February 15, 2023

                            February 15, 2023

                February 15, 2023

Tyler Dinucci!! @TylerDinucci
every new word of this tweet took me on a journey. 
David Charns @davidcharns
A woman accused of stabbing her date in a Las Vegas-area hotel room in retaliation for a U.S. drone strike that killed an Iranian leader is on house arrest in Texas, but police there say they were never made aware as she has left home to make music videos. https://t.co/eOQwZcgdPz4:48 AM ∙ Feb 14, 2023
1,478Likes327Retweets
-
Dan @bristowbailey
Criminals will start wearing extra prosthetic fingers to make surveillance footage look like it's AI generated and thus inadmissible as evidence. 
4:11 PM ∙ Feb 13, 2023
102,051Likes7,882Retweets
-
The team has just published a video that shows them breaking into a device manufactured by OneKey, a Hong-Kong based firm that has raised $20 million in venture capital and that describes its product as an “open source wallet trusted by millions.”  

            Cyber firm cracks OneKey crypto wallets, raises broader questions of hardware security | Fortune Crypto
            The vulnerability has been patched but the episode raises questions about crypto hardware wallets more broadly. 

            Chris Wysopal: "The team has just published a video that shows th…" - Infosec Exchange
            The team has just published a video that shows them breaking into a device manufactured by OneKey, a Hong-Kong based firm that has raised $20 million in venture capital and that describes its product as an “open source wallet trusted by millions.”  https://fortune.com/crypto/2023/02/09/cyber-firm-cracks-onekey-crypto-wallets-in-video-raises-questions-hardware-security/

-
Almost all of the public exploits for ManageEngine's CVE-2022-47966 rely on getRuntime().exec(). This behavior will get an attacker caught by any half-decent security solution. So I put together a blog that demonstrates how an attacker can exploit this vulnerability without getRuntime(), stay in memory, and evade current detections.
 https://vulncheck.com/blog/cve-2022-47966-payload
https://infosec.exchange/@albinolobster/
-
A curated list of falsehoods programmers believe in
You won’t believe number 7!

            GitHub - kdeldycke/awesome-falsehood: 😱 Falsehoods Programmers Believe in
            😱 Falsehoods Programmers Believe in. Contribute to kdeldycke/awesome-falsehood development by creating an account on GitHub.

-
For more brilliant jokes like the above, why not become a subscriber?

-
If you missed the between two nerds yesterday,  you should really check it out.
Dmitri Alperovitch @DAlperovitch
@rakkhis All the @riskybusiness podcasts are essential listening if you want to understand cyber industry and government policy

And @tomatospy and @thegrugq are two of the leading public analysts on cyberwarfare tactics. I didn’t agree with everything they said but about 90% is dead on
12:21 AM ∙ Feb 15, 2023
16Likes4Retweets
Link here:

https://risky.biz/BTN19/
-
This is an amazing story, about which I have some thoughts…
Marc Goldberg @MarcGoldberg111
This @haaretzcom story adds more. It turns out that this group swindled Israeli Intel out of hundreds of thousands of dollars for useless or faked ‘info’

haaretz.comThe Israelis destabilizing democracy and disrupting elections worldwide***
5:43 AM ∙ Feb 15, 2023
12Likes8Retweets-
Royal Hansen @royalhansen
Should companies be responsible for cyberattacks? @CISAgov thinks so – and frankly, @Google agrees. Read mine and @Kent_Walker's argument in response to @CISAJen's op-ed in @ForeignAffairs security.googleblog.comThe US Government says companies should take more responsibility for cyberattacks. We agree.Posted by Kent Walker, President, Global Affairs & Chief Legal Officer, Google & Alphabet and Royal Hansen, Vice President of Engineering fo...6:10 PM ∙ Feb 13, 2023
144Likes65Retweets
-
Noah Verrier @NoahVerrier
My oil painting of the Taco Bell Mexican Pizza 
1:13 PM ∙ Feb 14, 2023
55,769Likes5,680Retweets
-
Fans banned from Europa Conference League match amid Moldovan fears of Russian coup
Clever idea actually. Use saboteurs disguised as football hooligans who then attack buildings and seize control under cover of a football game.

            Sheriff Tiraspol vs Partizan Belgrade: Fans banned from Europa Conference League match amid Moldovan fears of Russian coup | The Independent
            Russia has rejected claims of a plot to overthrow the Moldovan government 

-
Unnecessary Inventions @mattyxb
I built a headlamp that’s also a projector so your shows are always in your line of sight. 
3:00 PM ∙ Feb 13, 2023
1,267Likes110Retweets
Unnecessary Inventions @mattyxb
Wait...why does @Apple already have a patent for this?  
Unnecessary Inventions @mattyxb
I built a headlamp that’s also a projector so your shows are always in your line of sight. https://t.co/RmlmwvwDAN11:03 PM ∙ Feb 14, 2023
217Likes11Retweets
-
✨V✨ @coolauntV
“any app can be a dating app if you use it wrong” 
Duolingo @duolingo
how it started 🦉                   how it's going 💒 https://t.co/l9q67gScxm11:25 PM ∙ Feb 14, 2023
182Likes29Retweets
Duolingo @duolingo
how it started 🦉                   how it's going 💒 
2:54 PM ∙ Feb 14, 2023
241,025Likes15,707Retweets
-
Apple splats zero-day bug, other gremlins in macOS, iOS
Not much info on this, but (1) WebKit type confusion gives RCE, (2) actively exploited in the wild, (3) credit appears to be given to Citizen Labs. Strongly suggests that some spyware vendor had to spend time and money integrating a replacement iOS 0day into their system.

https://www.theregister.com/2023/02/15/apple_patches_zeroday_vulnerability/
-

                            Don't miss what's next. Subscribe to the grugq's newsletter: