threat Report. Being part of the team creating the threat disruption...

December 3, 2024

December 3, 2024 It's Baaaaaack!!Our Credit Card Canarytokens are out of beta and on your Canarytoken servers..- Grab one;- Stash it somewhere "safe";- We...

December 2, 2024

December 2, 2024 The fascinating security model of dark web marketplaces The fascinating security model of dark web marketplaces After facial recognition...

December 1, 2024

December 1, 2024 The season of “next year cybersecurity predictions” is almost upon us. It's never too early to have "the talk" with your children....

November 29, 2024

November 29, 2024 In a somewhat recent project we used a vulnerable driver, which worked fine...Except: The customer had a custom rule that caused an alert...

November 28, 2024

November 28, 2024 Dopped a spicy 25-min read exploring adversarial ML 🤠 It's a mix of in-depth & light peppering of the broader field. So much I couldn’t fit...

November 27, 2024

November 27, 2024 If you like bounties, I highly recommend this presentation from @tincho_508 on novel web cache deception techniques. It comes with...

November 26, 2024

November 26, 2024 “With its aircraft carriers, nuclear submarines and missile systems, France's military is among Europe’s most modern. In terms of feathered...

November 25, 2024

November 25, 2024 A video that goes deep into the career of one of the Scattered Spider hackers. Tracing his journey through the Minecraft to Hacking...

November 24, 2024

November 24, 2024 #SpyNews - week 47 (November 17-23):A summary of 77 espionage-related stories from week 47 coming from...

November 23, 2024

November 23, 2024 If you’re looking to kill 3hrs with a podcast of my talking about hacker history, Phrack, and a bunch of random thoughts, I’ve heard this...

November 22, 2024

November 22, 2024 Spelunking in Comments and Documentation for Security Footguns - Include Security Research Blog Remember, remember the 22nd of...

November 21, 2024

November 21, 2024 https://www.theregister.com/2024/11/20/dlink_rip_replace_router/ On the heels of @Google’s ‘Big Sleep’ AI discovery of a real-world...