January 7, 2024

                            January 7, 2024

                January 7, 2024

                        January 7, 2024
Exploiting Google Chrome extensions for privilege escalation

Interesting blog post by @deryilzhttps://t.co/6ow4vsiW8o#chrome #infosec pic.twitter.com/cTsSwibTAv
— 0xor0ne (@0xor0ne) January 5, 2024

7 videos in to the basics of exploitation series👇🏻

⚒️ https://t.co/qyMwcL0LQQ

Several more to go… :) 

If you need help getting started with reverse engineering, my course on @pluralsight is almost 4 hours of hands-on content

💡https://t.co/RWzzuw1cEo
— Josh Stroschein (@jstrosch) January 6, 2024

How Malaysia is finding its way out of the middle-income trap

Interesting piece here, and it hints at a question about the benchmark for economic success. Malaysia lags the East Asian growth miracles, but if it was in LatAm it'd be a regional superstar.https://t.co/igaW6rWni9: pic.twitter.com/1r46n6EWfp
— Mike Bird (@Birdyword) January 7, 2024

TETRA (Terrestrial Trunked Radio): security analysis and vulnerabilities

Great research work by Carlo Meijer, Wouter Bokslag and Jos Wetzels

Paper: https://t.co/vx9onVy2FR

Slides: https://t.co/ua14ZIWwKk

Repo: https://t.co/cDg89pkvNG#tetra #wireless #infosec pic.twitter.com/BEYtwqzsYf
— 0xor0ne (@0xor0ne) January 6, 2024

🚩 #MuddyWater APT 🇮🇷 targeting telecoms orgs in North and East Africa with custom tools.

Tracking #MuddyC2Go servers with:

- Shodan: https://t.co/n8aSxIB0CB

- Censys: https://t.co/XK4xtlnTyZ

Active C&C servers:

http://94.131.98[.]14:443/

http://95.164.38[.]99:443/… pic.twitter.com/PuMI7sncvg
— Germán Fernández (@1ZRR4H) January 6, 2024

U.S. intelligence agencies ill-suited for China competition, study warns - Washington Times https://t.co/E2RJndaFH3
— Dave Schroeder 🇺🇸 (@daveschroeder) January 6, 2024

malware authors be like pic.twitter.com/gY0gpfRsSi
— LaurieWired (@lauriewired) January 6, 2024

Are you running a Cowrie #Honeypot for tracking ssh /telnet scanning and exploitation? You can support @mal_share and fellow researchers by setting collected files to be automatically uploaded.  

We'll host them and you can download them back for free - forever. pic.twitter.com/YqG47Lgpfk
— MalShare (@mal_share) January 6, 2024

Here’s a nice tutorial for the #ghidra #debugger by @clearbluejar 

“Decompilation debugging lets you pretend like every program comes with source”https://t.co/GSl5Pkbfdohttps://t.co/nBgQ1k5plO
— raptor@infosec.exchange (@0xdea) January 6, 2024

“Our #research revealed multiple #vulnerabilities that our team successfully exploited, allowing us to completely bypass #Windows Hello authentication on all three laptops.”https://t.co/WmkZ4G9ijzhttps://t.co/GbStM3QNkY
— raptor@infosec.exchange (@0xdea) January 7, 2024

Camouflage at its finest.

[📸 Harman Singh Heer] pic.twitter.com/6vV19gQ80f
— Massimo (@Rainmaker1973) January 7, 2024

            SPY NEWS: 2024 — Week 1. Summary of the espionage-related news… | by The Spy Collection | Jan, 2024 | Medium
            Summary of the espionage-related news stories for the Week 1 (December 31 2023-January 6 2024) of 2024.

Asianometry is doing a history of UNIX series.

There’s some drama with Johnathan Scott. I bring it up because it’ll probably be necessary assumed knowledge.
RNP HAS NOT HIRED JONATHAN SCOTThttps://t.co/zWVDJOQBih pic.twitter.com/WHo4BNwhup
— Rwanda National Police (@Rwandapolice) January 6, 2024

Code execution with a write primitive on last libc. https://t.co/QoexAT0fVd
— Anderson Nascimento (@andersonc0d3) January 6, 2024

                            Don't miss what's next. Subscribe to the grugq's newsletter: