the grugq's newsletter

Subscribe
Archives
March 6, 2025

March 6, 2025

March 6, 2025

Chinese Great Firewall (website access blockade and. content filter for internet traffic) was leaking data! It's a fascinating discovery of security and privacy vulnerability in a large-scale technical censorship system. "Traffic with no relation to China could be leaked". pic.twitter.com/y3yVY5zKHk

— Lukasz Olejnik (@lukOlejnik) March 5, 2025

https://gfw.report/publications/ndss25/data/paper/wallbleed.pdf

Thread

Thread by @lukOlejnik on Thread Reader App – Thread Reader App

@lukOlejnik: Chinese Great Firewall (website access blockade and. content filter for internet traffic) was leaking data! It's a fascinating discovery of security and privacy vulnerability in a large-scale technical ...…


Newcomers to password cracking should learn that in 1991 the first well known password cracker "Crack" by @AlecMuffett introduced the idea of applying rules and permutations to dictionary words—such as substituting numbers for letters, reversing words, appending digits, and…

— Chris Wysopal (@WeldPond) March 5, 2025


You can now jailbreak your AMD CPU! 🔥We've just released a full microcode toolchain, with source code and tutorials. https://t.co/4NYerRuFo1

— Tavis Ormandy (@taviso) March 5, 2025


NEW: The U.S. govt accused 12 hackers of working for the Chinese government and hacking 100+ organizations, including the U.S. Treasury.

DOJ says two of the hackers are linked to the Typhoon China-hacking group, responsible for high profile hacks. https://t.co/24UMuoFE9Z

— Lorenzo Franceschi-Bicchierai (@lorenzofb) March 5, 2025


Did Trump Admin Order U.S. Cyber Command and CISA to Stand Down on Russia? (Story updated)

Two blockbuster stories published on Friday that appear to confirm what many Americans suspected would occur under the Trump administration – that the new regime is going to be softer on Russia than previous administrations, particularly with regard to the threat that Russia poses in cyber space. Since publication, however, one


As promised, more details!
TL;DR: AMD used CMAC with an example key from the standard as a hash function for the microcode update signatures. This let us create signatures that look valid to the CPU. https://t.co/UFzxB8r0y5

— Matteo Rizzo (@_MatteoRizzo) March 5, 2025


MSFT released new research on Silk Typhoon's supply chain attacks.

Key shift: Group now heavily leveraging stolen API keys and PAM credentials to hit downstream customers, particularly state/local gov and IT sector targets.

Here's what we know 🧵

— Matt Johansen (@mattjay) March 5, 2025



https://www.vulnu.com/p/microsoft-details-silk-typhoon-s-it-supply-chain-attacks

Thread

Thread by @mattjay on Thread Reader App – Thread Reader App

@mattjay: MSFT released new research on Silk Typhoon's supply chain attacks. Key shift: Group now heavily leveraging stolen API keys and PAM credentials to hit downstream customers, particularly state/local gov and I...…


Skimpy on espionage but heavy on sex.#SVR spy Anna Chapman published a book several months ago.

I reviewed it for The Cipher Brief. @thecipherbrief @SocIntelHist ⬇️https://t.co/YCBifkbqpq

— Filip Kovacevic (@ChekistMonitor) March 5, 2025


EvilLoader: Yesterday was published PoC for unpatched vulnerability affecting Telegram for Android

The exploit has been sold on underground forum since January 2025
✅Don't install external players if requested by received corrupted video file on Telegramhttps://t.co/K1QNWD06mp pic.twitter.com/8d9Ci6WkGO

— Mobile Hacker (@androidmalware2) March 5, 2025

Not sure what the exploit is if the victim has to install an external application.


Check out my Google blog on the garble obfuscator. The article dives deep into how garble obfuscates strings in Go binaries. I'm also introducing an open-source tool to dump strings and deobfuscate binaries protected by this obfuscating compiler! https://t.co/l47CvB83NK

— Chuong Dong (@cPeterr) March 5, 2025


Cell-site simulators (CSS, also known as Stingrays or IMSI catchers) are devices that masquerade as legitimate cell-phone towers, tricking phones within a certain radius into connecting to the device rather than a tower. Our new tool, Rayhunter, can help you find them.…

— EFF (@EFF) March 5, 2025

Meet Rayhunter: A New Open Source Tool from EFF to Detect Cellular Spying | Electronic Frontier Foundation

Rayhunter is a new open source tool we’ve created that runs off an affordable mobile hotspot that we hope empowers everyone, regardless of technical skill, to help search out cell-site simulators (CSS) around the world.

Rayhunter

Imsi catcher catcher

GitHub - EFForg/rayhunter: Rust tool to detect cell site simulators on an orbic mobile hotspot

Rust tool to detect cell site simulators on an orbic mobile hotspot - GitHub - EFForg/rayhunter: Rust tool to detect cell site simulators on an orbic mobile hotspot


Raspberry pi powered pdp-1

Recreating Hacker History - Hackster.io

A real PDP-1 may be out of reach, but this Raspberry Pi-powered replica lets you relive hacker history — blinkenlights, Spacewar!, and all!

Replica of the PDP-1: PiDP-1 | Hackaday.io

The DEC PDP-1 was, in many ways, at the root of modern computing: interactive - with keyboard and graphics display. It spawned spacewar, the very first computer video game; teco, the first text editor; and the interactive debugger (DDT). Despite its tiny brain, it pioneered time-sharing, and was at the origin point of Arpanet: IMP code was written on a PDP-1, and a PDP-1 sent out software updates to the IMP routers across the net. More importantly, it spawned Hacker Culture. And today, it is a g...


Don't miss what's next. Subscribe to the grugq's newsletter:
X