December 13, 2022

The last Between Two Nerds of the year was just released. This is a really good discussion on how countries should approach cyber grand strategy. Some counterintuitive conclusions, and a great conversation overall. This one goes to 11.

-

Avid Halaby @AvidHalaby

The stuff uncovered in the Twitter whistleblower report is much crazier than anything in the "Twitter files" but it's much less politically/tribally salient so it got no attention. Going to do a thread on some of the craziest things, in no particular order.

2:25 AM ∙ Dec 12, 2022

---

50,023Likes11,717Retweets

-

Chris Wysopal @WeldPond

Why hack the info when you can just ask?

reuters.comNorth Korean cyber spies deploy new tactic: tricking foreign experts into writing research for themWhen Daniel DePetris, a U.S.-based foreign affairs analyst, received an email in October from the director of the 38 North think-tank commissioning an article, it seemed to be business as usual.

5:26 PM ∙ Dec 12, 2022

---

19Likes15Retweets

-

Subscribe now

Existential Comics @existentialcoms

Philosophically Arguing With the Referee - existentialcomics.com/comic/476

5:54 PM ∙ Dec 12, 2022

---

632Likes138Retweets

-

Matthijs R. Koot @mrkoot

NSA Releases Series on Protecting DoD Microelectronics From Adversary Influence (Dec 8) nsa.gov/Press-Room/New…

• FPGA Overall Assurance Process, 19pp
• FPGA Best Practices - Threat Catalog, 25pp
• FPGA LoA1 Best Practices, 90pp
• Third-Party IP Review Process for LoA1, 23pp
  

  

  

  
  8:21 PM ∙ Dec 11, 2022

  ---

  24Likes9Retweets

  -

  Fortinet CVEs.

PSIRT | FortiGuard

None

-

Cool work to create a pattern that prevents AI from detecting “human” but doesn’t attract attention from humans. Camouflaged camouflage, if you will.

$71 Coat Makes Wearers Invisible to AI Security Cameras | PetaPixel

It looks like an ordinary camouflage coat.

-

EL BARTO ANTI-WORK @ElBartoArmy

db @tier10k

Members of the inner circle of power at FTX formed a chat group called “Wirefraud” and were using it to send secret information about operations in the lead-up to the company’s spectacular failure.

https://t.co/4nlXcFcdaS https://t.co/pHmAobtjQ0

-

Red Team lab automation by @PenTestPartners

"In this post I’ll detail how, using Packer, Terraform, and Ansible, to go from an empty ESXi server to an up and running Windows domain in minimum time."

-

Kim Zetter @KimZetter

What a bad idea. Aside from the fact that many courts ban the use of electronics in them, how exactly do you wear Air Pods without the judge seeing them and 1) telling you to remove them or 2) figuring out the scheme you’ve got going on and punishing you for it?

Joshua Browder @jbrowder1

Anyone with a speeding ticket hearing coming up, please DM me.

We want to build a @donotpay bot that listens to the court hearing via your AirPods and whispers what to say with GPT-3 and LLMs.

We just want to experiment and will pay the ticket, even if you lose!