April 25, 2022

                April 26, 2022

            April 25, 2022

            This is spectacular. Really cool stuff!
Trent Telenko @TrentTelenkoChalk an EW win up for Ukraine.  They seems to have figured out how to trigger Russian Orlan-10 reconnaissance drone recovery chute's remotely.

You bag enough drones.  

You get to reverse engineer their data protocols to infiltrate their remote commands👇👇👇 Ukraine War Report @UkrWarReport
🇺🇦🇷🇺⚡️Downed Russian Orlan-10 reconnaissance drone. https://t.co/Uy04nBk2UT11:00 PM ∙ Apr 24, 2022
1,025Likes201Retweets
Sergej Sumlenny @sumlenny
Russian FSB has fabricated a "plot" to kill Russian TV propagandist Solovyov. Allegedly by Ukrainian SBU and Nazis. One of the "evidences" is neonazi inscription on a book. Signed by "Signature unclear". Yes, FSB got an order to sign it with a "signature unclear" - and did so! 
4:14 PM ∙ Apr 25, 2022
500Likes163Retweets
 This clusterfuck operation is so bad it is comical. 
Eliot Higgins @EliotHiggins
I genuinely believe this is a dumb FSB officer being told to get 3 SIMs.3:39 PM ∙ Apr 25, 2022
2,191Likes317Retweets
Francis Scarr @francska1
And in these pictures from the raid we have a "Ukrainian neo-Nazi starter pack" courtesy of the FSB 
2:24 PM ∙ Apr 25, 2022
839Likes122Retweets
If you program, you write bugs. But, there’s help.

https://www.debuggingbook.org/html/Importing.html

Good stuff on how Russian disinformation can be countered (effectively).
Anatomy of an Info-War: How Russia’s Propaganda Machine Works, and How to Counter It | StopFake

https://www.stopfake.org/en/anatomy-of-an-info-war-how-russia-s-propaganda-machine-works-and-how-to-counter-it/

Ido Naor 🇺🇦 @IdoNaor1
WINAMP 1st version was exactly 25 years ago. Forever changing the way we consume media. 
9:05 PM ∙ Apr 23, 2022
6,089Likes1,034Retweets
Samuel Gross’ Offensive con talk on attacking JavaScript engines.
Samuel Groß @5aelo
The recording of @itszn13's and my @offensive_con talk "Attacking JavaScript Engines in 2022" is now on YouTube: youtu.beOffensiveCon22 - Samuel Gross and Amanda Burnett - Attacking JavaScript Engines in 2022https://www.offensivecon.org/speakers/2022/samuel-gro%C3%9F-and-amanda-burnett.html8:26 PM ∙ Apr 24, 2022
232Likes55Retweets

https://saelo.github.io/presentations/offensivecon_22_attacking_javascript_engines.pdf

Some wisdom from Dave “Dark Tan” Aitel.

https://cybersecpolitics.blogspot.com/2022/04/forecasting.html

 I wonder how much of this is local sabotage vs. Ukrainian special forces. We’ll probably never know for sure. 
Giorgi Revishvili @revishvilig
Reportedly, in #Bryansk, in addition to the explosions of oil and ammo depots, the railway has also been damaged which has been used to transport #Russian military equipment and ammunition to #Ukraine 
7:03 AM ∙ Apr 25, 2022
1,314Likes287Retweets
Australian spies helped expose secret pact between China and Solomon Islands

https://intelnews.org/2022/04/25/01-3191/

I guess this is the exception to public private partnership track record.
Ollie Whitehouse @ollieatnccgroup
I wrote a blog for @NCSC marking my four years there as part of their Industry 100 scheme.

If you have the chance to be part of i100 my advice is grab it with both hands.

It is one of the most fulfilling things I have ever done personally/professionally

ncsc.gov.ukInside Industry 100 - the on-loan CTOBy day, Ollie W is Chief Technology Officer for a multinational cyber security company. For the past four years he has also moonlighted at the NCSC as an i100 integree. In this blog, he reflects on his experiences so far and considers the opportunities for others to be part of i100 too.5:24 AM ∙ Apr 23, 2022
43Likes7Retweets

Dave throwing some shade. It’s cool how “making a cogent observation” and “throwing shade” are the same thing when talking about the FBI
Dave Aitel @daveaitel
Maybe opening new cases is not a scalable situation for this kind of thing? 
Mike Rogers @RepMikeRogers
The @FBI opens a new #China-related counterintelligence case every 12 hours & has over 2K cases open right now. Director Wray is absolutely right, the hacking & espionage threat from the #CCP is "unprecedented in history". We better start acting like it. https://t.co/CGaWHSIASF11:47 AM ∙ Apr 25, 2022
25Likes4Retweets

Exploit devs talking bug hunting
starlabs @starlabs_sg
Our team member, @peternguyen14 's  slidedeck at #Zer0Con2022 is public now. We hope it is useful.
github.comPresentations/A Journey Of Hunting macOS kernel.pptx at main · star-sg/PresentationsContribute to star-sg/Presentations development by creating an account on GitHub.1:18 PM ∙ Apr 25, 2022
43Likes11Retweets

If patching worked you’d only have to do it once? I guess? It seems like one of those bad faith “if X worked then why doesn’t it work?” arguments where the dichotomy is false and the points don’t matter. Just patch your shit.
My philosophy is: make them earn their paycheck. If the adversary has to work for it, then it’s a win.
Manuel Atug @HonkHaseAlso ich mag ja, wie @daveaitel denkt 😏👌

Sicherheitsexperte: Stopfen von Sicherheitslücken ist sinnlos

"Patches würden Unternehmen und Kund*innen ein falsches Gefühl von Sicherheit für unsichere Software geben."

#AllesAnzünden & instant #Brandroden
futurezone.at/digital-life/p…
futurezone.atSicherheitsexperte: Stopfen von Sicherheitslücken ist sinnlosPatches würden Unternehmen und Kund*innen ein falsches Gefühl von Sicherheit für unsichere Software geben.12:52 PM ∙ Apr 25, 2022
28Likes6Retweets
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

Don't miss what's next. Subscribe to the grugq's newsletter: