April 24, 2024
April 24, 2024
I just published C isn’t a Hangover; Rust isn’t a Hangover Cure https://t.co/CyDpCwGMJy
— John Viega (@viega) April 23, 2024
from @violazhouyi 's excellent piece https://t.co/dAMqQvRUcd
— Jordan Schneider (@jordanschnyc) April 23, 2024
TSMC Takes on Arizona needs to be a documentary
— Jordan Schneider (@jordanschnyc) April 23, 2024
"U.S. engineers told Rest of World that some Taiwanese male engineers had calendars with bikini models on their desks and occasionally shared sexual memes in group chats.
A female American colleague, according to an American… pic.twitter.com/Vf2yceE4sO
https://www.antipope.org/charlie/blog-static/2024/04/the-radiant-future-of-1995.html
Me: "I'd like to copy and paste from this pdf please"
— Neil Renic (@NC_Renic) April 23, 2024
Adobe Acrobat: "no worries, I took the liberty of stacking each word on top of each other in a vertical column, adding mysterious symbols, and removing every instance of the letter 't'"
Overall it's a well-written report, grab it from https://t.co/QvTHVaoFQU
— Daniel Cuthbert (@dcuthbert) April 24, 2024
Glitching the MediaTek MT8163V SoC BootROM with fault injection (2020)
— 0xor0ne (@0xor0ne) April 24, 2024
Credits Ilya Zhuravlev and Jeremy Boone (@NCCGroupInfosec)https://t.co/Af14DQZTm0#faultinjection #cybersecurity pic.twitter.com/NZYkj9wfw9
The sound you hear is the sound of thousands pentesters crying who’d reported this as a finding all those years ago and ignored as nobody would do that…. https://t.co/Br3fVJlmhO
— Daniel Cuthbert (@dcuthbert) April 24, 2024
10 terror plots foiled in Europe in 2023: Dutch security service - https://t.co/zGQgBkBBX8 https://t.co/xLTiHBAMba
— switched (@switch_d) April 24, 2024
How long does it take for a 0-day to get burned? Microsoft reported that Russian APT28 group used a previously unknown tool, dubbed GooseEgg, to exploit the Windows Print Spooler flaw CVE-2022-38028 since at least June 2020, and possibly earlier https://t.co/Ost6BH5vrv
— Stefan Tanase (@stefant) April 23, 2024
I’m very sure that the concept of “burned 0day” is extremely misunderstood.
— thaddeus e. grugq thegrugq@infosec.exchange (@thegrugq) April 24, 2024
Very little actually burns 0day, and very few 0day cease to be useful after they’re “burned.”
The way the threat landscape changes when an 0day is burned does not match most people’s mental models. https://t.co/z1YIcBdd1q
Detecting attacks as they happen is rare.
— thaddeus e. grugq thegrugq@infosec.exchange (@thegrugq) April 24, 2024
Determining what exploit was used in a particular attack is unusual.
Universal patch deployment doesn’t happen
There is no transition to “secure” just because a vendor fixes their software
Many of the “rules” about 0days are just general rules of thumb for offensive operation risk assessments done by attackers who value stealth over everything. They aren’t actually that immutable laws of cyber security.
— thaddeus e. grugq thegrugq@infosec.exchange (@thegrugq) April 24, 2024
"please make sure your phones are on silent at this time"
— rust belt city enjoyer (@rustbeltenjoyer) April 24, 2024
my phone has been on silent for the last 10 years, if it makes a noise I smash it against the pavement
This is a great observation: OPSEC is dead, misattribution is easier.
Do attackers not clean logs anymore? These are very misleading things to say. pic.twitter.com/DGdlpKNtec
— Dave Aitel (@daveaitel) April 17, 2024
Why would they? Their log entries are part of their long game to misattribute the attacks
— Joshua J. Drake (@jduck) April 17, 2024
It’s a more rewarding for attackers to focus on misattribution techniques to be caught up by average analysts than opsec to stay undetected from more experienced analysts. https://t.co/IJwTUBUqVE
— OPCDE (@OPCDE) April 17, 2024