July 11, 2024

                July 11, 2024

            July 11, 2024

            July 11, 2024

Beijing accused of misusing Western research to claim Volt Typhoon is a ransomware group https://t.co/e0gjPRdacn @TheRecord_Media & @AlexMartin
— Allan “Ransomware Sommelier🍷” Liska (@uuallan) July 10, 2024

I know I've been joking a lot about 1990s style bugs recently but oh my god, now a MD5 collision one?https://t.co/kkw8CKYdfK

The attack combines a novel protocol vulnerability with an MD5 chosen-prefix collision attack and several new speed and space improvements.

oh yay
— Daniel Cuthbert (@dcuthbert) July 10, 2024

https://www.blastradius.fail/

Here is part 2 of our Ghostscript research series. This is about CVE-2024-29511, a fun combination of logical bugs and features, in the end allowing to read and write files outside the SAFER sandbox.https://t.co/YlXfVNob2J
— Thomas Rinsma (@thomasrinsma) July 9, 2024

There is a new genre of serious-seeming "scientific" research paper but the paper is like "we asked ChatGPT if AI could do your job and it said yes" and then news outlets cover them uncritically and they go viralhttps://t.co/zkg1ZnqrDC
— Jason Koebler (@jason_koebler) July 10, 2024

For all of the arguments by some scholars that strategic cyber attack against objects of military-economic potential are not “decisive”, a lot of players continue to see value in effort expended. One ought pay attention to their conception of return on investment.
— JD Work (@HostileSpectrum) July 10, 2024

And as always, decisive strike is absolutely the wrong mental model for cyber warfare. https://t.co/GJJQm6N5Nl
— JD Work (@HostileSpectrum) July 10, 2024

NEW: @TheJusticeDept just disrupted a Russian-run AI-enabled Twitter disinformation bot farm.

Almost 1000 accounts on @X.

Masqueraded as Americans & promoted Russian government narratives. 

Fascinating sleuthing behind this 1/https://t.co/QOsWnoVUCf pic.twitter.com/pvbVZM3nLj
— John Scott-Railton (@jsrailton) July 9, 2024

                  Thread by @jsrailton on Thread Reader App – Thread Reader App
@jsrailton: NEW: @TheJusticeDept just disrupted a Russian-run AI-enabled Twitter disinformation bot farm. Almost 1000 accounts on @X. Masqueraded as Americans & promoted Russian government narratives. Fascinating sl...…            

I am reviewing this alleged hack of The Heritage Foundation. 

I have identified very embarrassing data within this dataset. Why so many Chinese IP addresses? 🤔 https://t.co/M2MXK3g4mA
— Jackie Singh (@HackingButLegal) July 10, 2024

New blog post: "The Case for Burning Counterterrorism Operations"
My thoughts on why defenders should always report exploits and operations, even when they originate from "friendly" entities. This follows the recent debate in the community.https://t.co/SvLDSpcxn2
— Ivan Kwiatkowski (@JusticeRage) July 8, 2024

                   Weird things I learned while writing an x86 emulator // TimDbg
If you’ve read my first post about assembly language, you might expect that this is another post on how to understand assembly language. I will write more about that at some point, but this post is not that. Instead, this post is going to talk about some of the weird things and random trivia I learned while writing an x86 and amd64 emulator. The emulator I wrote was for Time Travel Debugging.            

MS-SharePoint RCE PoC https://t.co/sfUUrl4I47
— Nicolas Krassas (@Dinosn) July 10, 2024

                  How Russia’s ‘shadow war’ on NATO members has evolved | CNN
Russia has been engaged in a “bold” sabotage operation across NATO’s member states for more than six months, targeting the supply lines of weapons for Ukraine and the decision-makers behind it, according to a senior NATO official.            

   Chrome web browser preloading extension gives preferences, bypassing web browser security and privacy mechanism. That may be the most fascinating potential Digital Markets Act case to date. I analyse this case on  utilising the superpowers of "regardless". https://blog.lukaszolejnik.com/digital-markets-act-google-chrome-extensions-case-study/
             — Lukasz Olejnik (@lukaszolejnik.bsky.social)            2024-07-10T14:18:51.993Z 

Exploiting Android Linux kernel from Qualcomm Trustzone (QSEE) (CVE-2021-1961)https://t.co/2GD7Cgju7l

Credits Tamir Zahavi-Brunner (@tamir_zb)#trustzone pic.twitter.com/n0LCUMYCaj
— 0xor0ne (@0xor0ne) July 11, 2024

One of my favorite gamedev war stories: After launching my first game on Steam, some players experienced platforms moving in slow motion. It was impossible for me to reproduce the issue. It was only after enough players reported the bug that I realized: They were all in Europe. https://t.co/NMn4LpXmZI
— Zi (@MajorMcDoom) July 10, 2024

.
The drama with gay furries hacking the Heritage Foundation continues.

furries hacked the heritage foundation (propelling project 2025) which caused the executive director to reach out and the chat logs are VILE pic.twitter.com/nXaIMxCoN5
— KITTY★DISK (@kittydisks) July 11, 2024

                  Thread by @kittydisks on Thread Reader App – Thread Reader App
@kittydisks: furries hacked the heritage foundation (propelling project 2025) which caused the executive director to reach out and the chat logs are VILE full files.catbox.moe/i0tkbp.txt @MHowellTweets pivoting is a...…            

New from 404 Media: the Ticketmaster hack is getting much worse and a nightmare for fans/sellers. The leaked data allows someone to make genuine tickets for upcoming shows, scan them, screw over real fans

"This is really really really really bad."https://t.co/807RG3q1ii
— Joseph Cox (@josephfcox) July 9, 2024

As I said at the time:

Smart. Those ticket codes are, as Clausewitz would say, Ticketmaster’s centre of gravity. One of them anyway. https://t.co/CuP6LtkFRJ
— thaddeus e. grugq thegrugq@infosec.exchange (@thegrugq) July 5, 2024

Don't miss what's next. Subscribe to the grugq's newsletter:

Start the conversation: