#threatintel
someone just leaked a bunch of internal Chinese government documents on GitHubhttps://t.co/BO8N64A7kF

— 安坂星海 Azaka 🐼 VTuber (@AzakaSekai_) February 18, 2024

1 My thoughts on the Chinese APT contractor leak 🇨🇳

Specifically, I want to talk about the leaked
- iOS Spyware
- Physical implantable devices
- Email surveillance system

Let's consider detection and how these would be installed. https://t.co/n5XGSp8veR

— ✞ inversecos🩸 (@inversecos) February 19, 2024

This leak is interesting...
also...
i-Soonhttps://t.co/xYOmAFDAyD https://t.co/1Bxu4h0mvw pic.twitter.com/5c0pswGcok

— mRr3b00t (@UK_Daniel_Card) February 19, 2024

This July marks the 30th year anniversary of the publication of my PhD thesis on Reverse Compilation Techniques. In 1994, little did I know the impact this pioneering work would have on the security community that grew up in the 2000s. 🎉 Celebration events to be announced!

— Cristina Cifuentes (@criscifuentes) February 18, 2024

Ultimately, Starship Troopers fails as a parody because I personally identify with the thoughts and actions of all the characters the movie seems to be satirizing, and that can’t be right

— Fairy Gothmother, MD (@jenny2x4) February 18, 2024

Tools to search for people's contacts (free or trial free):https://t.co/tehgFwUF01https://t.co/AnDNX0CFBVhttps://t.co/PjmGFXOPPohttps://t.co/j29sITxSQEhttps://t.co/0gX9XkejU8https://t.co/d4H6YvAcRChttps://t.co/QewPJ7p9g6https://t.co/nd4d3VHtSmhttps://t.co/SONsxF5WvX pic.twitter.com/cWbwP3XQrd

— Cyber Detective💙💛 (@cyb_detective) February 18, 2024

⚠️ Update for CVE-2024-21413 💣
Managed & confirmed Microsoft Outlook Remote Code Execution (RCE) but won't publish details (yet). pic.twitter.com/AdxMXgZIVa

— Alex (@xaitax) February 18, 2024

Seems that folks successfully achieved working RCE w/ a previous RTF/Win exploit! This is expected as #MonikerLink is a powerful attack vector (delivering exp) on Outlook - it bypasses Protected View too!

Now u have more reasons to PATCH & GET PROTECTED!https://t.co/esPv5KUJpd

— Haifei Li (@HaifeiLi) February 18, 2024

Blog posts series on pwning the D-Link DIR-865L
Credits @Coiffeur0x90

Remote Code Execution (pre-auth):https://t.co/Lbsif1Dvaf

Unsigned firmware upload:https://t.co/6v9TbblPGB

Memory corruptions:https://t.co/7obgalU13U#embedded #infosec pic.twitter.com/pop5h4FI3n

— 0xor0ne (@0xor0ne) February 18, 2024

https://t.co/zLaTbRbzDv

Leaked databases search tool.

14 billion accounts + (emails and passwords)

Check yourself

Tip by @ManuelBot59 #ff#osint #leaks pic.twitter.com/TcHfjYIYr7

— Cyber Detective💙💛 (@cyb_detective) February 18, 2024

He's got a point :P pic.twitter.com/HjoDAsvBij

— Sos 🔜 DevGamm 🔜 GDC (@Sosowski) February 18, 2024

Forgotten moments in history: Count von Count's many contributions in WWII. It starts in 1939, as the then-known Contele von Compte, already well known for his math contributions to set construction, fearing the Molotov–Ribbentrop Pact's consequences, fled Romania by train. pic.twitter.com/5KWavqDzFL

— kaszeta (@kaszeta) February 17, 2024

1/11
Today, we’re releasing details of a small but interesting mobile #vulnerability called MMS Fingerprint, reportedly used by #NSOGroup.

How this might work, and how we found it, is a bit unusual.https://t.co/Lvg85E6IAF@EneaAB @josephfcox @rj_gallagher @campuscodi @lorenzofb

— Cathal Mc Daid (@mcdaidc) February 15, 2024

why don't linux, windows and Apple Mac's alert you in the gui (if you are logged in) if someone fails to sign in to an remote session? e.g. RDP, SSH, WINRM, SMB etc?

it would be so useful if they did this (tm)

— mRr3b00t (@UK_Daniel_Card) February 18, 2024

I knocked this up, i'll update it later to include failed etc but it's a really good idea and i'm dropping it into my linux build for KNux. https://t.co/XJYp4UTqdr

— Chono N (@Gyarbij) February 19, 2024