June 3, 2022

                June 3, 2022

            June 3, 2022

            The Folina 0day was used to attack Russia and Belarus, based on the location where the ITW samples were uploaded. It is interesting that a clearly Western(-aligned) APT was detected (the file was uploaded to VT).  
There is the question of what the original users were targeting, and why did their 0day get uploaded? I’m curious, but I doubt there are any threat Intel companies with the telemetry to inform us. Kaspersky? GroupIB? Positive Technology? Might be interesting if they made a report about cyber campaigns that were detected and thwarted.
The infosec community reacted rapidly and dealt with the vulnerability quickly. I think this shows how the infosec community is dedicated to securing the internet for everyone, even if the targets were Russians and the attacker was a (probably) Western government.
-
Jonathan 'Boo and Vote' Cohn @JonathanCohn
"Not for nothing, clearance rates have dropped to all-time lows at the same time that police budgets have swollen to all-time highs, suggesting that more funding has actually resulted in police being less effective." prospect.orgWhy Are Police So Bad at Their Jobs?It’s not just Uvalde. Cops nationwide can’t stop crimes from happening or solve them once they’ve occurred.11:30 AM ∙ Jun 2, 2022
3,383Likes1,038Retweets
-
Fake article, but the technology exists and can totally do this already.
Asara Near 🏳️‍🌈 @nearcyan
heavenbanning, the hypothetical practice of banishing a user from a platform by causing everyone that they speak with to be replaced by AI models that constantly agree and praise them, but only from their own perspective, is entirely feasible with the current state of AI/LLMs 
7:07 PM ∙ Jun 1, 2022
13,794Likes1,512Retweets
Asara Near 🏳️‍🌈 @nearcyan
although the above article is fake (hence my phrasing as a 'hypothetical' and the article being dated in the future in 2024!), it's feasible to build this as a weekend project at this point, so it won't remain fake for very long now!

countless fun utopic/dystopic futures ahead!8:35 PM ∙ Jun 1, 2022
2,971Likes88Retweets
-
Red Mercury, an invented substance much sought after by terrorists and other idiots, gets a back story.
Carl Schreck @CarlSchreckFor history buffs interested in Putin's early years: Part 3 of our series has dropped. It's about how his St. Petersburg committee backed a scam to hawk a mythical & supposedly secret compound called "red mercury" to foreign buyers: rferl.org/a/putin-scam-r…

Now, a thread:

/1 
1:33 PM ∙ Jun 2, 2022
272Likes112Retweets
-
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

-
Andrey Konovalov @andreyknvlSlides and video from my Fuzzing USB with Raw Gadget talk at @BSidesMunich.

🤖 Raw Gadget — a new interface for emulating USB devices
🪶 Fuzzing via virtual controllers
🔌 Reproducing bugs via Raspberry Pi Zero

Slides: docs.google.com/presentation/d…
Video: youtube.com/watch?v=OVbzlN…youtube.comBSidesMunich 2022 Main stageLive stream of the BSidesMunich 2022 main stageUse the Discord space for Q&A. See https://2022.bsidesmunich.org for more details.4:30 PM ∙ Jun 2, 2022
56Likes19Retweets-
Charlie Stross @cstross
That moment when Lizzie bends over one of the young princes or princesses and horks up the undigested bloody giblets she's been carrying around in her gizzard as baby food, like a giant flightless carrion bird 
Gretchen Felker-Martin @scumbelievable
every picture of the royal family looks like the second the cameras disappear they're going to be fed a live footman to keep them composed through the rest of the ceremony7:43 PM ∙ Jun 2, 2022
96Likes11Retweets
-
I’d watch this.
foone @Foone
1950s B-Movie scientist who transitions using ATOMIC POWER4:21 PM ∙ Jun 2, 2022
381Likes62Retweets
-
Too true.
Duffel Blog @DuffelBlog
The suspense is terrible. I hope it will last. duffelblog.comUS hides 5 visas for Afghan interpreters inside Wonka barsThe suspense is terrible. I hope it will last.5:00 PM ∙ Jun 2, 2022
34Likes7Retweets
-
Everyone has a cyber!

https://www.microsoft.com/security/blog/2022/06/02/exposing-polonium-activity-and-infrastructure-targeting-israeli-organizations/

-
inkedupandsonic @sonictyrant
Just Once i'd like the Circus to Run Away with Me4:26 PM ∙ Jun 2, 2022
368Likes171Retweets
-
0day whiplash, there’s another one being exploited ITW. 
Andrew Case @attrc
We found a remote, pre-auth 0day being exploited in Confluence Server in the wild. In the blog post, we break down our forensic analysis steps and provide the IOCs that we currently can. If you have this product then you need to deal with this immediately as no patch is available 
Volexity @Volexity
.@Volexity discovers zero-day exploit impacting all current versions of Atlassian Confluence Server and Data Center. Attackers deploy in-memory Java implant to evade detection. Read more in our latest blog post: https://t.co/aCSwnSUfj8 #DFIR #ThreatIntel #InfoSec10:49 PM ∙ Jun 2, 2022
309Likes159Retweets
-
SPENCE, TODD @Todd_Spence
More proof you can't trust robots 
4:07 PM ∙ Jun 2, 2022
108,756Likes30,362Retweets
-
This is a good read.

http://hugoclub.blogspot.com/2022/06/dethrone-stars.html

-
Pascal Geenens @geenensp
Did the FBI just take down the 'official' partner of the IT ARMY of Ukraine? The IT ARMY is now listing a new partner on their official website.  
CyberScoop @CyberScoopNewsFBI seizes domains tied to stolen records, DDoS services
 https://t.co/LOG9LMU2IY9:17 AM ∙ Jun 3, 2022
9Likes10Retweets
-
Brian in Pittsburgh @arekfurtEven assuming this is Chinese state security domestic activity (direct evidence here is weak, but it would make a ton of sense given agency infrastructure access), this should be a reminder CN/RU/etc. APTs know the value of network-layer attacks: securelist.com/windealer-deal…
🔥🔥🔥 
8:29 AM ∙ Jun 3, 2022
31Likes15Retweets
Halvar Flake @halvarflake
Extremely sophisticated attacker has access to 2012-2014 era technology in 2022.

What does this say about defensive progress? 
Brian in Pittsburgh @arekfurtEven assuming this is Chinese state security domestic activity (direct evidence here is weak, but it would make a ton of sense given agency infrastructure access), this should be a reminder CN/RU/etc. APTs know the value of network-layer attacks: https://t.co/WJF2amPmmZ
🔥🔥🔥 https://t.co/2gYioLzakn
9:10 AM ∙ Jun 3, 2022
13Likes2Retweets
-
good reddit @GoodReddit
reddit reddit 
1:32 PM ∙ Jun 2, 2022
122,202Likes5,836Retweets

                Don't miss what's next. Subscribe to the grugq's newsletter: