April 24, 2022

                April 25, 2022

            April 24, 2022

            There isn’t much respect for the volunteer cyber militia, but maybe there’s something actually going on worth paying attention to.
Joe Uchill @JoeUchillOne of the interesting attributes of IT Army of Ukraine's new website is a live graphic showing success of attacks against Russian infrastructure targets. 

They gamified guerilla cyberwarfare. 4:24 PM ∙ Apr 23, 2022
72Likes20Retweets
Some cool cryptography history. Who am I kidding? All cryptography history is cool. It’s in the name.
National Cryptologic Museum @NatCryptoMuseumEdward Hebern was an American inventor who developed an electromechanical cipher machine, which incorporated a mechanical rotor.  He was born #OTD in 1869.  The NCM has two very rare five-rotor Hebern cipher machines in its collection.  Learn more: youtu.be/-lNFQ-_frr8 
5:38 PM ∙ Apr 23, 2022
21Likes13Retweets
It is a weird weird world. Belarusian partisans are having a real impact on the war. Which is great.

https://www.washingtonpost.com/world/2022/04/23/ukraine-belarus-railway-saboteurs-russia/

The dawn of IT making something simple heedlessly complicated and confusing.
Neil Warner @NeilWarner_French election night, 1981: French people learned who their president would be through a computer graphic of the winner's face that came onto the screen line by line. A brief moment of added tension, as both of the candidates were bald  
youtube.com/watch?v=mkJ6_L… 
9:48 AM ∙ Apr 24, 2022
3,322Likes571Retweets
Cool stuff happening in bug hunting land.
Mathias Payer @gannimoAre you a bug hunter or interested in testing? Check out the very first #FUZZING workshop @internetsociety @NDSSSymposium! New: authors registered hypotheses and suggested experiments. Today, we'll discuss the submissions *with* the authors. fuzzingworkshop.github.io/program.html 
10:54 AM ∙ Apr 24, 2022
33Likes7Retweets
How to write Linux kernel exploits in 2022. In my day we had to write them uphill in the snow. Both POPing and RETing! Kids these days don’t know how easy they have it.
Linux Kernel Security @linkersec
Writing a Linux Kernel Remote [Exploit] in 2022

An article by Samuel Page @sam4k1 about writing an exploit for a remotely-triggerable stack-buffer-overflow in TIPC.

blog.immunityinc.com/p/writing-a-li…

[1/2]
blog.immunityinc.comWriting a Linux Kernel Remote in 2022Writing a Linux Kernel Remote in 2022 In this blog, we examine what goes into remotely exploiting the Linux kernel in 2022, highlighting the main hurdles as well as the differences and similarities with local exploitation.
Overview At Appgate Threat Advisory Services, we focus on offensive security…1:49 PM ∙ Apr 24, 2022
93Likes36Retweets

I’m as shocked as anyone, but apparently there’s a pandemic still on. China is suffering significant civilian unrest.
Emily Feng 冯哲芸 @EmilyZFeng
Beijing’s largest district (where I live) is undergoing mass “routine PCR testing” beginning tomorrow after 40 or so Covid cases in the last week. Most residents are interpreting this as sign of imminent, total lockdown. Long lines and empty shelves at supermarkets tonight. 😷 
2:21 PM ∙ Apr 24, 2022
166Likes105Retweets

Well, this seems like it’s bad.
Extreme Temperatures Around The World @extremetemps
Unfortunately for Indians and Pakistanis the extreme heat is not over and it will just get worse in few days:An incoming potentially deadly heat wave will see the temperatures soaring up to 48-49C in Pakistan and 46-47C in India. Stay tuned. 
4:34 PM ∙ Apr 23, 2022
7,817Likes3,579Retweets

@mikko @mikko
Common cultural artifacts of our time will be utterly unaccessible to future archeologists. 
emilia ✨ @lazerwalker.@apple  is removing a few of my old games b/c they have “not been updated in a significant amount of time”

Games can exist as completed objects! These free projects aren’t suitable for updates or a live service model, they’re finished artworks from years ago. https://t.co/iflH70j7q47:54 AM ∙ Apr 24, 2022
183Likes63Retweets

A bit of a look at the components of an information warfare element.
Sean Sullivan @5ean5ullivan
"Hunter" aka @NoBiasedReports; joined February 2022; 600 Tweets, all of which are replies; follows @hsfi, @ylenews, @yleuutiset and 7 other news orgs. (This is what a component of hybrid warfare influence campaigning looks like.) 
10:10 AM ∙ Apr 24, 2022
56Likes14Retweets

An interesting RE project to read about.
Peter Sobot @psobotHave you ever wanted to patch the operating system of a three-decade-old synthesizer by reverse-engineering it with modern tools?

Me too! So I did exactly that, and then wrote about it. blog.petersobot.comPatching an Embedded OS from 1996 with Ghidra • Peter SobotFor reasons I won’t get into, I’ve been working on a tricky reverse engineering puzzle recently: how to patch the operating system of a 26-year-old synthesizer. To be specific, the Kurzweil K2500, a sample-based synthesizer released in 1996. As... | Peter Sobot | I teach computers to listen to music…1:51 PM ∙ Apr 24, 2022
227Likes51Retweets
Texas natsec review is a pretty good rag.
Texas NatSec Review @TXNatSecReview
How policymakers understand #history shapes foreign policy tnsr.orgEveryman His Own Philosopher of History: Notions of Historical Process in the Study and Practice of Foreign Policy - Texas National Securit…The renewed interest in the utility of historical study — sometimes referred to as “applied history” — is a growing trend in both Europe and the United States. But while an invaluable foundation for understanding political, economic, and social issues, the movement often lacks a deeper examination i…2:01 PM ∙ Apr 24, 2022
8Likes4Retweets
𝕭𝖗𝖎𝖆𝖓 𝖂𝖍𝖊𝖑𝖙𝖔𝖓 @brianwhelton
What a great idea!
I’m going to start putting Ip addresses on random things. 
7:46 AM ∙ Apr 24, 2022
1,050Likes199Retweets
Crypto. Theft. North Korean hackers!
Sam Bowne @sambowne
North Korea hackers still accessing money they stole from Axie Infinity washingtonpost.comU.S. hasn’t stopped N. Korean gang from laundering its crypto haulNorth Korean hackers who last month carried out one of the largest cryptocurrency thefts ever are still laundering their haul more than a week after they were identified as the thieves.11:08 AM ∙ Apr 24, 2022
21Likes17Retweets
This is a good idea. Providing a guide to security research as a process, how to approach it and how to do it.

https://alexplaskett.github.io/demystifying-security-research-part1/

A couple Ukraine war reads:

https://www.understandingwar.org/backgrounder/russian-offensive-campaign-assessment-april-23

https://www.economist.com/by-invitation/rob-lee-on-why-attrition-will-be-a-critical-factor-in-the-battle-for-donbas/21808954

Thank you for reading The Info Op. This post is public so feel free to share it.
Share

                Don't miss what's next. Subscribe to the grugq's newsletter: