April 12

A look at accidents. The wrong approach is to blame “bad person” and the correct approach is to blame the bad system. This has strong parallels to OPSEC, security, and info sec, among others. The problem is usually not the person but the environment or tooling that permits or even encourages the errors.

In Criminalizing Error, We Are Doomed to Repeat Our Mistakes | The Nation

Sending a nurse to prison for causing a patient’s death may satisfy the thirst for vengeance, but it won’t make hospitals any safer.

Some clever crypto something something. Fraud, basically. It is always fraud.

Rekt - Inverse Finance - REKT

DeFi / Crypto - Inverse Finance got flipped for ~$15M. A professionally executed hack allowed an anonymous actor to manipulate the price of INV and help themself to an exclusive deal from the ETH based lending protocol.

The Purge

Putin in on a bit of a purge right now. Taking out the domestic policy guy who was also in charge of Ukraine policy. Clearly he screwed that one up.

Kamil Galeev @kamilkazani

Vladislav Surkov is reportedly arrested. For years he ran Russian domestic politics and later Kremlin's policy in Ukraine. On Feb 15 he published an article calling for the war to reannex Ukraine, Belarus and Baltics. Today I'll discuss his role in Putin's rise to Presidency🧵

12:54 AM ∙ Apr 12, 2022

---

12,561Likes3,838Retweets

The Purge, Electric Butthole Glue

There are a lot of vacancies showing up in the FSB if you’re interested in a new job with a short life expectancy.

https://archive.ph/2022.04.11-203347/https://www.thetimes.co.uk/article/putin-purges-150-fsb-agents-in-response-to-russias-botched-war-with-ukraine-lf9k6tn6g

Ben Sixsmith @BDSixsmith

@pmarca Memes aren’t like viruses where you build up immunity, Marc. They’re like drugs - you overdose.

5:14 AM ∙ Apr 12, 2022

---

43Likes3Retweets

Great work by ESET.

J. A. Guerrero-Saade @juanandres_gs

Missed this write up from last month. Looking at the sheer amount of findings re:Ukraine over the past 8 years, @ESETresearch really doesn't get nearly enough credit. 👏👏👏 welivesecurity.com/2022/03/21/san…

welivesecurity.comSandworm: A tale of disruption told anew | WeLiveSecurityAs the war in Ukraine rages on, Sandworm, one of the world’s most notorious APT groups, enters the spotlight again.

5:53 AM ∙ Apr 12, 2022

---

37Likes14Retweets

Lots of reports about the Sandworm attack against Ukrainian electrical substation(s). There are a lot of questions about this, like how the hack was detected and remediated inside an hour.

CERT-UA

Урядова команда реагування на комп’ютерні надзвичайні події України, яка функціонує в складі Державної служби спеціального зв’язку та захисту інформації України.

The Russian military drones might not be as advanced as they liked to believe. On the other hand, it does seem very pragmatic to use commercial solutions to cut down on costs. Not really sure about that one… particularly since it seems maybe the cost savings weren’t passed on to the customer (the military.)

Stratcom Centre UA @StratcomCentre

Ukrainian soldier dismantled the Russian Orlan drone, debunking yet another Russian myth.

4:42 AM ∙ Apr 12, 2022

---

391Likes160Retweets

And here is an entire article written about the above tweet.

Video: Ukraine Soldier Disassembles Russian Drone, Reveals DIY Work

Ukraine's Defense Ministry posted a video on Twitter Sunday of the solider taking apart a Russian Orlan-10 drone.

Security vulnerabilities in the cloud.

Corey Quinn @QuinnyPig

Another day, another "learn about an @awscloud security issue from a third party" blog post...

Lightspin @LightspinTech

Lightspin's Research Team obtained credentials to the internal AWS service 'grover' by exploiting a local file read vulnerability on the RDS EC2 instance using the log_fdw extension. Read the full technical post by @gafnitav https://t.co/tnIHyoaCCg https://t.co/fFl6s6k6MR

8:24 PM ∙ Apr 11, 2022

---

143Likes23Retweets

Somewhat late on this, but… it looks like SIGINT on Kadyrov and his Chechen buddies was a possible source for US intelligence on the Russian war plans.

max seddon @maxseddon

Looks like Chechen forces spent months openly chatting about plans to invade Ukraine – even as most other commanders didn’t know until a week before and were shocked, according to these leaked voice memos with Kadyrov. No wonder US SIGINT picked it up

bbc.com″В районе Майдана или Крещатика танцы подготовим”. Что человеку с голосом Кадырова докладывали накануне вторжения России - BBC News Русская…В распоряжении Би-би-си оказались голосовые сообщения, которыми накануне российского вторжения на Украину обменивались человек с голосом главы Чечни Рамзана Кадырова и человек с голосом зама чеченской Росгвардии Даниила Мартынова. Они обсуждают, как бойцы будут заходить в здания на Украине и какой б…

5:33 AM ∙ Feb 27, 2022

---

1,550Likes515Retweets

A look at how troll farms work, which is always a bit interesting.