June 25, 2022

                June 25, 2022

            June 25, 2022

clearbluejar @clearbluejarCheers to @itm4n for inspiration, @topotam77 for PetitPotam, and @tiraniddo for NtObjectManager. 

New post detailing #RPC auditing with NtObjectManager

clearbluejar.github.ioFrom NtObjectManager to PetitPotamWindows RPC enumeration, discovery, and auditing via NtObjectManager. We will audit the vulnerable RPC interfaces that lead to PetitPotam, discover how they have changed over the past year, and overcome some common RPC auditing pitfalls.12:47 PM ∙ Jun 24, 2022
109Likes69Retweets-

https://infrequently.org/2022/06/apple-is-not-defending-browser-engine-choice/

-
Cristiano Lima @viaCristiano
Inbox: After Roe is struck down, @RonWyden calls on Congress to pass "legislation protecting people’s data so their web searches, text messages" and tech companies to "limit the collection and retention of customer data" 
2:52 PM ∙ Jun 24, 2022
71Likes57Retweets
-
The Anonymous collective assembled for Ukraine against Russia will include people who are angry about the Roe v Wade decision, and the accompanying banning of abortion rights. Hacktivists have a history of social justice action, and it is reasonable to assume this will be no different.
-
Elliot Hentov @hentove
I co-wrote a paper on USD dominance in age of financial sanctions. TLDR: there cannot be a major shift away from the USD any time soon. In many ways, the Ukraine War is paradoxically underpinning the existing monetary order, rather than undermining it. 1/
statestreet.comWeaponization of US Dollar | State Street CorporationRead about the extraordinary weaponization of the USD in the Ukraine war and the economic impact of dollar’s decline on the financial world order.12:57 PM ∙ Jun 24, 2022
64Likes14Retweets
-
Paul Melson @pmelson
PowerShell scriptblock logging plus real-time detection for the use of System.Reflection.AssemblyName() takes so many tools and techniques off the table for attackers and has a very low false positive rate. I cannot recommend this approach enough.3:04 PM ∙ Jun 24, 2022
145Likes37Retweets
-
Dr. Jeffrey Lewis @ArmsControlWonk
The new solid-propellant short-range ballistic missile. has a range of 110 km and an apogee of 25 km. (North Korea may have tested it again on June 5.) It is explicitly designated as being nuclear-armed.
en.yna.co.kr(2nd LD) N.K. leader inspects new tactical guided weapons test to improve nuke efficiency | Yonhap News Agency(ATTN: UPDATES throughout with more info; RECASTS headline)By Yi Wonju and Song Sang-ho ...6:00 PM ∙ Jun 23, 2022
155Likes27Retweets
-

https://www.libertyhumanrights.org.uk/issue/liberty-wins-landmark-snoopers-charter-case/

-
Friday’s glasshouse session is up on YouTube 
-

https://github.com/drduh/macOS-Security-and-Privacy-Guide

-
The USB drive with files on 460k people that was lost after a guy went out drinking and slept on the street, has been found! Yay.

https://www3.nhk.or.jp/nhkworld/en/news/20220624_27/

-
Weird and interesting 
The Cultural Tutor @culturaltutor
Quick guide to figuring out the age of an English church.

There's one element which tells you more than anything else: the windows.

It's not foolproof, since every church is a palimpsest built over centuries, but it's a good bet. 
1:38 PM ∙ May 12, 2022
300Likes53Retweets
-
Dreadnought Holiday @TheDreadShips
This here is Liberté.

Many of you will notice that's a foreign word today.

I'm sorry. 
3:03 PM ∙ Jun 24, 2022
230Likes18Retweets
-
Tonya Riley @TonyaJoRiley
Multiple tech companies are saying they'll pay for employees to travel for abortions. (Employees who probably already have resources to do so unlike many Americans.)

I've heard zero about how these companies intend to protect user data from being used to criminalize abortion.5:59 PM ∙ Jun 24, 2022
14,125Likes3,375Retweets
-
InQuest @InQuestMicrosoft Office has been a long favorite delivery mechanism for malicious payloads, from pen-testers to nation-state threat actor groups, and for good reason. Look back over the years detailing some of the most abused vulnerabilities.

inquest.net/blog/2022/06/2…

#malware  #Follina 
4:24 PM ∙ Jun 23, 2022
195Likes36Retweets
-
Starfish Who Just Wants To Grill @IRHotTakes
I know it’s been Discoursed to death already, but it’s still very funny that all these other blockbusters are green screened to the point of using simulacrums of dead people instead of real actors and Tom Cruise was like “yeah, I’m gonna need an actual aircraft carrier.”2:10 PM ∙ Jun 24, 2022
145Likes7Retweets
-
hannah 💫 @hcohenwriter
and you could have it all
my empire of Bert 
11:54 PM ∙ Jun 22, 2022
92,049Likes10,366Retweets
-
Matthew Green @matthew_d_green
I have to post this HN comment describing (allegedly) the ensuing police press conference. 
10:58 PM ∙ Jun 24, 2022
225Likes37Retweets
-
Share this, if you need something to give to ppl.
Don’t post about crimes. @KateRoseBeeWe've updated our Abortion & Pregnancy Privacy Guide with this quick mobile settings graphic to save and share.
These tips can help ensure these sensitive experiences are less able to be easily accessed by looking through your device. Full instructions at:
digitaldefensefund.org/abortion-priva… 
11:49 AM ∙ May 6, 2022
480Likes416Retweets
-
Some sleuthing.

https://torrentfreak.com/digital-trails-how-bungie-identified-a-mass-sender-of-fake-dmca-notices-220624/

-
they/them might be giants ☭ @babadookspinoza
It’s 2027. Insurance only covers fentanyl exposure and Havana Syndrome. A cop tries to plant a Schedule I cigarette on you but finds some baking powder in your pocket and falls on his back, writhing on the ground. You run, through streets littered with dead cops. It always works.1:40 AM ∙ Jun 24, 2022
16,249Likes1,826Retweets
-
JoHo @JHowardBrainMD
I can predict the future by reading the @WSJopinion and knowing the opposite will come true. 
8:27 PM ∙ Jun 24, 2022
2,629Likes761Retweets
-
DirectoryRanger @DirectoryRangerOffensive Windows IPC Internals, by @0xcsandker
Part 1: Named Pipes csandker.io/2021/01/10/Off…
Part 2: RPC csandker.io/2021/02/21/Off…
Part 3: ALPC 
csandker.ioOffensive Windows IPC Internals 3: ALPC · csandker.io9:40 AM ∙ Jun 24, 2022
156Likes62Retweets
-
DW News @dwnews
Berlin Mayor Franziska Giffey spoke for 15 minutes with a man posing as Kyiv Mayor Vitali Klitschko, before suspecting she's talking to a deepfake. 

trib.alVitali Klitschko fake tricks Berlin mayor in video call | DW | 24.06.2022Berlin Mayor Franziska Giffey spoke for 15 minutes with a man posing as Kyiv Mayor Vitali Klitschko. But then the suspicion arose that her counterpart was a deepfake.

8:34 AM ∙ Jun 25, 2022
50Likes28Retweets

-

No Context Brits @NoContextBrits
7:54 PM ∙ Jun 3, 2022
16,027Likes707Retweets
-
-
Shashank Joshi @shashj
“to former intelligence officials, Cherkasov fits a well-known pattern: Russia, among other foreign powers, seeks to place young intelligence operatives in American academic institutions to help build their deep cover identities.” cnn.comSuspected Russian spy was well-liked by classmates, but something just seemed a little offVictor Muller’s accent just didn’t sound right.6:01 AM ∙ Jun 25, 2022
143Likes59Retweets

Don't miss what's next. Subscribe to the grugq's newsletter: