February 20, 2025
February 20, 2025
Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger | Google Cloud Blog
Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger | Google Cloud Blog
Russia state-aligned threat actors target Signal Messenger accounts used by individuals of interest to Russia's intelligence services.
C2s that use common protocols to avoid detection
https://lolc2.github.io/Auto generating #fuzzing harnesses by way of program analysis and #LLMs! New blog post "Minimal LLM-based fuzz harness generator": https://t.co/hZoXyZvXz6
— David Korczynski (@Davkorcz) February 18, 2025
We show how you can generate a sophisticated fuzz harness synthesis tool with a few lines of code.
Incredible stuff in here: They ID'ed him, in part, by going to court hearings and watching him post [contains quote post or other embedded content]
— Chris Ingraham (@cingraham.bsky.social) 2025-02-19T22:19:43.156Z
The alleged NSA Equation Group attack happened in 2022.
— ✞ inversecos (@inversecos) February 19, 2025
Here is the official bulletin press report from the Chinese University from 2022 raising alarms.
It’s clear however from 360 and CVERC that NSA has allegedly been attacking this university for over a decade however, this… https://t.co/4YFXH2S47S pic.twitter.com/Y4wy1qbbdI
A supply chain attack where you built a stealer into disposable vape hardware would go so hard. I bet you'd get a ton of Bitcoin. pic.twitter.com/O8DdbjYbV2
— agentduckman 🅅 (@agent_duckman) February 18, 2025
It's a never-ending source of mystery to me how orgs that see security in terms of selecting which commodity products to buy expect to defend against advanced attackers that show up with custom tooling and exploits. If the product isn't export-controlled, how good is it really?
— Dino A. Dai Zovi (@dinodaizovi) February 19, 2025
#ICYMI, Ghidra 11.3 has new features to supercharge work on your cybersecurity challenges. We added the long-requested built-in Python3 support based on Pyhidra, a p-code accelerated emulator, and original source code to binary linking. Check it out: https://t.co/EYg9l1VbrZ pic.twitter.com/DOeL5B7hjd
— NSA/CSS (@NSAGov) February 19, 2025
Two DOGE workers are now at CISA (DHS Cybersecurity and Infrastructure Security Agency): Edward Coristine, a 19-yr-old known as Big Balls, and Kyle Schutt, a 38-yr-old software engineer. CISA has a lot of sensitive security info on its network. My story: https://t.co/6PhOhxSP6U
— Kim Zetter (@KimZetter) February 20, 2025
Found an SSRF in Sliver C2 (CVE-2025-27090), allowing an attacker to read and write TCP traffic through affected teamservers.
— chebuya (@_chebuya) February 19, 2025
Demo shows leaking the IP of a Sliver teamserver hidden behind redirectors
Writeup and PoC in replies pic.twitter.com/psx7LtAy5s
Episode 2: Ralph Logan aka sangfroid
https://www.tuhs.org/pipermail/tuhs/2025-February/031420.html
German scientists applying for a job at NASA pic.twitter.com/iJGMsUjCce
— Yagdil Isn't Brisk (@Briskerov) February 19, 2025
https://www.theregister.com/2025/02/20/us_army_snowflake_theft/