the grugq's newsletter

Subscribe
Archives
March 11, 2025

March 11, 2025

March 11, 2025

In Russia’s cyber ecosystem, even FSB officers aren’t untouchable. CSI fellow @jshermcyber dives into the sentencing of an officer who took bribes from hackers but failed to deliver protection. It’s about more than corruption—it’s a warning to others. https://t.co/Gr1xcAJ3Uu

— Cyber Statecraft (@CyberStatecraft) March 10, 2025


DS Viper - a powerful tool designed to bypass Windows Defender's security mechanisms, enabling seamless execution of payloads on Windows systems without triggering security alerts. https://t.co/mgq2eSHZEj

— Panos Gkatziroulis 🦄 (@netbiosX) March 10, 2025


Apple Exclaves

On Apple Exclaves. Enhancing kernel isolation, one step at… | by Random Augustine | Feb, 2025 | Medium

Enhancing kernel isolation, one step at a time.


SIGINT in Fiction

Sigint Historian: Sigint in Fiction

I had an articled published last month in the John Buchan Journal (unsurprisingly, the journal of the John Buchan Society). It is about the...


What makes code hard to read?

After doing some research, I found 8 visual patterns that can be used to improve clarity and avoid bugs in #code.https://t.co/tYhKCadmai pic.twitter.com/CNh7UpSoas

— Mark Griffin (@seeinglogic) August 21, 2023


🚨 New blog alert!

I recently "compromised" a threat actors Telegram based C2 channel, that was used for exfiltration of stolen data from the Nova infostealer.

The threat actor stupidly tested their infostealing malware on their OWN production "hacking" box.... (1/3)

— Ben (@polygonben) March 9, 2025

and from this, I was able to gather 100+ screenshots & keylogs from the threat actors desktop - which exposed the campaigns he/she was performing, additional infrastructure he/she owned & lots of his plaintext credentials!

(2/3)

— Ben (@polygonben) March 9, 2025

If you want literal visibility into what cybercrime operations look like, from a threat actors machine, check out the below blog post:https://t.co/tzFmIl9Zgj

I've also done an analysis into the Nova malware used in the campaign.https://t.co/s5VrWVrvSF

(3/3)

— Ben (@polygonben) March 9, 2025


What Would It Take to Remove Syria’s New Government From the U.S. Terrorism List? | Lawfare https://t.co/HSIdZz6mR2

— switched (@switch_d) March 10, 2025


Russian spy ring plans to kill journalist were 'beyond imagination' https://t.co/IItSKiGyX4

— BBC News (World) (@BBCWorld) March 9, 2025


ESP32 Undocumented Bluetooth Commands: Clearing the Air · Developer Portal

The developer resources in just one place!


The Russian UN Mission in Vienna serves as one of Europe’s most important espionage hubs. A #SIGINT station there specifically targets data from Western communication satellites. SES-5 from SES Luxembourg is also affected 1/7 https://t.co/TuY5Tszgly

— Le cueilleur (@LCueilleur) March 10, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
X