April 17

                        April 17, 2022

            April 17

Phillips P. OBrien @PhillipsPOBrien
I’m sure many of you have seen this arresting image. It will probably be a defining one for the equipment war. 
8:21 PM ∙ Apr 16, 2022
9,301Likes1,332Retweets

Some second order effects are revealed.
Christo Grozev @christogrozev
"Put yourself in their place.. advertise for free". Russia's advertising market has completely crashed in the absence of foreign brands, and is desperately try to grow replacement advertisers. The economic crash Russia is going to be multifaceted in ways never seen before. 
12:55 PM ∙ Apr 16, 2022
5,566Likes961Retweets

A look at the RPC RCE patch.

This is a great thread.
Yishan @yishan
The internet is not a "frontier" where people can go "to be free," it's where the entire world is now, and every culture war is being fought on it. 

It's the MAIN battlefield for our culture wars.12:10 PM ∙ Apr 15, 2022
10,545Likes1,276Retweets
Thread here: https://threadreaderapp.com/thread/1514938507407421440.html

Masters of Our Domain Podcast @mastersofpod
[INT. JERRY’S APT. DAY]

George: You hear what happened to Jesus? They crucified him - literally! 

Jerry: Well you can’t come back from that…a stoning maybe, but not the full crucifixion 

George: Impossible! Can’t be done!

[Kramer bursts in wearing the Turin Shroud]3:16 PM ∙ Apr 16, 2022
611Likes60Retweets

The duffleblog is on point.
Duffel Blog @DuffelBlog
NEW: Russian warship honors Ukrainian request to go fuck itself duffelblog.comRussian warship honors Ukrainian request to go fuck itselfIt took a while but it finally happened.2:30 PM ∙ Apr 16, 2022
489Likes85Retweets

Doorbell cameras record audio 20-30 feet away.
EFF @EFF
NEW: Doorbell cameras record audio 20-30 feet away, per @ConsumerReports. If you live near these devices, conversations you have on sidewalks or in parked cars may be sitting on Amazon's servers. consumerreports.orgVideo Doorbell Cameras Record Audio, TooDoorbell cameras can record audio from up to 20 to 25 feet. Consumer Reports offers tips to help you protect your privacy—and your neighbors’.10:47 PM ∙ Apr 16, 2022
294Likes259Retweets

A look at all the ICS malware we’ve seen so far.
Jimmy Wylie @mayahustle
Now that I've had some distance from the analysis of #PIPEDREAM, I've been thinking a lot about knowledge gain, across #CRASHOVERRIDE, #TRISIS, and PIPEDREAM.  Here's a quick summary of how I'm seeing the advancement of knowledge by adversaries seeking to impact ICS. (1/13)9:54 PM ∙ Apr 16, 2022
150Likes55Retweets

Multicast. It’s wild.
Battle Programmer Yuu @netspookyI'm happy to finally share my writeup on weird things you can do with multicast protocols.

Packets Remystified: Broadcast Brujería

github.com/netspooky/prot… 
12:05 AM ∙ Apr 16, 2022
361Likes125Retweets

Rob Annable @eversion
I think about this diagram a lot, but to my shame I didn't make a note of the source. 
10:11 AM ∙ Apr 15, 2022
8,233Likes1,199Retweets

Ransomware groups adding more functionality so they can better analyse pilfered data. So, that’s good. 
We’ve been discussing for a while how a major shortfall of the ransomware groups is the lack of analytic capability which would allow them to extract more value from the take. It looks like this might be rectified? 
PRODAFT @PRODAFTFull-text Search functionality implemented by PYSA ransomware group allows the group to identify specific files from the exfiltrated data. Pre-defined words in the management panel are quite interesting. 

#threatintel #PYSA #ransomware

Full report 📝:
prodaft.com/resource/detai… 
6:50 PM ∙ Apr 16, 2022
76Likes26Retweets

Write up of a CTF challenge 
Ricky Zhou @riczhoWriteup for pppdddbbb, my PlaidCTF 2022 challenge: gist.github.com/rickyz/54650a6…. Thanks to all that played it!
gist.github.compppdddbbb writeuppppdddbbb writeup. GitHub Gist: instantly share code, notes, and snippets.3:57 AM ∙ Apr 17, 2022
62Likes17Retweets

Some amusing news out of china. Seems like the situation in Shanghai is so bad that the visiting officials are afraid to go on the street (for fear of being heckled).
Cameron Wilson  韦侃仑 @CameronWEF
Post on Wechat claims fake street constructed on Shanghai office roof so Vice Premier Sun Chunlan could pretend to visit without fear of being heckled by angry residents. 
6:52 AM ∙ Apr 17, 2022
1,122Likes373Retweets

The amazing Emily Crose @hexadecim8 has a ww2 era espionage comic. 
ourladymaven @ourladymaven
Wait until you see what @SarahAllenReed has up her sleeve for this series. 
Sarah Allen Reed @SarahAllenReed
Inking away. #illustration #makingcomics #penandink #wip #process @ourladymaven https://t.co/QGLyrMIEqX1:49 AM ∙ Apr 9, 2022
3Likes1Retweet

A look at the espionage elements of the Russian embassy in Paris, 
Le cueilleur @LCueilleurMoscow's ears in Paris
#thread

The French capital has been an important refuge for Russians for decades. Once again, Moscow has invested heavily in espionage know-how. Even the German counter-intelligence was confronted with it. A closer look 1/612:30 PM ∙ Apr 16, 2022
33Likes17Retweets
It’s the circle of theft 
The Eastern Border🇱🇻🇪🇺 @Eastern_Border
Also in the news: Looted stuff stolen by Russian soldiers is now being, in turn, stolen by Russian postal workers. For example, from the 130 boxes that were supposed to arrive to the town of Rubcovsk, only 3 made it there.2:15 PM ∙ Apr 15, 2022
8,696Likes1,762Retweets
What to do about aging political leaders? Once the question that plagued the Soviet bloc and made the CIA chuckled…now it’s a very US problem. 

https://www.theatlantic.com/ideas/archive/2022/04/dianne-feinstein-retire-senate/629584/

Jerrold Post, for the CIA, on “Aging Communist Leaders.”

https://catalog.archives.gov/id/7283978

The Odessa Journal 🖋⚓ @Odessa_Journal
After reports that the Russian Federation pulled its so-called troops to the border with 🇫🇮Finland, the Finns published a video with tractors moving to the border with the Russian Federation. Bravo, Finland! 
6:40 PM ∙ Apr 16, 2022
46,932Likes9,070Retweets
Everything is a weapon. Now password resets are being used to prepare the victim for a fraudulent call. It’s a clever sequence of events for the attack.
Crypto is great. You can now lose your money if you make even a single mistake in a barrage of trick questions.
Serpent @Serpent
Process of this attack:
1) Scammer requests random password resets to make the victim suspicious
2) Using a caller ID spoofer, the scammer will call the victim as Apple and claim there is suspicious activity on the account4:20 AM ∙ Apr 17, 2022
299Likes43Retweets

                        Don't miss what's next. Subscribe to the grugq's newsletter:

          Start the conversation:

            Be the first to share your thoughts