the grugq's newsletter

-

Twitter avatar for @AlexH_Johnson
Alex Johnson @AlexH_Johnson
OMFG

Wells Fargo gets into huge legal trouble so often that it has started talking about it as a category of regular operational expense in its earnings.

Here's the CFO explaining how operating losses due to legal problems were down $2.3 billion between September and December.

Image
11:01 PM ∙ Jan 19, 2023
36Retweets

-

Twitter avatar for @DhiyaneshDK
Dhiyaneshwaran @DhiyaneshDK
CVE-2022-47966: ManageEngine RCE 🔥

Nuclei Template : github.com/projectdiscove… @pdnuclei

Shodan Query: title:"ManageEngine"

#pdresearch #nuclei #hackwithautomation #bugbounty

Image
8:37 PM ∙ Jan 19, 2023
108Retweets

-

Twitter avatar for @mdowd
mdowd @mdowd
Finding bugs that turn out to be useless can be demoralising but usually finding those means you’re on the right track!

Remember: The road to exploitable bugs is paved with unexploitable bugs

2:00 AM ∙ Jan 20, 2023
30Retweets

-

Twitter avatar for @ncdinglis
Chris Inglis @ncdinglis
Today I welcomed members of the cybersecurity research community to the White House.  These subject matter experts are key to addressing cybersecurity threats and their contributions to our defense are valuable and valued.   
whitehouse.govReadout of Office of the National Cyber Director Meetings with Cybersecurity Researchers | ONCD | The White HouseThis afternoon, the Office of the National Cyber Director (ONCD) hosted cybersecurity researchers as part of an afternoon of programming to share key initiatives in the Biden-Harris Administration cybersecurity agenda. National Cyber Director Chris Inglis and Federal Chief Information Officer Clare…
11:45 PM ∙ Jan 19, 2023
38Retweets

-

Twitter avatar for @ihackbanme
Zuk @ihackbanme
The recent WhatsApp accounts takeover is simple and genius.

This is how it works: You're sleeping. A "hacker" tries to login to your account via WhatsApp. You get a text message with a pincode that says "Do not share this".

You don't share it, yet you still get hacked.

How?

9:56 PM ∙ Jan 19, 2023
353Retweets
Twitter avatar for @ihackbanme
Zuk @ihackbanme
The attacker clicks on the option that the SMS didn't arrive and asks for a verification by phone.

WhatsApp call you. You're sleeping. It goes to Voicemail. The voicemail stores the automated voice with the pincode that the attackers are trying to obtain.

9:56 PM ∙ Jan 19, 2023
5Retweets
Twitter avatar for @ihackbanme
Zuk @ihackbanme
Next, the attackers check your voicemail simply by trying the default pincode which is the last four digits of your cellphone number in many carriers.

Then they can log in to YOUR WhatsApp.

9:57 PM ∙ Jan 19, 2023
9Retweets

-

how to completely own an airline in 3 easy steps


how to completely own an airline in 3 easy steps

and grab the TSA nofly list along the way

EXCLUSIVE: U.S. airline accidentally exposes ‘No Fly List’ on unsecured server

https://www.dailydot.com/debug/no-fly-list-us-tsa-unprotected-server-commuteair/

-

Twitter avatar for @graemecoleman
Graeme Coleman @graemecoleman
Hello, my name is Graeme, I have a PhD in computing, and I am a senior accessibility consultant, but when I want to type "é" on a Windows laptop I go to Beyoncé's Wikipedia page and copy/paste the letter from there.
4:11 PM ∙ Feb 20, 2019
8,594Retweets

-

Twitter avatar for @b1ack0wl
b1ack0wl @b1ack0wl
🙃
Image
Twitter avatar for @BleepinComputer
BleepingComputer @BleepinComputer
T-Mobile says hackers stole data on 37 million customers - @serghei https://t.co/UbIzXYYarU
12:59 AM ∙ Jan 20, 2023
18Retweets

-

Twitter avatar for @ciaranmartinoxf
Ciaran Martin @ciaranmartinoxf
Really interesting (& encouraging?) report from @chainalysis - ransomware payments down in 2022

Caveats aplenty, but their reason: “we believe that much of the decline is due to victim organizations increasingly refusing to pay ransomware attackers

Brilliant if true and/but 1/3 https://t.co/oWFfBw2vlR

Twitter avatar for @JBurnsKoven
J. Burns Koven @JBurnsKoven
After years of back-to-back record-setting ransomware payouts, 2022 stands apart. 

Our data shows a steep – 40% — drop in ransomware payments. 

There’s multiple factors to consider: 🧵 https://t.co/cUwYDoA8lR

9:18 AM ∙ Jan 20, 2023
9Retweets
Twitter avatar for @jamiemaccoll
Jamie MacColl @jamiemaccoll
@ciaranmartinoxf That statistic is only using coveware’s data. Although they have significant share of ransomware recovery/negotiations/payment market they’ve taken a much stronger stand against clients paying in cases of data extortion than some other firms.
9:40 AM ∙ Jan 20, 2023
2Retweets

-

This was clever. A programmatic ad company bought ad slots in mobile apps to abuse. They pushed JavaScript to the ad slot which loaded and played 25 video ads stacked on top of each other in that one slot. So they got paid 25x for each ad slot they bought. Which was a lot. Targeting 1700 apps across 11 million devices and peaking at 12 billion ads per day.


HUMAN Orchestrates Unprecedented Private Takedown, VASTFLUX

At its peak, VASTFLUX accounted for more than 12 billion fraudulent ad requests a day, impacting nearly 11 million devices

-

Don't miss what's next. Subscribe to the grugq's newsletter:
Find the grugq's newsletter elsewhere: Twitter