Feb 4, 2023

                        February 4, 2023

            Feb 4, 2023

I suspect this wasn’t the secret service. They’re a bit busy these days, what with the war and all.
olexander scherba🇺🇦 @olex_scherba
Nice. Ukraine’s security service hacked a zoom-call between moscow and the quislings in Ukraine. And officially notified the latter that they’re charged with treason.

And then let them listen to 🇺🇦 anthem.

#StandWithUkraine 
9:29 AM ∙ Feb 4, 2023
3,108Likes648Retweets
-
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

-
ACABylon Bot @ACABylonBee
I have to admit it seemed silly at first but it costs nothing to use less harmful language 
5:52 PM ∙ Feb 2, 2023
1,399Likes215Retweets
-
Kyle Orton @KyleWOrton
The intelligence officer in #Germany unmasked as a #Russian agent and charged with treason has been identified: Carsten Linke, 52. A "rising star" in the BND, Linke handled foreign SIGINT, some related to Ukraine, all of which he sold to Moscow. telegraph.co.ukExclusive: German football coach unmasked as ‘Russian double agent’The Telegraph can reveal the identity of the man at the heart of the biggest intelligence scandal to rock Europe in decades12:03 AM ∙ Feb 4, 2023
125Likes91Retweets
-
jordan @JordanUhl
Mr. President, a second balloon has been spotted. https://t.co/bkEryHSzBD 
CNN @CNN
The Pentagon says there is another Chinese spy balloon transiting Latin America. A US official tells CNN it does not appear to be heading to the US. https://t.co/yhGWIdAwIl1:18 AM ∙ Feb 4, 2023
1,530Likes110Retweets
-
Stephen Schwartz @AtomicAnalyst
Today in 1961, the first “Looking Glass” EC-135 airborne command post went aloft from SAC HQ at Offutt AFB, Nebraska, ensuring the ability to fight a nuclear war if SAC were destroyed. For more than 29 years—until July 24, 1990—at least one aircraft was continuously airborne. 
4:29 PM ∙ Feb 3, 2023
113Likes35Retweets
-
Ross Anderson @rossjanderson
We're updating our course on the economics of information security, which is used by many universities and other organisations worldwide: lightbluetouchpaper.orgSecurity economics course | Light Blue Touchpaper9:36 AM ∙ Feb 4, 2023
21Likes7Retweets
-
Matthijs R. Koot @mrkoot
Cryptophone service "Exclu" has been dismantled; 79 searches & 42 arrests took place in a/o NL, DE & BE, incl. owners & operators of Exclu.

The Exclu app cost € 800 per 6 months. It had ~3k users, ~750 of whom speak Dutch.

News release (Feb 3, in Dutch) om.nlPolitie leest opnieuw mee met criminelen: cryptocommunicatiedienst Exclu ontmanteldDe politie en het Openbaar Ministerie in Nederland zijn er opnieuw in geslaagd toegang te krijgen tot data van een cryptocommunicatiedienst van criminelen en de afgelopen vijf maanden hun berichten mee te lezen. Het gaat om cryptocommunicatiedienst Exclu die is ontmanteld.5:27 PM ∙ Feb 3, 2023
9Likes8Retweets
-
Matthijs R. Koot @mrkootMITRE Cyber Resiliency Engineering Framework (CREF) Navigator crefnavigator.mitre.org/navigator

Free visualization tool to allow organizations to customize their resiliency goals, objectives & techniques, aligned w/NIST SP 800-160, Vol. 2 (Rev. 1).

Press release: businesswire.com/news/home/2023… 
2:38 PM ∙ Feb 3, 2023
25Likes16Retweets-
Want anonymity? Make a persona not a mystery.
The technique described here are called “apparent cover.” The idea of apparent cover is that the observer fills in the cover story based on the clues provided. For example someone dressed as a fisherman — vest with pockets, floppy canvas hat, fishing pole, tackle box — hanging out at the docks at dawn, an observer is unlikely to even notice them but if they did they’d assume they’re a fisherman. Not a spy.

https://sive.rs/anon

-
Stefan Stockhammer @St0cki
@troyhunt 

„An employee belonging to the company reportedly used the GIS data during a test and left a database online without securing it. Investigators said the hacker found the data through a search engine 'that wasn't Google'.“

itpro.co.ukDutch hacker steals data from virtually entire population of Austria | IT PROThe data was stolen from a misconfigured cloud database found by the attacker through a search engine7:52 AM ∙ Feb 4, 2023
25Likes17Retweets
-
Matthijs R. Koot @mrkootSoftware Supply Chain Attacks: An Illustrated Typological Review (.pdf, January 2023, 50pp) css.ethz.ch/content/dam/et…

By Sean Cordey, former Researcher in the Risk and Resilience Team at @CSS_ETHZurich and currently Associate for Cyber and Digital Policy at @ICRC 👏. 
9:17 AM ∙ Feb 4, 2023
11Likes3Retweets
-
Ron Bowes @iagox86
Our #rapid7 blog about an 0-day being actively exploited in Forta GoAnywhere:

rapid7.comExploitation of GoAnywhere MFT zero-day vulnerability | Rapid7 BlogA warning has been issued about an actively exploited zero-day vulnerability affecting on-premise instances of Fortra’s GoAnywhere MFT.4:42 PM ∙ Feb 3, 2023
24Likes11Retweets
ϻг_ϻε (@stevenseeley@infosec.exchange) @steventseeley
Well done @frycos, such a sweet pre-auth RCE!  
ϻг_ϻε (@stevenseeley@infosec.exchange) @steventseeley
I've just confirmed that this is a 100% pre-auth RCE, you want "patch" this one 🔥🔥🔥 https://t.co/7zJVQLVXB18:37 AM ∙ Feb 4, 2023
13Likes1Retweet
-
Matthijs R. Koot @mrkootHandbook to combat CBRN disinformation (4.3MB .pdf, Jan 2023, 122pp) unicri.it/sites/default/…

A @UNICRI report on countering misleading & deceptive info re: chemical, biological, radiological & nuclear (CBRN) threats. 

By Francesco Marelli & Mariana Diaz Garcia (@MarianaDiaz_Ga) 
10:05 AM ∙ Feb 4, 2023
10Likes3Retweets
-
Electrospaces @electrospacesRetired Air Force Intelligence Officer Had Hundreds of Classified and Secret Files at His Florida Home: Military.com 
military.comAir Force Intel Officer Had Hundreds of Classified and Secret Files at His Florida HomeA retired Air Force intelligence officer accepted a plea deal with federal prosecutors last year admitting to illegally possessing hundreds of top secret and classified documents.10:47 AM ∙ Feb 4, 2023
9Likes6Retweets
-
Richard Johnson @richinseattleNew p-code emulator for fuzzing based on ghidra sleigh. Full system fuzzing perf comparable to qemu, CmpLog support etc. 

Icicle: A Re-designed emulator for greybox firmware fuzzing arxiv.org/pdf/2301.13346…

github.comGitHub - icicle-emu/icicleContribute to icicle-emu/icicle development by creating an account on GitHub.7:13 AM ∙ Feb 4, 2023
47Likes15Retweets
-

                        Don't miss what's next. Subscribe to the grugq's newsletter:

          Start the conversation:

            Be the first to share your thoughts