"At Kirovskoe Airfield on occupied Crimea [and at at least 12 other air bases] there are decoy Russian fighter aircraft painted on the concrete ... Russian helicopters still regularly land on the painted decoy fighter silhouettes, completely undermining the deception attempt." https://t.co/WfEKqYIeaH pic.twitter.com/615HkiAwi1

— Guy Plopsky (@GuyPlopsky) April 2, 2024

Reverse engineering and vulnerability analysis of DJI drones' firmware.
A two-parts blog series by @nozominetworks

Firmware Analysis: https://t.co/n1QYXmpAb5
Vulnerability Analysis: https://t.co/Rud84c9L5l

Particularly interesting is the chain of weak Wi-Fi password cracking… pic.twitter.com/XzmqkZu2Rk

— 0xor0ne (@0xor0ne) April 2, 2024

Interesting short reading on combining #Rust and Wasm to evade static AV detection
Credits @balwurkhttps://t.co/mBZy4N8BoC#infosec pic.twitter.com/BWSQZ6ckVs

— 0xor0ne (@0xor0ne) April 2, 2024

📺Head over to the NDSS Symposium YouTube Channel to see recordings of keynote presentations by Meredith Whittaker @mer__edith and Prof Herbert Bos + all #NDSSsymposium2024 sessions https://t.co/zR7cwP03vR pic.twitter.com/W53s1eAb2H

— NDSS Symposium (@NDSSSymposium) April 2, 2024

Amazon has announced they're phasing out their checkout-less grocery stores.

The "Just Walk Out" technology, which was labeled as automatic, was actually 1,000+ Indian employees monitoring you as you walked through the store.https://t.co/uZlOZJgvC0

— vx-underground (@vxunderground) April 2, 2024

pic.twitter.com/GpIQOxaXJi

— lys (@ly7ine) April 2, 2024

Brilliant acknowledgment 😂🤣 pic.twitter.com/9bKjWAhzDA

— Maria (@MMylova) April 2, 2024

Someone asked me for a copy of document that doesn't exist because a genAI hallucinated it to them and said I authored it. It feels weird that a robot had a dream about me.

— Scott Piper (@0xdabbad00) April 2, 2024

New: Cyber Safety Review Board releases its report on the Chinese hack of Microsoft cloud-hosted email accounts: https://t.co/DAgwjt5eI8

"This intrusion was preventable and should never have occurred. ... Microsoft’s security culture was inadequate and requires an overhaul." pic.twitter.com/VVPSsnYTDs

— Eric Geller (@ericgeller) April 2, 2024

We are just getting started taking advantage of the vulnerabilities created by GenAI code. Attackers can create the dependancies that AIs hallucinate. https://t.co/CAdFpaLnc9

— Weld Pond | Chris Wysopal (@WeldPond) April 1, 2024

Today the Cyber Safety Review Board released its independent review of the Summer 2023 Microsoft Exchange Online intrusion laying out what led to the intrusion & what industry & gov't can do to ensure an intrusion at this magnitude does not happen again. https://t.co/pf5Vx2kuuo pic.twitter.com/dAsDY7HFxv

— Cybersecurity and Infrastructure Security Agency (@CISAgov) April 2, 2024

April release of the Pixel boot chain firmware includes fixes for 2 vulnerabilities reported by GrapheneOS which are being actively exploited in the wild by forensic companies:https://t.co/W9OjQcfZ30https://t.co/UWAaA9er57

These are assigned CVE-2024-29745 and CVE-2024-29748.

— GrapheneOS (@GrapheneOS) April 2, 2024

I would be *shocked* if this code was only used for this attack... There is so much reusable kit in both the shell script and the injected payload that I think it's reasonable to assume that they have also been used elsewhere. https://t.co/PlKntIXAEN

— Dino A. Dai Zovi (@dinodaizovi) April 3, 2024