July 21, 2022

                        July 21, 2022

            July 21, 2022

Hillel Neuer @HillelNeuer
Emotional moment today as one of the longest-serving former members of the U.N. Human Rights Council (left) meets one of the newest members of the U.N. Women's Rights Commission. 
10:18 PM ∙ Jul 19, 2022
20,174Likes5,023Retweets
-
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

Alec Muffett @AlecMuffettThe @GCHQ and @NCSC proposals for child safety surrounding end-to-end encryption, all amount to a single premise: that messenger software should [be forced to] lie to its users regarding the privacy that it provides.

See: alecmuffett.com/article/16208 
4:45 PM ∙ Jul 20, 2022
37Likes30Retweets
-
OPSEC 
BBC News (World) @BBCWorld
Heatwave forced Google and Oracle to shut down computers bbc.inHeatwave forced Google and Oracle to shut down computersRecord temperatures meant some cooling systems failed at the firm’s London data centres.8:28 PM ∙ Jul 20, 2022
317Likes163Retweets
-
Matthijs R. Koot @mrkootBeijingology 2.0: Bridging the "Art" & "Science" of China Watching in Xi Jinping’s New Era (2022) doi.org/10.1080/088506… 

Research article by Sverdrup-Thygeson & Stenslie, in Int'l J. of Intel & Counterintel (@Intel_IJIC). Open Access.

At @intelNewsOrg: intelnews.org/2022/07/21/01- 
5:53 AM ∙ Jul 21, 2022
4Likes1Retweet-
Brett Karlan @brettkarlan
Oh you want to be an academic? You mean being a content creator for Elsevier?7:13 PM ∙ Jul 18, 2022
22,582Likes3,000Retweets
-
TAG reports on cyber activity in Eastern Europe. Quite a nice summary.

https://blog.google/threat-analysis-group/continued-cyber-activity-in-eastern-europe-observed-by-tag/

More here:

https://arstechnica.com/information-technology/2022/07/pro-russia-hack-campaigns-are-running-rampant-in-ukraine/

-
Thailand says it used Pegasus in national security cases. It is worth remembering that national security has different meanings in different countries. 

https://www.reuters.com/world/asia-pacific/thailand-admits-using-phone-spyware-cites-national-security-2022-07-20/

-
Analyzing iOS 16 Lockdown Mode: Browser Features and Performance

https://www.sevarg.net/2022/07/20/ios16-lockdown-mode-browser-analysis/

-
[CVE-2022-34918] A crack in the Linux firewall

https://www.randorisec.fr/crack-linux-firewall/

-
raptor @0xdea
A prime example of the whack-a-mole game of sandbox escaping (and yet another way to abuse python 🐍)

Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706

microsoft.com/security/blog/…
microsoft.comUncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security BlogMicrosoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple, and fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates on May 16, 2…7:09 AM ∙ Jul 21, 2022
20Likes9Retweets
-
Battle Programmer Yuu @netspooky
I was looking at some vuln code snippets for a thing I'm making and stumbled across this. At first I was like "do they mean extern? huh, are they making a symlink? wait, wut?". It didn't make any sense and I couldn't think of a reason why. Then I looked "printf external link" up. 
2:34 AM ∙ Jul 21, 2022
298Likes72Retweets
-
Jordan Maison @JordanMaison
A bold strategy 
3:09 PM ∙ Jul 20, 2022
159,708Likes17,630Retweets
-
web3 is going just great @web3isgreatNFT collector loses 100 ETH (~$150,000) in a joke gone wrong

July 20, 2022
web3isgoinggreat.com/?id=collector-… 
10:47 PM ∙ Jul 20, 2022
2,292Likes334Retweets
Owen @owen_needs_tea@gsuberland The seller's name on the reply NFT is the icing on the cake

opensea.io/assets/ethereu…
8:37 AM ∙ Jul 21, 2022
-
JP Aumasson @veorq
dunno if that applies here but a typical pattern is:

1. create an internal interface X "obviously never attacker-exposed", so not "protected"/tested

2. product redesign || code reuse || new features || etc.

3. X now "attack surface"

💥 
Haifei Li @HaifeiLi
Novel attack surface/vector research is soooo key important. Even for SDL leading vendors like Microsoft, there're still full of bugs if you find an unexplored area or a creative way to attack.6:15 AM ∙ Jul 21, 2022
-
Matthijs R. Koot @mrkootRAND: Options for Strengthening All-Source Intelligence (July 2022) rand.org/pubs/research_…

Study finds inadequacies in:
- IC use of OSINT
- safeguards re: political bias in analysis & diss.
- warning re: forgn attacks on non-govt sectors

DDL (.pdf, 51p) rand.org/content/dam/ra… 
11:48 AM ∙ Jul 21, 2022
7Likes5Retweets
-
Jan Lemnitzer @JanLemnitzer
Vast majority of customer data of German energy provider Entega leaked on the Darknet by Russian group Black Cat after they refused to pay ransom. Only 10 per cent assumed to include bank account data...@thegrugq
faz.netCyberangriff auf Tochterfirma: Massenweise Kundendaten von Energieversorger veröffentlichtDie Daten eines Großteils der Kunden des hessischen Energieversorgers Entega sind nach dem Hackerangriff im Juni nun im Darknet veröffentlicht worden. Es handelt sich dabei vor allem um Namen, Anschriften und Verbrauchsdaten, in einigen Fällen aber auch um Bankverbindungen.1:10 PM ∙ Jul 21, 2022
Zeynep Şentek @zsentek
Wow. As ordered by a Turkish govt agency, internet service providers in Turkey provide hourly activity logs of all users, complete with user's full name, IP, name of website/app opened, what time it was opened and for how long. Insane mass surveillance, jaw-dropping investigation 
Medyascope @medyascope📌Girdiğiniz internet siteleri

📌WhatsApp’ta kimlerle yazıştığınız

📌Konum verileriniz

Her saat başı BTK'ya gönderiliyor

📄 Medyascope belgelerine ulaştı

@DoguEroglu'nun özel haberi ⤵

https://t.co/deLM3fvZbT https://t.co/dcxsmM69aa9:11 AM ∙ Jul 21, 2022
163Likes131Retweets
-
starlabs @starlabs_sgIt's time for another "Show & Tell" session by Meme master @testanull - Gitlab Project Import RCE Analysis (CVE-2022-2185)
@_jsoo_ thinks it was full of images and a lengthy blog post :P
Grateful for our co-worker, Frances for editing it.😘
starlabs.sg/blog/2022/07-g…
starlabs.sgGitlab Project Import RCE Analysis (CVE-2022-2185)At the beginning of this month, GitLab released a security patch for versions 14->15. Interestingly in the advisory, there was a mention of a post-auth RCE bug with CVSS 9.9.
The bug exists in GitLab’s Project Imports feature, which was found by @vakzz. Incidentally, when I rummaged in the author’s…12:06 PM ∙ Jul 21, 2022
26Likes6Retweets
-
Marcus Hutchins @MalwareTechBlog
lmao. bye, Felicia. 
4:59 PM ∙ Jul 20, 2022
586Likes50Retweets
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

Jan Lemnitzer @JanLemnitzer
Vast majority of customer data of German energy provider Entega leaked on the Darknet by Russian group Black Cat after they refused to pay ransom. Only 10 per cent assumed to include bank account data...@thegrugq
faz.netCyberangriff auf Tochterfirma: Massenweise Kundendaten von Energieversorger veröffentlichtDie Daten eines Großteils der Kunden des hessischen Energieversorgers Entega sind nach dem Hackerangriff im Juni nun im Darknet veröffentlicht worden. Es handelt sich dabei vor allem um Namen, Anschriften und Verbrauchsdaten, in einigen Fällen aber auch um Bankverbindungen.1:10 PM ∙ Jul 21, 2022
-
@fluepke@chaos.social @fluepke
Discovered by a fried of mine:

CVE-2022-26138: A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group

The password is disabled1system1user6708 
11:00 PM ∙ Jul 20, 2022
669Likes215Retweets

                        Don't miss what's next. Subscribe to the grugq's newsletter:

          Start the conversation:

            Be the first to share your thoughts