Jan 6 2023

I’m gonna do a manual quote here to say that this is exactly the type of stuff we predicted, and especially with automation bias with people overtrusting model outputs. Police didn’t even check the height of the person they claimed did this, and neither was the person in Atlanta.

A black man wrongfully jailed for a week in Louisiana after face recognition error, report says. Lawyer says police didn't check man's height, weight or the mole on his face.

https://dair-community.social/@poppastring@dotnet.social/109634255362720798

https://dair-community.social/@timnitGebru/109634485377349541

Facial Recognition Tech Used To Jail Black Man For Louisiana Theft - He's Never Been To Louisiana

A Georgia man spent almost a week in jail after Louisiana police wrongly identified him as a fugitive using facial recognition software.

-

John Hultquist🌻 @JohnHultquist

Outstanding blog on a Turla (FSB) op in UA. Some of it may feel familiar to those of you who remember the Agent.BTZ/Operation Buckshot Yankee days. USB proliferation is back, but the twist here is they let someone else do the proliferating. 1/x

mandiant.comTurla: A Galaxy of Opportunity | MandiantA suspected Turla Team operation distributing a reconnaissance utility and malware to victims in Ukraine.

3:10 PM ∙ Jan 5, 2023

---

134Likes49Retweets

-

Dan Black @DanWBlack

Good article on Starlink's role in Ukraine and its comparative resilience to different forms of attack:

-

Ryan Faircloth @RyanFaircloth

The House recreational marijuana bill is now online. Read here revisor.mn.gov/bills/text.php…

Ryan Faircloth @RyanFaircloth

Minnesota DFL lawmakers are holding a press conference on marijuana legalization. “I believe that 2023 is the year we will legalize adult-use cannabis in Minnesota,” said state Rep. Zack Stephenson, the bill’s author in the House. https://t.co/S91Y67Km1O

4:10 PM ∙ Jan 5, 2023

---

22Likes8Retweets

-

-

A nice paper on Ukraine drones.

https://www.kcl.ac.uk/drones-and-defence-innovation-in-ukraine-consolidating-wartime-ingenuity

-

This article from @lhn@mastodon.online on pig butchering scams is really good, and a great thing to send your friends and family. https://www.wired.com/story/what-is-pig-butchering-scam/

-

@malwaretech Don't forget Kaspersky finding 20 expired C2s belonging to the the NSA and gaining access to a massive hacking campaign that had gone undetected for 14 years.

https://arstechnica.com/information-technology/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/

"Perhaps most costly to the attackers was their failure to renew some of the domains used by these servers. Out of the 300 or so domains used, about 20 were allowed to expire. Kaspersky quickly registered the domains and, over the past ten months, has used them to "sinkhole" the command channels, a process in which researchers monitor incoming connections from Equation Group-infected machines."

-

Frank Boldewin @r3c0nst

github.com/vitoplantamura… => „BugChecker is a SoftICE-like kernel and user mode debugger, supporting Windows versions from XP to 11, both x86 and x64)“ #SoftIce #Debugging #Oldschool

9:44 PM ∙ Jan 5, 2023

---

108Likes48Retweets

-

raptor @0xdea

Fuzzing the Shield: CVE-2022–24548 in Windows Defender

// by @S2W_Official

medium.com/s2wblog/fuzzin…