July 26, 2022

                        July 26, 2022

            July 26, 2022

Notes from Dave Aitel correcting a poor analysis on Ukraine cyber conflict.

            Goodbye Cyberwar - Google Docs

The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

-
Christo Grozev @christogrozev
Today FSB announced that they have “foiled a plot by Ukraine’s intelligence services” to lure Russian military pilots to surrender to Ukraine – with their planes – in return for millions of USD in payments (thread).11:51 AM ∙ Jul 25, 2022
11,743Likes2,623Retweets
-
Vasken @Aimtech9
When the employer asks for 10+ years of experience and you're 20 😁 
7:02 AM ∙ Jul 25, 2022
124Likes39Retweets
-
Alan Rozenshtein @ARozenshtein
Terrific analysis of the special cybersecurity issues around open-source software, from @ChinmayiSharma in @lawfareblog. lawfareblog.comOpen-Source Security: How Digital Infrastructure Is Built on a House of CardsLog4Shell remains a national concern because the open-source community cannot continue to shoulder the responsibility of securing this critical asset and vendors are not exercising due care in incorporating open-source components into their products. A comprehensive institutional response to the inc…2:01 PM ∙ Jul 25, 2022
12Likes9Retweets
-
Archaeo - Histories @archeohistories
The three headed Lernaean Hydra wall painting from an Etruscan tomb at the necropolis of Pianacce, dated to the 4th century BC. 
4:05 PM ∙ Feb 21, 2021
29Likes14Retweets
-
What a story!
Michael Weiss 🌻🇺🇸🇮🇪 @michaeldweiss
NEW: Remember Jan Marsalek, the fugitive Wirecard COO and suspected GRU agent, who fled to Russia from Munich? The exclusive story of how he did it -- with the help of one of Austria's top former intelligence officers. dossier.centerFrom Munich to MoscowThe inside story of how fugitive Wirecard COO Jan Marsalek fled from a 2 billion euro corruption saga in Germany and wound up living under state protection in Russia1:55 PM ∙ Jul 25, 2022
400Likes159Retweets
-
Kelly Shortridge @swagitda_At @SummerC0n 2022, @rpetrich and I presented “Lamboozling Attackers” on how you can leverage deception environments to exploit attacker brains (i.e. their learning & decision-making). 
Slides are now online here and they are An Experience: swagitda.com/speaking/Lambo… 
3:18 PM ∙ Jul 20, 2022
26Likes9Retweets

Paper here:

https://cacm.acm.org/magazines/2022/6/261170-lamboozling-attackers/fulltext
-
Why are McDonald’s Self Service Kiosks so hackable? 

            Why are McDonald’s Self Service Kiosks so hackable?
            McDonalds in Australia do a decent cup of coffee. It’s not great but it’s consistently decent so I often start my day with a cup. Due to my travels around Australia in a decked out van I have seen how many McDonalds operate and just how many of

-
pancak3 @pancak3stackAleksandr Vadimovich Zhukov (06.04.1984), one of the malware developers working for the Conti RaaS organization.
pancak3.substack.com/p/van

Cc @Kozielectric
pancak3.substack.comvanOne of the malware developers working for the Conti RaaS organization.
3:31 PM ∙ Jul 25, 2022
91Likes15Retweets-
Dmytro Oleksiuk @d_olexEnjoyed new malware report? Want similar UEFI firmware implant for your operations? Check out my Boot Backdoor: it is more reliable than #CosmicStrand, it is harder to detect, it has more deployment options and its sources available on github:
github.com/Cr4sh/s6_pcie_… 
Gustavo Cols @GustavoCols
Our new blog post is about a UEFI firmware bootkit that we called #CosmicStrand and attributed to an unknown Chinese-speaking threat actor. #APT #Securelist #Kaspersky

https://t.co/jbb7GLCnKB
3:48 PM ∙ Jul 25, 2022
57Likes21Retweets
For attackers who have started using cr4sh’s tools in the wild, see here:

https://www.theregister.com/2022/07/21/us_cyber_command_malware_ukraine/
-
Matthijs R. Koot @mrkootRussian Intelligence: A Case-based Study of Russian Services and Missions Past and Present (14MB .pdf, Spring 2022, 370 pages) ni-u.edu/wp/wp-content/…

Author: Kevin P. Riehle (@riehle_kevin)
Editor/Publisher: National Intelligence (NI) Press
/c @krypt3ia #intelligence #russia 
5:26 PM ∙ May 17, 2022
40Likes13Retweets-
The diary of Arthur Bremer, which was made into the book “and assassin’s diary” which partially inspired the movie “Taxi Driver.” 
It is amazingly articulate and well written.

            Bremer Arthur Diary Book of : Harold Weisberg : Free Download, Borrow, and Streaming : Internet Archive
            Weisberg, an Office of Strategic Services officer during World War II, U.S. Senate staff member and investigative reporter, devoted 40 years of his life to...

-
Oleksandra Matviichuk @avalaina
It’s a really a case when one graffiti from St. Petersburg (Russia) is worth a thousand words. One of the best examples of oppositional street art.
#RussianWarCrimes 
9:31 AM ∙ Jul 25, 2022
10,442Likes2,524Retweets
-
-
But With Raptors @ButWithRaptors
Singin' in the Rain (1952) but with a Velociraptor 
4:01 PM ∙ Jul 25, 2022
66,552Likes11,926Retweets
-
Jerry Aldrich @jerryaldrichiii
LMAO, anyone else remember the thread on the left? Well, here's how it turned out. 
3:40 AM ∙ Jul 26, 2022
501Likes163Retweets

The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

                        Don't miss what's next. Subscribe to the grugq's newsletter:

          Start the conversation:

            Be the first to share your thoughts