June 11, 2024
June 11, 2024
The New York Times source code leaked by a 4chan user
A user on the online forum 4chan has leaked a massive 270GB of data belonging to The New York Times. This leak includes the source code for the
So Apple has introduced a new system called “Private Cloud Compute” that allows your phone to offload complex (typically AI) tasks to specialized secure devices in the cloud. I’m still trying to work out what I think about this. So here’s a thread. 1/
— Matthew Green (@matthew_d_green) June 10, 2024
Thread by @matthew_d_green on Thread Reader App – Thread Reader App
@matthew_d_green: So Apple has introduced a new system called “Private Cloud Compute” that allows your phone to offload complex (typically AI) tasks to specialized secure devices in the cloud. I’m still trying to wo...…
below/HelloSilicon: An introduction to ARM64 assembly on Apple Silicon Macs
GitHub - below/HelloSilicon: An introduction to ARM64 assembly on Apple Silicon Macs
An introduction to ARM64 assembly on Apple Silicon Macs - below/HelloSilicon
Fingerprinting VPNs with Custom Router Firmware: A New Censorship Threat Model
https://censorbib.nymity.ch/pdf/Almutairi2024a.pdf
I must be missing something. The threat model they outline is "the adversary controls the home router." This threat can expose the use of VPNs by users connected to that router.
Surely this is the most trivial and least interesting possible attack for an adversary that controls a home router of a target.
https://t.co/zXdRHpjCVe pic.twitter.com/zSo7obL9vH
— Gary Dunion 🍉 (@garydunion) June 9, 2024
Mandiant published a report into the Snowflake hacks. So far we know about Ticketmaster & Santander but there are 165 firms who use Snowflake and are 'potentially exposed'. The research backs up Snowflake's claim that attackers are stealing logins directly from customers: pic.twitter.com/CFb7aQVcD9
— Joe Tidy (@joetidy) June 10, 2024
The reality of ransomware. "England’s top health officials have come together to launch a call for blood donors in the aftermath of the ransomware attack at Guy’s and St Thomas’ and King’s College Hospital trusts." https://t.co/w53oDqazTQ
— Shashank Joshi (@shashj) June 10, 2024
There’s a psychological cost being inflicted on the #botnet ecosystem in the aftermath of recent takedowns. 🧠
— bugcrowd (@Bugcrowd) June 10, 2024
The impact to attackers is that there’s a capable, persistent threat in play on the defender side, says @caseyjohnellis in @DarkReading. Agree? https://t.co/xsyvZR8tLL
Hmmm. Not sure I agree.
imo: if you’re deliberate about “doing the reading”, whatever that means for any domain, within a year it’s possible to be in the top ~5% in the scene. This is because 95% of people don’t do the reading https://t.co/cGLCJf3hQV
— Visakan Veerasamy (@visakanv) June 10, 2024
Doing the work is a superpower.
I’ve gotten a few requests to review this paper (linked below) on their HPTSA approach. I previously reviewed 2 of this groups papers. But I lack the bandwidth to write this one up so here is a TLDR:
— chrisrohlf (@chrisrohlf) June 11, 2024
* Their definition of 0-day is incorrect and thus misleading for the primary… https://t.co/sPVReZm4dT
Dissecting a new #Rust loader - SSLoad. Initially reported by @Unit42_Intel. The infection chain begins with a phishing email, consists of multiple stages, and implements various techniques. A technical analysis 🧵 [1/]
— Nicole (@NicoleFishi19) June 10, 2024
Thread by @NicoleFishi19 on Thread Reader App – Thread Reader App
@NicoleFishi19: Dissecting a new #Rust loader - SSLoad. Initially reported by @Unit42_Intel. The infection chain begins with a phishing email, consists of multiple stages, and implements various techniques. A techni...…
For the full analysis, check out the blog post by @MhicRoibin and me [7/]https://t.co/xprThL153V
— Nicole (@NicoleFishi19) June 10, 2024
Absolutely love this series.
This continued myopic obsession with cyber operations being decisive misses the point entirely
— Dan Black (@DanWBlack) June 10, 2024
Not only is it completely divorced from Russia's force design/employment, but it irrationally inconsistent with expectations held for other effectors like EW
https://t.co/e4yGv7VlEL
Fascinating qn posed by @AlexMartin here - why does cyber so rarely feature on the political agenda?
— Ciaran Martin (@ciaranmartinoxf) June 10, 2024
One explanation esp wrt to the #ransomware crisis - the perpetrators are strategically boring. Imagine the outcry if a terrorist group or rogue state were damaging UK hospitals https://t.co/jCwNDkzfQb
I think about this California high-speed rail story all the time pic.twitter.com/Yy8OQV0p6C
— Alec Stapp (@AlecStapp) June 11, 2024