August 17, 2023
August 17, 2023
This is amazing. Not only the bridge was unsecured to be attacked by two drones from two directions, Ukrainians also had access to the cameras on the bridge. pic.twitter.com/6KbxMZjOUM
— Dmitri (@wartranslated) August 16, 2023
Its fun because this is basically the exact kind of cult that got really popular in former SSRs right after the Soviet Union collapsed. https://t.co/BzOpIhpeB2
— Graham Gallagher (@GrahamGallaghe9) August 16, 2023
The Holy Church of [throws dart] Divine Exigency is centered on [Spins wheel] an 8 year old holy oracle named Yuri who [picks slip of paper from bowl] holds that Alexander Nevsky will return based on [eeny meeny miney mo] a dream that had after watching Inspector Gadget
— Graham Gallagher (@GrahamGallaghe9) August 16, 2023
Former high-ranking FBI official Charles McGonigal pleaded guilty Tuesday in federal court to conspiring to violate U.S. sanctions and to laundering money by secretly working on behalf of a Russian oligarch he had been tasked with investigating. https://t.co/qyGZDP7vqY
— Julia Davis (@JuliaDavisNews) August 15, 2023
Iran and the Rise of Cyber-Enabled Influence Operations | @MsftSecIntel | Since June 2022, multiple Iranian state groups have deployed a new type of attack vector known as cyber-enabled influence operations (IO). https://t.co/KvIR8FY9al @DarkReading
— 780th Military Intelligence Brigade (Cyber) (@780thC) August 16, 2023
Big news! Someone finally noticed that if you hold down CTRL, the process list in Task Manager conveniently freezes so you can select rows without them jumping around.
— Dave W Plummer (@davepl1968) August 16, 2023
I did this so you could sort by CPU and other dynamic columns but then still be able to click stuff... pic.twitter.com/SD2qPlrci8
checking out my stolen stuff at the british museum pic.twitter.com/9YROVdknFC
— Aqqalu ❄ (@uyarakq) December 31, 2022
What is "gray zone conflict", why does it happen, and should we be worried? My work on this with Erik Gartzke, @jonrlindsay , and Peter Schram is now published in JCR. Gray zone conflict is neither new, nor an indication that deterrence has failed: https://t.co/ZaQrFSZU2Z pic.twitter.com/B8c5xgkbSV
— J Andres Gannon (@AndresGannon) April 20, 2023
Also, here is my exploit for the PN553, an NFC chip from a series which was found an insane number of phones at the time of analysis: https://t.co/bP2ZdAv1QG this version purely dumps the BootROM from the chip, and could be adapted to most non-updated PN series chips.
— Iskuri (@Iskuri1) August 15, 2023
Verichains researchers have released TSSHOCK, private key extraction attacks on many popular MPC/TSS protocol implementations at BlackHat USA 2023! Read more at https://t.co/1IuJR9FTLa
— Verichains (@Verichains) August 16, 2023
I used to teach game theory, both undergrad & phd levels. One game I would do at start is version of Keynesian beauty contest: everyone picks a number 0-100, person closest to 2/3 of average wins. Nash is 0. But anyone choosing 0 loses, bc the class aren't (yet) game theorists. >
— Richard McElreath 🦔 (@rlmcelreath) August 16, 2023
While the English team may win - they face the ultimate defeat - having to return to England
— dan nolan (@dannolan) August 16, 2023
As the date when Oryx will come to an end draws nearer, I've written down several paragraphs reflecting on Oryx's journey. A big thank you to everyone who takes the time to give it a read.
— Oryx (@oryxspioenkop) August 15, 2023
Putting Down The Pen: Reflecting On Oryx’s Journeyhttps://t.co/vbeVR35xVv
Suspected spies for Russia arrested and charged in security investigation | UK News | Sky News
Orlin Roussev, Biser Dzhambazov and Katrin Ivanova were arrested in February under the Official Secrets Act after being found with multiple passports from different countries.
Last time we showed you how we found a DNS parsing vulnerability. Now join us as we exploit it and get a root shell!https://t.co/YspwkHm6nJ pic.twitter.com/byFBq3uAUQ
— Flashback Team (@FlashbackPwn) August 16, 2023
OK, real talk. @telegram makes big proclamations about free speech and privacy, but their promises are mostly marketing.
— Meredith Whittaker (@mer__edith) August 15, 2023
The app collects a huge amount of data. And like all Big Tech, when actually pressed by governments, they ultimately comply. https://t.co/rsh9stGRZs
"Rise"
— Radical Graffiti (@GraffitiRadical) August 14, 2023
Orca uprising poster spotted in Oslo, Norway pic.twitter.com/OcQy5od3xv
Our monthly summaries are now also available in English: https://t.co/aaMzhNXsYq There you can find information about the most significant incidents in Estonian cyberspace, our prevention activities and statistics, but also international trends. #ria #summary #overview #monthly
— RIA (NCSC-EE) (@e_riik) August 16, 2023
Here’s the best part pic.twitter.com/oHImwSbjds
— Rev. Jesus "H" Christ (@realRevJesus) August 15, 2023
"How to Build a Fuzzing Corpus" introduces some of the basic theory behind using a seed corpus for fuzzing, and answers three key questions: what is a seed corpus, why are they useful, and how can we build one from scratch? https://t.co/EGh4jcALGF
— Ben Hawkes (@benhawkes) August 16, 2023
I used to talk about this in various talks and papers. A quick search and I found slide 12 here https://t.co/ctXCuQ48yO and to a lesser extent slide 48 here https://t.co/VGEZ7WQnE9
— Charlie Miller (@0xcharlie) August 16, 2023
As Ivanti Avalanche is making news, a quick reminder about my research. It gave me about 10 pre-auth RCEs, HQL injection and other bugs.
— Piotr Bazydło (@chudyPB) August 16, 2023
Pre-auth vector was very interesting and you can find details in two parts: https://t.co/lnnzWLoU40https://t.co/WFpK3MAIcb
Inside CounterCloud: A Fully Autonomous AI Disinformation System - The Debrief
CounterCloud, a totally autonomous AI disinformation system, gives a glimpse into how AI and disinformation will work together in the future.
imagine being the guy who came up with the “a bit more” button. you sit back, satisfied, but also melancholy: you know that nothing in life will surpass this achievement pic.twitter.com/9tTTLzkZ7X
— bowser (@browserdotsys) August 15, 2023
We, as a country, are losing the information war bc there is a large segment of the population, including many in the military, that benefit from disinformation politically, financially, and ideologically. It’s not that they don’t know how to win, they don’t even want to fight.
— That Leftie Peace Corps Chick™🥤 (@ms_joan777) August 16, 2023
Another great example of ignoring the security of infrastructure by crypto projects. A key that allows full rug stored on some VPS with a wordlist password. Decentralization at its finest :). https://t.co/CPJqVYd7rJ
— Pawel Wylecial (@h0wlu) August 16, 2023
Helicopter Footage From Mass Arrest Reveals State Trooper Surveillance Capabilities, Tactics, and Communications - UNICORN RIOT
High-tech surveillance video and audio comms from a MN State Patrol helicopter, reveals planning and tactics behind the largest mass arrest in recent Minnesota history.
Excited to share our next innovation in fuzzing: Using AI to break the bug hunting barrier - https://t.co/CUBO5xD3gB
— Abhishek Arya (@infernosec) August 16, 2023
A new post on https://t.co/WRLJBi2GNf looks at the peripatetic journey of Comsec in the UK from 1944 to 1969. Who should be responsible for it?
— Tony Comer (@TCHisTree) August 16, 2023
Great infographic on cybersecurity strategies by @swagitda_.
— Abraham Marín-Pérez (@AbrahamMarin) August 16, 2023
Always ask yourself: are you addressing liability from risk (Control strategy) or risk itself (Resilience Strategy)?https://t.co/3nv0pUMOco
Army Studying Use of Strategic Offensive Cyber Tools at Tactical Edge | https://t.co/8AiPouG3rB “...how do we take some of these existing OCO [offensive cyber operations] capabilities and provide them down to the tactical force,” Col. Nadine Nally @AFCEACyberExpo
— 780th Military Intelligence Brigade (Cyber) (@780thC) August 16, 2023
"Running a successful open source project is just Good Will Hunting in reverse, where you start out as a respected genius and end up being a janitor who gets into fights."
— Jens Axboe (@axboe) August 12, 2022
Quote attributed to @cra, and I don't think I've ever seen anything more true posted.
The original quote is, I believe, from @ByrneHobart in his review of Working in Public https://t.co/AWasKQm5vb
— Brendan Dolan-Gavitt (@moyix) August 14, 2022
https://t.co/7g7GlP1K5x https://t.co/2sHThSBzXZ
— Joshua J. Drake (@jduck) August 17, 2023
Oh, what a non-surprise here.
— Gustav C. Gressel (@GresselGustav) August 16, 2023
Unfortunately in 🇩🇪 Wirecard is still treated as a banking/finance scandal, not a counter intelligence failure. https://t.co/VS4RThdIeQ
Threat groups targeting security researchers. ".based in an eastern European country, said he was followed on a skiing trip, received threatening phone calls and had to placate his wife after she was sent doctored pictures of him with a female employee" https://t.co/bU1kbP7GuF pic.twitter.com/799jsSIkPT
— Lukasz Olejnik (@LukaszOlejnik@Mastodon.Social) (@lukOlejnik) August 17, 2023
I was surprised by a talk Yejin Choi (an NLP expert) gave yesterday in Berkeley, on some surprising weaknesses of GPT4:
— Alex Dimakis (@AlexGDimakis) August 16, 2023
As many humans know, 237*757=179,409
but GPT4 said 179,289.
For the easy problem of multiplying two 3 digit numbers, they measured GPT4 accuracy being only… pic.twitter.com/kp3TDBaWId
Thought: Excessive marketing is like an arms race and mostly a negative-sum game: If every (US) company halved their marketing budget, no company nor consumer would be worse off, and the savings and freed labor used productively could easily solve world poverty&hunger&more. pic.twitter.com/GHrXobkBqe
— Marcus Hutter (@mhutter42) June 24, 2021
Patches, Collisions, and Root Shells: A #Pwn2Own Adventure
— raptor@infosec.exchange (@0xdea) August 17, 2023
// by @SonarSource https://t.co/5sjssliojS