August 28, 2022

                August 28, 2022

            August 28, 2022

            Computer-aided targeting systems are paradigm shifts in combat lethality. 
The B-29 gun sight uses an analogue computer which performs a load of calculations accounting for air density, air temperature, range, bullet drop, deflection, etc., to work out a firing solution. Thanks to this system, the effective range of the B-29s guns was 900 yards, exceeding the interceptors attacking them.
These sights were so effective that the B-29 was safe even without a fighter escort. Because of this targeting system, B-29s actually have a higher air-kill ratio than the P-51! To be fair, there are some ulterior reasons for this, such as B-29s entering the war after Japan's experienced pilot force was depleted.
I think it's fascinating how even such an early computer was such a complete game changer. Computers have made combat more deadly from the very beginning. 

-
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

-
Jayson E. Street 💙 🤗💛 Hacker - Helper - Human @jaysonstreet
Shout-out to whoever went to Black Hat and had North Korean malware on their PC theregister.comNorth Korean malware and more observed on Black Hat networkI am the one who NOCs11:45 PM ∙ Aug 25, 2022
298Likes76Retweets
-
Brian in Pittsburgh @arekfurt
Neat. Kaspersky managed to grab some of North Korean Kimsuky group's server side target validation scripts.
The tactic of forwarding observed IPs + other info over different levels of C2 staging is a potentially very annoying one for sandboxes to overcome.
securelist.comKimsuky’s GoldDragon cluster and its C2 operationsKimsuky is a prolific and active threat actor primarily targeting Korea-related entities. In early 2022, we observed this group was attacking the media and a think-tank in South Korea.10:01 PM ∙ Aug 27, 2022
51Likes19Retweets
-
Dave Aitel’s latest video paper review.

-
Interesting EW? Hacking?
Dmitri @wartranslated
Ukrainians hijacked a Russian drone to the surprise of its operators, live on camera 😂 Slight panic at the end as Russians realise their location is not safe anymore 
8:48 PM ∙ Aug 27, 2022
10,160Likes1,788Retweets
-
Michael F. Bird @mbird12
Controversial thesis: If the highest paid person in your university or college is the basketball coach or the football coach, then it is not a university, it is a sporting franchise with a side hustle in tertiary education.11:54 PM ∙ Aug 26, 2022
29,079Likes4,216Retweets
-
Daniel Von Fange @danielvf
Here’s how signature malleability attacks work.

Two attacks. 

If a user signs the same message multiple times, they get a different signature each time. If your code uses a signature as an identifier for blocking actions, users can repeat that action. 1/3 
2:16 PM ∙ Aug 26, 2022
645Likes140Retweets
-
Ronald Drimmel 🇺🇦 @rdrimmel
Expected capacity of Starship is about 150 tonne, so that means about 120 Gen2 Starlinks per launch. That means to deploy 30k sats you need 250 Starship launches. Expected on-orbit lifetime is same as Gen1: 5 to 7yrs.
nasaspaceflight.comSpaceX to leverage Starship for second generation Starlink constellation - NASASpaceFlight.comSpaceX has provided some interesting context into its plans to launch vast numbers of next-generation…1:35 PM ∙ Aug 26, 2022
366Likes67Retweets
-
raptor @0xdeaFun xdev writeup by @JFrogSecurity 

SATisfying our way into remote code execution in the OPC UA industrial stack

jfrog.com/blog/satisfyin… 
8:17 AM ∙ Aug 28, 2022
9Likes2Retweets
-
raptor @0xdeaNice argument injection in vscode, discovered by @SonarSource 

blog.sonarsource.com/securing-devel… 
7:49 AM ∙ Aug 28, 2022
62Likes15Retweets
-
raptor @0xdea
The best techniques are the ones that are simple yet effective

github.comGitHub - Markakd/DirtyCredContribute to Markakd/DirtyCred development by creating an account on GitHub.7:35 AM ∙ Aug 28, 2022
24Likes7Retweets
-
MF FairyPrincessSmoo @Smooheed
Triceratops implies the existence of tricerapants 

Fuck it, send, this app’s free anyway3:03 AM ∙ Aug 26, 2022
688Likes182Retweets
-
SwiftOnSecurity @SwiftOnSecurity
Apple continuing to offer no redaction tool in iOS16, and guiding users towards the highlighter tool which is _dangerous_ used across  multiple passes, is the kind of large-organization psychopathy of disinterested PMs cashing checks that will forever keep humanity sucking dirt.2:17 AM ∙ Aug 28, 2022
511Likes71Retweets

Don't miss what's next. Subscribe to the grugq's newsletter: