Archive (Page 20) • the grugq's newsletter

[Ed: the end of RSAC week. The internets are out of cybers. They just need a glass of milk and a nap, and they'll be ready to go…] Farida Rustamova...

Userland Rootkits are Lame

Many people may not know this, but fifteen…twenty years ago I knew a thing or two about rootkit development. I wrote detection software for a few years as...

A userland rootkit is pretty weak. There are some easy ways to detect it. The simplest is to just use a staticky linked binary, like busybox, rather than the...

On June 5 Russians took over a streaming TV service in Ukraine and for ten minutes replaced the England v Wales football match with Russian propaganda. Cyber...

Probably the big article of the day, this one on CIA hacking. The Surreal Case of a C.I.A. Hacker’s Revenge | The New Yorker A hot-headed coder is accused of...

Wow Runa Sandvik @runasandAnne-Elisabeth Hagen, wife of Norwegian billionaire Tom Hagen, disappeared without a trace from her home near Oslo on 31 October...

JF Bastien @jfbastienI often think about this (now deleted) @johnregehr tweet: C is awesome because it defers problems to runtime, at which point people...

Amazing read. Dmitri 🇺🇦 @mdmitri91The Russian 35th army, transferred from Far East and stationed in Izyum, is successfully destroyed by its own army command...

The Folina 0day was used to attack Russia and Belarus, based on the location where the ITW samples were uploaded. It is interesting that a clearly...

Huge but very confusing news. This raises more questions than it answers. What did they do? When? Where? Who else knew about it? Very very interesting but...

Foghorn: Signals Through the Fog of War

Ukraine Survives and Thrives Russia’s first wave of destructive cyber effects operations against Ukraine were effective. They targeted and disabled Ukrainian...

James Vincent @jjvincentI’m sorry but I couldn’t resist: since I’ve just written a whole book on the subject, I want to talk about the history of anti-metric...

If you read nothing else, read this. It is epic, brutal, and amazing. Hard Drive Apologizes to Elon Musk for Dunking on Him Too Hard Hard Drive would like to...

Polish LARPers play contemporary Americans. ✨𝖇𝖊𝖓✨ @PenBercifieldIn Poland, there is a LARP group that roleplays as contemporary Americans. Here they are...

Mathias Verraes @mathiasverraesThere are only two hard problems in distributed systems: 2. Exactly-once delivery 1. Guaranteed order of messages 2. Exactly-...

Belgium seems to want to ban Signal. Matthew Green @matthew_d_greenBelgium’s new data retention laws might result in a Signal ban. edri.orgBelgium wants to...

I was on a Ukrainian cyber security podcast Sunday 22nd. It was a great discussion and a few interesting things came up. Check it out at No Name Podcast: No...

Russian hackers and Brexit. Shane Huntley @ShaneHuntleyArticle on latest Russian efforts. The "English Coop" website was linked to what the Google knew as...

An airline in India is suffering a ransomware attack. The interesting thing is that passengers trapped on planes that cant take off are tweeting from the...

Crypto. Scam. Fraud. Fascinating case of what to do when a smart contract is exploited. Is it fraud, or just a savvy investor taking advantage of an...

One of 40 Russian delegates to the UN resigned because he’s ashamed of his country. He posted a resignation paper on his LinkedIn. Hillel Neuer...

Great observation Justin Troutman @justintroutmanTeaching cryptography to non-cryptographers has been most enlightening for students, and me, when we...

Sort of interesting news from Ukraine on the cyber front. I missed this earlier, but there’s apparently a link between missile strikes on Odesa and...

Huge news. The Feds won’t use the CFAA to go after security researchers, pinky promise! Zack Whittaker @zackwhittakerWow. DOJ has announced a significant...

Another indictment of Chinese covert operations. switched @switch_dU.S. Citizen and Four Chinese Intelligence Officers Charged with Spying on Prominent...

We open this newsletter with a banger. A free book of case studies of Russian espionage operations. Free! Book! Matthijs R. Koot @mrkootRussian Intelligence:...

Someone just noticed that Kaspersky is Russian.. CNAS @CNASdcThe authorities are "really the only tool that we have to deal with the threat posed by...

The Ukrainian military is extremely good at enabling lower echelon leaders to operate independently with initiative. Russia has a more Soviet style top down...

A mini compilation of pictures documenting embarrassingly bad black bag jobs. Kitzy @heykitzyA MacBook Pro came back from a trip to China with half of its...

Intelligence analysis on “foreign countries doing war” is… not very accurate. They’re 0 for 2 in the last 12 months. US intelligence community launches...

Max Goodhart @chromakodeNew York City is like Linux: - Spend the first year re-learning how to perform basic tasks - Spend the rest of your lifetime claiming...

👣ℙ𝕖𝕕𝕣𝕠'𝕤 𝕄𝕦𝕤𝕥𝕒𝕔𝕙𝕖🇺🇲 @OfAthenryWhen I tell you that you'll invent new curse words, believe me. 12:49 AM ∙ May 10, 20221,874Likes224Retweets Crypto. Fraud....

Matthew Green @matthew_d_greenSpeaking of actual free speech issues, the EU is proposing a regulation that could mandate scanning of encrypted messages for...

Hi everyone. Just a quick note to inform you that this week I have even less time than I initially anticipated. I was hoping to be able to do a digest, but I...

Uncle Duke @UncleDuke1969Growing up, Sesame Street taught me the importance of education, empathy, and kindness. Bugs Bunny, on the other hand, taught me...

Ukrainian Memes Forces @uamemesforces8:44 PM ∙ May 6, 202220,742Likes2,239Retweets FSB counterintelligence is a bit of an institutional embarrassment these...

On the gulf between desire and reality

CERT-IN's VPN logging announcement in context The latest rules by CERT India asking VPN providers to collect user data or face jail terms is interesting...

Stan Account @tristandrossback in my day, money had pictures of apes on them and ape holders could use multiple slurp juices on a single ape! 'give me three...

This seems like possibly an important development. DeCential Media @DecentialMediathanks to @dguido of @trailofbits for helping explain a new US program that...

You want to watch a great discussion on cyber warfare. You want to watch Danny Moore talk about his upcoming book. A Ukrainian family lived in a basement for...

Detailed Mandiant report on attacker activity that is pretty cool, such as embedded devices and old conference video systems(!). Nice to see the use of SSH...

The cyberwar is wild. Greg Peterson @MachineryPeteRussians plunder $5M worth of tractors and combines from JD dealership in Melitpol, Ukraine, then transport...

The Ukrainian volunteer cyber army is possibly the worst thing to happen for Ukrainian cyber security since the 2015 electrical grid hack. They are providing...

Gabriel Noronha @GLNoronhaI don’t normally tweet Iranian propaganda videos, but there’s an exception to every rule… 12:27 AM ∙ Apr 30,...

Great lecture. Totally recommended. raptor @0xdeaNimbuspwn Linux privilege escalation microsoft.comMicrosoft finds new elevation of privilege Linux...

This story about cables cut in France is going to be interesting to follow. Arthur P.B. Laudrain @APB_LaudrainMajor #internet cables physically cut at...

Russia is leaking a report on a war game run by a Polish think tank with a retired General. Not very interesting in terms of impact, but interesting as an...

Crypto. NFT. Fraud. Rinse. Repeat. Lorenzo Franceschi-Bicchierai @lorenzofbNEW: Hackers took over the official Instagram account of @BoredApeYC and tricked...

This is spectacular. Really cool stuff! Trent Telenko @TrentTelenkoChalk an EW win up for Ukraine. They seems to have figured out how to trigger Russian...

There isn’t much respect for the volunteer cyber militia, but maybe there’s something actually going on worth paying attention to. Joe Uchill @JoeUchillOne...