the grugq's newsletter

Subscribe
Archives
March 16, 2025

March 16, 2025

March 16, 2025

#SpyNews - week 11 (March 9-15):
A summary of 71 espionage-related stories from week 11 coming from ๐Ÿ‡ต๐Ÿ‡ฐ๐Ÿ‡ฎ๐Ÿ‡ณ๐Ÿ‡ฎ๐Ÿ‡ท๐Ÿ‡บ๐Ÿ‡ฆ๐Ÿ‡ท๐Ÿ‡บ๐Ÿ‡ซ๐Ÿ‡ท๐Ÿ‡ฉ๐Ÿ‡ฟ๐Ÿ‡ฌ๐Ÿ‡ง๐Ÿ‡ฑ๐Ÿ‡ป๐Ÿ‡ช๐Ÿ‡ช๐Ÿ‡ฉ๐Ÿ‡ช๐Ÿ‡ง๐Ÿ‡ช๐Ÿ‡บ๐Ÿ‡ธ๐Ÿ‡ธ๐Ÿ‡ด๐Ÿ‡ช๐Ÿ‡ฌ๐Ÿ‡ฎ๐Ÿ‡ฑ๐Ÿ‡ฆ๐Ÿ‡น๐Ÿ‡ฎ๐Ÿ‡น๐Ÿ‡จ๐Ÿ‡ญ๐Ÿ‡ต๐Ÿ‡ญ๐Ÿ‡จ๐Ÿ‡ณ๐Ÿ‡น๐Ÿ‡ผ๐Ÿ‡ฆ๐Ÿ‡บ๐Ÿ‡น๐Ÿ‡ท๐Ÿ‡ฑ๐Ÿ‡พ๐Ÿ‡ต๐Ÿ‡ธ๐Ÿ‡ฑ๐Ÿ‡ง๐Ÿ‡ฐ๐Ÿ‡ต๐Ÿ‡ป๐Ÿ‡ณ๐Ÿ‡ฒ๐Ÿ‡ฝ๐Ÿ‡ต๐Ÿ‡ฑ๐Ÿ‡ง๐Ÿ‡พ๐Ÿ‡ธ๐Ÿ‡พ๐Ÿ‡น๐Ÿ‡ญ๐Ÿ‡ธ๐Ÿ‡ช๐Ÿ‡ฉ๐Ÿ‡ฐ๐Ÿ‡ฐ๐Ÿ‡ฟ๐Ÿ‡ฆ๐Ÿ‡ฟ๐Ÿ‡ฎ๐Ÿ‡ถ๐Ÿ‡ฆ๐Ÿ‡ฒ๐Ÿ‡ฒ๐Ÿ‡ฆ๐Ÿ‡ณ๐Ÿ‡ฑ๐Ÿ‡ณ๐Ÿ‡ฟ๐Ÿ‡ฐ๐Ÿ‡ช https://t.co/5uDHmoAsn8#OSINT #HUMINT #SIGINT #espionage #spy

โ€” Spy Collection (@SpyCollection1) March 16, 2025


The destruction of DODโ€™s Office Net Assessment is an enormous mistake.

This was a little-known but enormously consequential fifty year-old institution that actually thought long-term.

It helped us win the Cold War, grasped the China challenge early, and figured out revolutionsโ€ฆ pic.twitter.com/lPc4KxqPhX

โ€” Rush Doshi (@RushDoshi) March 14, 2025


A majority of IR is still "is this a lazy dev or an attacker."
Most TTPs are split between social engineering/phish or vuln exploit to then live off the land.
AI can't pivot in a way that's needed. It can help baseline, but ML has been doing that for 10 years already. https://t.co/fF9sclDhp9

โ€” Moose (@LitMoose) March 15, 2025


If you are interested in #Linux eBPF, then check out the Tutorials section from "Eunomia - Unlock the potential of eBPF". Pure technical gold with a huge amount of examples. ๐Ÿช™๐Ÿ”ฅhttps://t.co/xCHhEDc3nQ

โ€” cr0@Defensive-Security.com / PurpleLabs / EDRmetry (@cr0nym) March 15, 2025


this is a ๐Ÿ†’๐Ÿ†’๐Ÿ†’ read

"The research underscores that traditional bootkit detection technologies are struggling to keep pace with increasingly sophisticated firmware threats."https://t.co/qIvlAEbAZ8 https://t.co/hxBKfREFKI pic.twitter.com/1MoRMa4iNk

โ€” Jโฉœโƒmie Williams (@jamieantisocial) March 15, 2025


๐Ÿšจ Detect C2 Beacons!

New Microsoft Defender for Endpoint telemetry provides new opportunities for threat detection!

๐Ÿ”—https://t.co/L5TM7BWIc6#ThreatHunting #DetectionEngineering #MDE pic.twitter.com/UaqJYgH4jj

โ€” Mehmet Ergene (@Cyb3rMonk) March 14, 2025


Reviving my blog with a complete analysis of the latest #LockBit #ransomware v4.0 Green! ๐Ÿค https://t.co/BXID8ryR4R

h/t to @fwosar & @demonslay335 for all the crypto helps! Huge thanks to @BushidoToken & @CuratedIntel for the threat intelligence insight too! ๐Ÿ™ pic.twitter.com/xoztn5LNTQ

โ€” Chuong Dong (@cPeterr) March 15, 2025


#IdesOfMarch pic.twitter.com/wIctNXeOIA

โ€” Classical Studies Memes (@CSMFHT) March 15, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
X