Jan 27, 2023

                            January 27, 2023

                Jan 27, 2023

Gabriel Landau @GabrielLandau
Think spoofed call stacks are clever?  There's truth in the shadows. tiny.ccFinding Truth in the ShadowsLet’s discuss three benefits that Hardware Stack Protections brings beyond the intended exploit mitigation capability, and explain some limitations.4:02 PM ∙ Jan 26, 2023
67Likes50Retweets
-
It isn’t clear how they obtained legal authority to disrupt the system. If the FBI wants to access (hack) a system to find out where it is, or even image it remotely, theres a warrant for that. No idea if they can get one to wreck shit up too. 
Lukasz Olejnik (@LukaszOlejnik@Mastodon.Social) @lukOlejnikEuropol, US, and authorities of 11 others,  conducted operations to take down Hive ransomware operators. It was super effective. Law enforcement identified decryption keys and shared them with many of the victims, helping them regain access to their data europol.europa.eu/media-press/ne… 
5:07 PM ∙ Jan 26, 2023
19Likes9Retweets
-
It’s great that being a hacker means discussing whether the Feds were using Title 10 or Title 50 authority. Subscribe for more! 

-
Quantum decryption is getting closer. But, like, not very much just yet… 
Lukasz Olejnik (@LukaszOlejnik@Mastodon.Social) @lukOlejnikAnother report of factorising numbers (breaking encryption keys) using a quantum computer/algorithm. 48-bit integer 261980999226229 using 10 trapped-ion qubits. Claim to be on path to break RSA-2048. Seems that a lot of groups sit on the same idea/concept. arxiv.org/pdf/2301.11005…  
Lukasz Olejnik (@LukaszOlejnik@Mastodon.Social) @lukOlejnik
My comment in @NewScientist about an algorithm that claimed to give a huge speedup in factoring integers on quantum computers, supposedly to break strong encryption soon. I'm impressed. But I'd advise caution: it isn't clear how it would scale. https://t.co/ZbAROZPkrW
7:06 AM ∙ Jan 27, 2023
19Likes10Retweets
-
raptor@infosec.exchange @0xdeaI’d like to share some of my projects hosted on #github. Let’s start with my public #exploits that span at least 20 years of #pwning. 

github.com/0xdea/exploits

Those who solved @offsectraining labs should know github.com/0xdea/exploits…

My favorite is github.com/0xdea/exploits… 💚github.comexploits/raptor_rlogin.c at master · 0xdea/exploitsA handy collection of my public exploits, all in one place. - exploits/raptor_rlogin.c at master · 0xdea/exploits8:16 AM ∙ Jan 27, 2023
23Likes8Retweets-
Scott Manley @DJSnM
Some people always went above and beyond the task at hand 
5:56 PM ∙ Jan 26, 2023
245Likes35Retweets
-
This thread is good documentation of an interesting talk. 
The last session at enigma2023 kicks off with "Myths and Lies in InfoSec" from Adrian Sanabria, Tenchi Security
Why are myths and lies a thing?
(And I'm sorry you're still sick and doing this remotely!)

https://hachyderm.io/@leak/109757884971509292

-
The smart thing for Russia to do is to exploit the “contradictions” between Sweden and Turkey to disrupt the NATO membership bid. This is a clever provocation.
A reporter who works for RT paid for a right wing Danish politician’s travel and permits to burn a Koran in front of the Turkish embassy in Sweden. Turkey is furious and the NATO membership is stalled. 
I can’t see this sort of trick preventing Sweden from joining NATO, but there will definitely be delays. 
Bad Baltic Takes 🇱🇹 🇱🇻 🇪🇪 @BadBalticTakes
The Koran burning protest that infuriated Turkey and derailed Sweden’s NATO application was organised by Russia.

Here’s how… 🧵
5:21 AM ∙ Jan 26, 2023
14,574Likes4,192Retweets
-
Divya Mohan (she/her) | divyamohan@hachyderm.io @Divya_Mohan02
🧵
Since it's CfP season, here are some great blogs with advice on how to write a conference proposal that gets accepted.

Disclaimer: I do not guarantee acceptance. Most of it is just really great advice that I think will benefit folks.11:23 AM ∙ Jan 27, 2023
21Likes7Retweets
-

                            Don't miss what's next. Subscribe to the grugq's newsletter: