August 20, 2022

                August 20, 2022

            August 20, 2022

Felix Krause @KrauseFxContinuing to analyse the Instagram iOS app, I found something new: 

Besides injecting pcm.js (as covered last week), Instagram also injects JavaScript code to observe all taps happening inside their in-app browser, like clicking on buttons, links or images. 9:09 PM ∙ Aug 18, 2022
1,247Likes385Retweets-
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.
celesian @c3l3si4nThis new trick for turning any PHP LFI to RCE is awesome! I've been wondering why it didn't get more attention since it works better than any other LFI2RCE techniques out there (such as expect://).Props to @loknop for publishing this technique initially👏 
book.hacktricks.xyz/pentesting-web… 
12:08 AM ∙ Aug 19, 2022
946Likes291Retweets
-
FSB screwed up their intelligence on Ukraine. 

https://www.washingtonpost.com/world/interactive/2022/russia-fsb-intelligence-ukraine-war/

-
Alice @alicescrambled
Seriously, this is what they went with? 

When ‘Tsarbucks’ was right there for the taking? 
4:35 PM ∙ Aug 19, 2022
13,592Likes1,669Retweets
-
Ron Bowes @iagox86
I just published a writeup of yet another actively exploited vulnerability in Zimbra - patch your ZCS (or burn it down) ASAP!

Combined with an 0-day privesc bug from last October (CVE-2022-37393), this is remote root. Again.

attackerkb.comCVE-2022-27925 | AttackerKBOn May 10, 2022, Zimbra released versions 9.0.0 patch 24 and 8.8.15 patch 31 to address multiple vulnerabilities in Zimbra Collaboration Suite, including CVE-2…4:21 PM ∙ Aug 19, 2022
46Likes19Retweets
-
“It’s a phishing vessel” - [credit: Eric Capuano]
Nine Dragons @NineDragons2
China denies that the Yuan Wang 5 is any form of "spy" ship or has any military function. They say it's purely a civilian ship.
The ship: 
3:25 AM ∙ Aug 17, 2022
5,744Likes1,134Retweets
-
Dustin Volz @dnvolz
Lloyd’s of London will require its insurer groups globally to exclude catastrophic state-backed hacks from stand-alone cyber insurance policies starting next year.

wsj.comLloyd’s to Exclude Catastrophic Nation-Backed Cyberattacks From Insurance CoverageLloyd’s of London will require its insurer groups globally to exclude catastrophic state-backed hacks from stand-alone cyber insurance policies starting next year.1:57 PM ∙ Aug 19, 2022
34Likes40Retweets
-
Matthijs R. Koot @mrkootRAND: China's Weapons Exports and Private Security Contractors (Aug 2022) rand.org/pubs/tools/TLA…

Direct link to document (3.6MB .pdf, 4 pages) rand.org/content/dam/ra… 
1:11 PM ∙ Aug 19, 2022
10Likes10Retweets
-
The VIASAT hack impacted French emergency services in some capacity.
SwitHak (👁) @SwitHak
Very interesting reporting in 🇫🇷 where we learned that VIASAT impacted French first urgency services backup relays for the emergency numbers 15🚑 & 18🚒
↘️ 
BGPilliet @bgpillietCompte-rendu de l'audition du 13 juillet 2022 à huis clos de Stéphane Bouillon, Secrétaire Général de la #Défense et de la #Sécurité Nationale, devant @AN_Defense 
De nbx points abordés en #securitenumerique - #securiteeconomique 
#sgdsn #souverainete 
https://t.co/2yZ6NnLntt https://t.co/OX5jUdJIDq12:50 PM ∙ Aug 19, 2022
7Likes7Retweets
-
Will this be a chance for the Space Force to actually do something if the Russians move to disrupt this channel? 
Shashank Joshi @shashj
One of the big untold stories of the war is the massive quantity of commercial (and non-commercial) satellite imagery being funnelled to Ukraine for military purposes. 
Shashank Joshi @shashj
“As part of the agreement, ICEYE will transfer full capabilities of one of its SAR [radar] satellites already in orbit for the Government of Ukraine’s use over the region” https://t.co/XSSzzJC6PR10:03 PM ∙ Aug 18, 2022
102Likes14Retweets
-
Henri Muurimaa @henrimuurimaa
TIL there is a wild "Military use" section on the wikipedia page of one of our more popular folk songs @cstross en.wikipedia.orgSäkkijärven polkka - Wikipedia4:50 PM ∙ Aug 19, 2022
41Likes12Retweets
-
I marvel at the new ways people figure out to scam and defraud each other.  
korpi @korpi87Do you know a simple signature in Metamask can drain your wallet?

A very experienced user (top 10 by Degen Score) lost almost 500k USDC in an exploit today.

You could be next...

A short thread how it happened and how you can avoid such exploits in future.12:01 AM ∙ Aug 19, 2022
5,408Likes2,066Retweets-
Great paper on how we abuse history to rationalise and justify whatever we want. Also, on Sparta. Which was terrible. 

https://eidolon.pub/this-is-not-sparta-392a9ccddf26

-
Not to brag or anything, but the Glasshouse Centre for the Cyber Arts had an excellent guest interview:
-
Haifei Li @HaifeiLiThis is the same attack vector as the #badwinmail attack sites.google.com/site/zerodayre… - someone sends you an email and you're owned *unavoidably*. TBH I'm still frustrated by @msftsecresponse refusing to offer bounties for this kind of RCE bugs.

Will Dormann @wdormann@HaifeiLi @GossiTheDog @taviso @msftsecresponse Or if you want a different perspective:
Outlook crashing completely hands off.
It was idle at the inbox, and somebody sent me an email. https://t.co/O3hy2kcMxn
8:48 PM ∙ Aug 19, 2022
12Likes6Retweets
-
Rob Joyce @NSA_CSDirector
6:43 AM ∙ Aug 19, 2022
1,363Likes234Retweets
-
Natalie Silvanovich @natashenka
iOS and MacOS recently started parsing media codec parameter sets in the kernel, leading to bugs like this bugs.chromium.org2292 - project-zero - Project Zero - Monorail6:34 PM ∙ Aug 19, 2022
407Likes107Retweets
-
Patrick Howell O'Neill @HowellONeill
I obtained the investor pitch deck Erik Prince used to raise €5 million for his Unplugged security phone. He describes the upcoming $850 phone as “impenetrable to interception and surveillance” thanks to “government-grade encryption.” Let’s go through it. technologyreview.comErik Prince wants to sell you a “secure” smartphone that’s too good to be trueMIT Technology Review obtained Prince’s investor presentation for the “RedPill Phone,” which promises more than it could possibly deliver.11:08 AM ∙ Aug 19, 2022
445Likes196Retweets
-
Steve Eckels @stevemk14ebrFascinating paper. What makes a reverse engineer an expert. And what techniques do they use vs novices.

'All the best reversers were not fastest only because they could read and understand the code faster, but also because they reversed less code' 🔥🔥

usenix.org/system/files/s…
1:20 AM ∙ Aug 16, 2022
401Likes120Retweets
-
Catherine @whitequark
the existence of bong hits implies the existence of bong misses and a bong acquisition & tracking system8:59 AM ∙ Aug 20, 2022
116Likes18Retweets
-
The Register @TheRegister
The truth about that draft law banning Uncle Sam buying insecure software reg.cxTruth about that ban on US govt from buying insecure appsThere’s always a get-out clause2:28 AM ∙ Aug 19, 2022
21Likes9Retweets
-
Halvar Flake @halvarflake
As a fan of identifying situations where random action beats human judgement in expectation, viewing divination as an RNG for such situations is a fascinating perspective. 
Helen De Cruz @Helenreflects
@moorehn https://t.co/XgCmNeElBP  I wrote a while ago on why practices like astrology can be rational6:25 AM ∙ Aug 20, 2022
34Likes13Retweets
-
Trev Clark's Obscure Aviation History 🚁 @clark_aviation
Bang!!
A fantastic image of USAF pilot Chris Striklin ejecting from his F-16 aircraft at an altitude of just 140 feet. The pilot (of the 'Thunderbirds' 2003 aerobatic team) survived, but his F-16 was not so lucky. Thankfully it crashed in an empty area of the display ground. 
9:52 AM ∙ Aug 20, 2022
268Likes54Retweets
-
The Onion @TheOnionTexas Schools Require Clear Bags To Prevent Students From Bringing In Books bit.ly/3c2gxTj 
5:45 PM ∙ Aug 19, 2022
30,674Likes5,500Retweets
-
Clomnivated AlwaysWasAlwaysWillBe @SezClom
My cousin sent this to me this morning and it’s the greatest thing I’ve ever read: 
1:11 AM ∙ Aug 20, 2022
5,270Likes883Retweets
-
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

                Don't miss what's next. Subscribe to the grugq's newsletter: