April 19, 2022

                April 19, 2022

            April 19, 2022

            Russian airbase full of styrofoam planes. Which is probably a fire hazard.
Expat in Kyiv @expatuaGoogle's increased resolution over Russian military bases is already yielding hilarity.

Just how much of the Russian Air Force is styrofoam? 4:12 PM ∙ Apr 18, 2022
53,061Likes8,998Retweets
Android app intelligence collection
Possible government links?
This is a crazy story. Precise location information from tens of millions of Android devices was being collected and sent to a company based in Virginia, although it was masquerading as Panamanian. They paid developers to include their malicious data theft library, which evades Android permissions, in a number of popular free* Android apps. 
The library has bidirectional communications with the company’s servers, data goes out and commands?? come in. The amount of information collected is truly impressive. The library does trucks like send out service discovery packets to learn what devices are on the network. The tricks they exploit to gather intel without permission are pretty cool.

https://blog.appcensus.io/2022/04/06/the-curious-case-of-coulus-coelib/

Google’s ban hammer.

https://www.pymnts.com/google/2022/google-weeds-data-harvesting-apps-from-play-store/

A deep dive into conspiracy theories, how they spread in the modern age.
Brandy Zadrozny @BrandyZadrozny
It's finally here!! Our podcast diving into an ultra-viral conspiracy theory: A nurse, who fainted after her Covid vaccine in 2020. She's fine ... but the internet decided she was dead. How it started, why it spread, and who it hurt. Hope you'll listen! podcasts.apple.com‎Truthers: Tiffany Dover Is Dead* on Apple Podcasts‎News · 20224:22 PM ∙ Apr 18, 2022
562Likes203Retweets
Looking at exploit dev. 
an0n @an0n_r0Tried to make a simple non-too-technical video demonstrating Office VSTO payload delivery by recreating the attack using the awesome write-up by @danonit (medium.com/@airlockdigita…). Showing only the attack, not the details of building the malicious document (with Defender evasion)  
an0n @an0n_r0
Although it requires bunch of approvals (opening ISO, opening docx, enable edit, allow install), Office VSTO is still a great and dangerous technique for delivering payloads. 💥 Here a C# assembly web loader with AMSI bypass is packed as stage0 for launching a Mythic C2 agent. https://t.co/XIYA0gu7DH https://t.co/eV4TqLQMHt
6:45 PM ∙ Apr 18, 2022
39Likes17Retweets
Defense contractors are right to use game controllers. Why create something from scratch that’s strange to users? Just repurpose a tool with millions of dollars in design and hundreds or thousands of hours of practical experience by the user base. 
Glytch @GlytchTech
While amusing, this is pretty common. 
I can name a number of US UGV and UAV platforms that are similarly controlled with XBox 360 controllers. 

Turns out, when training 18-20 y/os, using an interface theyre likely proficient with after a decade of gaming gives you a head start. 
Anonymous Operations @AnonOpsSERussian drones are controlled with cheap Logitech gamepads and Windows Vista?

The Belarusian TV channel VoenTV reported on how the Russian air defense systems S-300 and UAV "Orlan-10", which "protect the Belarusian sky", work. https://t.co/NsiLyztdGl
11:46 PM ∙ Apr 18, 2022
169Likes29Retweets

More experts weigh in on why cyber war doesn’t look like the movies. 
Hexadecim8 @hexadecim8
I've been asked many times lately why 'cyber' hasn't been used against Ukraine in this conflict, and my answer is, there has been! There's been so many wipers used in this conflict that it's hard to track them all but...11:23 AM ∙ Apr 18, 2022
265Likes62Retweets

Intrigue. Encryption. GCHQ. Its nowhere near that exciting though.
Dustin Volz @dnvolzWhen Britain’s cyber agency unfavorably evaluated Arqit's proposed tech nearly two years ago, its CEO was incensed. He convened a virtual meeting in which he referred to Ian Levy, the cyber agency’s technical director, as a “f— Jewish c—," per sources. wsj.com/articles/briti…
6:48 PM ∙ Apr 18, 2022
19Likes15Retweets

Duffleblog is here with the hard hitting news.
Duffel Blog
Russian navy invades bottom of Black Sea
By Cat Astronaut UNDERWATER — Led by the missile cruiser Moskva, the flagship of its Black Sea Fleet, the Russian navy on Thursday launched a full-scale invasion of the bottom of the Black Sea. “I call on all nations of the Black Sea Floor to condemn this unprovoked attack on our sovereign benthic zone,” said Aleksandr Kovalfish, a spiny dogfish and spokesman for the Black Sea Aquatic Federation. “The fishes, mammals, mollusks, and other creatures of the briny deep will respond in full force to this flagrant act of aggression…
Read more
a year ago · 21 likes · 3 comments · Paul Szoldra

Museums and art are just absolutely awesome. A cabinet with a ceramic rooster that survived a Russia air strike is now preserved in a museum as a testament to e
Euromaidan Press @EuromaidanPressThe legendary locker with ceramic rooster, which survived Russia's airstrike in Borodianka, was transferred to the Revolution of Dignity Museum,–Life.Pravda 

Museum's goal is to “actualize the topic of democracy not only for Ukrainians but also Europeans” euromaidanpress.com/2021/11/24/how… 
10:16 AM ∙ Apr 17, 2022
465Likes111Retweets

Whatever you suspected about influencers marketing crypto, it’s probably true and they’re probably worse. 
Jason Koebler @jason_koebler
A price list for paid cryptocurrency "shill tweets" leaked and is uncovering a wild wild unregulated world of influencer marketing

vice.comLeaked ‘Shill Price List’ Shows Wild World of Crypto PromosA price list is spreading like wildfire and revealing how cryptocurrency influencer promotion works.10:40 PM ∙ Apr 18, 2022
376Likes128Retweets

Mirai was an over achiever. Just wait for the free bother armies from lapsed IOT domains.
Corey Quinn @QuinnyPig
The really fun part will be when someone picks up their lapsed domains and inherits an IoT bot army for their trouble. 
Internet of Shit @internetofshit
it’s very telling that the people behind connected things companies ALWAYS think they can just disappear and nobody will notice all the dead devices they’ve left in their wake https://t.co/36zdmbkirC6:12 AM ∙ Apr 19, 2022
120Likes32Retweets
Cory Doctorow @doctorowIoT service shuts down its cloud hosts without warning; execs scrub their Linkedin profiles of the company's name; parent company deletes press-release trumpeting the acquisition, and every single device they've ever sold is bricked. arstechnica.com/gadgets/2022/0…

#WhyWeNeedInterop
arstechnica.comShameful: Insteon looks dead—just like its users’ smart homesThe app and servers are dead. The CEO scrubbed his LinkedIn page. No one is responding.7:59 PM ∙ Apr 18, 2022
1,495Likes836Retweets

Seems like the UK can’t make nukes with the decrepit infrastructure they have. 
Matthew Harries @harries_matthewThe infrastructure for building Britain's nuclear warheads has suffered long-term political neglect and mismanagement. 

In a new piece for @prospect_uk I explore these problems and why Parliament needs to get serious about nukes. 

Summary🧵: /1

prospectmagazine.co.uk/other/is-the-u…
5:05 PM ∙ Apr 16, 2022
87Likes32Retweets

Neil Ackerman @ncackerman
This is better than anything Elon Musk has ever come up with 
8:52 PM ∙ Apr 17, 2022
108,335Likes8,914Retweets

The New York Times has discovered that the Slavic world is basically on Telegram for the social networking aspect. Something that is overlooked by everyone that does cyber security. 
Matthew Green @matthew_d_green
Good NYT article on Telegram’s good, bad and ugly. Ugly is the crypto, which I spoke to them about. nytimes.comWhere Russians Turn for Uncensored News on UkraineTelegram is the platform of choice for Russians seeking to escape Moscow’s propaganda web. But can it last?11:26 AM ∙ Apr 19, 2022
18Likes7Retweets
Thank you for reading The Info Op. This post is public so feel free to share it.
Share

Don't miss what's next. Subscribe to the grugq's newsletter: