April 26, 2022

                April 27, 2022

            April 26, 2022

            Crypto. NFT. Fraud. Rinse. Repeat.
Lorenzo Franceschi-Bicchierai @lorenzofb
NEW: Hackers took over the official Instagram account of @BoredApeYC and tricked people into giving up control of their wallets.

The hackers stole 134 NFTs, which according to estimates are valued at $2.7 million.

vice.comBored Ape Yacht Club Instagram Hacked, NFTs Worth Millions StolenHackers tricked victims into giving control of their wallets to them with a fake ad for an upcoming NFT project.4:21 PM ∙ Apr 25, 2022
427Likes167Retweets

Thomas spitting straight fire
Thomas H. Ptacek @tqbf
In other words: by making it harder for state-level adversaries to read your DMs, you can be doing them a favor; they’re not spending their own money to build the incredibly wasteful and complicated intercept systems that’ll spring up in response to almost-good-enough E2E.5:44 PM ∙ Apr 25, 2022
16Likes2Retweets

Cyberwar is hard. 
Dmitri Alperovitch @DAlperovitchCyber psyops. The scrolling news for the Ukrainian Priamyi TV channel was reading tonight: “Ukrainians, give up!  Zelensky signed the act of surrender”

Seems like a big waste of time. Completely ineffective as far as psychological ops go 2:41 AM ∙ Apr 26, 2022
140Likes42Retweets
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.
A hacking tool for STUN etc servers.

https://github.com/firefart/stunner

Curated list of cyber attacks against Ukraine.

https://github.com/curated-intel/Ukraine-Cyber-Operations

I am honestly curious how the Instagram account was hijacked. Crypto has been amazing for security. All sorts of novel attacks are being exposed and documented. 

https://watcher.guru/news/bayc-instagram-and-discord-hacked-over-13-million-in-nfts-stolen

I have some reservations about some books on this list, but there are several that I think are good. 
IA_Scholars_CGSC @IA_Scholars
Book recommendations for all the Information Advantage experts out in the Twitterverse. 

Send your recommendations for future learning and share away! 
2:00 PM ∙ Apr 25, 2022
224Likes53Retweets
List of container breakout vulnerabilities, for those who like to look into that sort of thing.

https://www.container-security.site/attackers/container_breakout_vulnerabilities.html

This is a weird find. A dummy charge on a rail line in Russia.
🇺🇦 Ukraine Weapons Tracker @UAWeapons
#Russia: There are reports that "a mine" was found planted on a railway line in one of the villages of rural Bryansk Oblast. 
9:46 PM ∙ Apr 25, 2022
4,456Likes706Retweets
🇺🇦 Ukraine Weapons Tracker @UAWeapons
We managed to identify the pictured "mine" - this is in fact a Soviet SZ-6 demolition charge. And most interestingly - it is inert (bottom line says ИНЕРТН); so not dangerous at all. The real one, however, consists of 5.9 kg of TNT. 
9:46 PM ∙ Apr 25, 2022
1,663Likes269Retweets
Important legal news for cyber. 
Jeff Moss @thedarktangent
Looks like Markus (Wall of Sheep) is going to trial under the False Claims Act against Aerojet Rocketdyne for covering up cybersecurity problems and will be a test case for the DOJ Civil Cyber-fraud initiative. A shifting in the force may be near. 

news.bloomberglaw.comAerojet Rocketdyne Cybersecurity Trial Could Be DOJ BellweatherA federal jury trial involving allegations that Aerojet Rocketdyne violated the False Claims Act by hiding cybersecurity problems from the government will offer an early test of how the FCA applies to allegations of cybersecurity fraud, MoloLamken partner Caleb Hayes-Deats explains. The outcome coul…2:51 AM ∙ Apr 26, 2022
38Likes21Retweets

Another slide deck from zer0con
VictorV @vv474172261My slide at #Zer0Con2022 is public now, hope it can help you :)
[github.com/474172261/slid…]
github.comslides/Old School, New Story--Escape from Hyper-V by Path Traversal.pdf at main · 474172261/slidesCollection of slides. Contribute to 474172261/slides development by creating an account on GitHub.7:13 AM ∙ Apr 25, 2022
263Likes77Retweets

Cool work. A bounty for reversing blur redaction of an image was claimed.
Fuck around:
uɐpʇou@ ✸ @notdan
Show me one practical use of the "Deobfuscating Pixel Filter With AI/ML" and I'll send you $100 in XMR. Must be original, show your work (aka screenrecord everything) and not be one of the samples that the author of the "vulnerability" provided. Print the text on my sample & win: 
1:20 AM ∙ Apr 7, 2022
86Likes17Retweets
Find out:
William Fleshman @willcfleshman
@notdan "this was a faux vulnerability for credibility nobody questioned"

Time lapse of output as a super resolution resnet trains on the task: 
12:32 PM ∙ Apr 25, 2022
243Likes53Retweets

Privesc by misconfiguration. 
ap @decoder_it
Published a short blog post on how some stupid misconfigurations can lead to bad scenarios in GP processing decoder.cloudA not-so-common and stupid privilege escalationSome time ago, I was doing a Group Policy assessment in order to check for possible misconfigurations. Apart running the well known tools, I usually take a look at the shared SYSVOL policy folder. …5:33 PM ∙ Apr 25, 2022
80Likes31Retweets

There’s a war on. No, the other one. 
What is really wild about this is that there are so many insane things that “aren’t war” but which are the new normal. Here we have a proxy war operator, building IED loitering UAVs, for a non-state actor, who was tracked so precisely that special forces were able to interdict him in transit. That is some future war shit right there.
Charles Lister @Charles_Lister
Remarkable how little attention this has had -- an apparent U.S. SOF airborne raid, snatching #IRGC proxy operatives preparing kamikaze drone attacks, allegedly against targets in #Iraq & #Saudi. 
Blesa Shaways @Bilesa_Shaweys🔴Important 
6 #US helicopters (Blackhawk & Chinook) detained 2 #Iranian military advisors and high ranked commander of Kata'ib Hezbollah in the village of Abu Akula, in the Kanaan district in Diyala Northern #Iraq.
The convoy were carrying explosive drones. https://t.co/toVTpRp3l31:14 PM ∙ Apr 26, 2022
106Likes51Retweets

Get this, apparently Facebook doesnt know exactly what happens with the data it collects. I am absolutely astounded. 
Joseph Cox @josephfcoxNew: a damning internal Facebook document shows the company admitting it doesn't actually know what it does with users' data, nor where it ends up. Compares to ink falling from a bottle.

"It flows ... everywhere." vice.com/en/article/akv… 
1:54 PM ∙ Apr 26, 2022
129Likes75Retweets

The whole “pay people to install malware” attack is still viable. I guess “buy the company” is also an attack vector. There’s just a lot of vulnerability that appears as soon as money shows up.
If everything is reduced to transactional relationships, then clearly companies will be outbid by attackers. Obviously, then, the solution is to not reduce everything to a transactional relationship. Things that money can’t buy… etc.
𝕯𝖒𝖎𝖙𝖗𝖞 𝕾𝖒𝖎𝖑𝖞𝖆𝖓𝖊𝖙𝖘 @ddd1msCybersecurity teams can build walls and deploy virus scanners against malicious code, but when the vulnerabilities are carbon units (you know them as human beings), that is much harder to cabin – and is part of the reason for Lapsus$’s relative success.

therecord.mediaLapsus$: The script kiddies are alrightA new cyber extortion team has burst on the scene turning low-tech operations into high impact heists. But they have a weakness – we explain. Plus, a hacking story from a different era.2:28 PM ∙ Apr 26, 2022
8Likes2Retweets
Speaking of symbolism
Kateryna_Kruk @Kateryna_Kruk
Kyiv now: monument of "friendship" between Ukraine and Russia is being dismantled as we speak. 
12:51 PM ∙ Apr 26, 2022
3,847Likes670Retweets
The cyber war is heating up. Chess.com is banned in Russia.

https://www.chess.com/news/view/chess-com-banned-by-russia

Thank you for reading The Info Op. This post is public so feel free to share it.
Share

Don't miss what's next. Subscribe to the grugq's newsletter: