the grugq's newsletter

Subscribe
Archives
March 9, 2025

March 9, 2025

March 9, 2025

Using RDP without leaving traces: the MSTSC public mode https://t.co/TMf3YP5JVS

— Nicolas Krassas (@Dinosn) March 7, 2025


Sadly, too many security products aren’t aimed at the end-user, they are aimed at investors (and then at the potential acquirers).

Investors want the latest hotness because acquiring incumbents are shopping to fill holes in their checklist.

Actual utility isn’t on the roadmap.

— haroon meer (@haroonmeer) March 7, 2025


"Attacking Bluetooth the easy way" from @rootedcon featuring an undocumented ESP32 Espressif SoC backdoor. @antonvblanco @TarlogicES @Tarlogic https://t.co/39WjWcn2Zo pic.twitter.com/nZH0Ho5Qv5

— KF (@d0tslash) March 8, 2025

I will post more details about why this isn’t a backdoor later with citations, but basically I think the @Tarlogic marketing department ran amuck and went full FUD https://t.co/KRHlItwvag

— Xeno Kovah (@XenoKovah) March 8, 2025

ESP32 “backdoor”? Not so fast.

Yes, hidden HCI commands allow deep access to memory, flash, and Bluetooth internals. BUT:

❌ Not remotely exploitable via Bluetooth
❌ Not an OTA attack
✔ Requires wired HCI access
✔ Requires high privileges on controller

It’s a… https://t.co/f0OBRkuUO9

— Pascal Gujer  (@pascal_gujer) March 8, 2025


📢 Join the OCWG Online Workshops on Offensive Cyber

We are holding 4 online workshops, based on a proposed 'COP' framework and on lessons from Ukraine.

• Concepts (17 March)
• Organisation (25 March)
• Practice (1 April)
• Ukraine (6 May)

More 🔽https://t.co/RW8A557OLD

— Offensive Cyber Working Group (@Offensive_Cyber) March 8, 2025


#SpyNews - week 10 (March 2-8):
A summary of 83 espionage-related stories from week 10 coming from 🇮🇱🇮🇷🇵🇸🇬🇧🇺🇸🇵🇭🇨🇳🇱🇧🇦🇫🇷🇺🇺🇦🇵🇰🇸🇦🇵🇱🇰🇷🇰🇵🇧🇪🇫🇷🇮🇹🇸🇾🇾🇪🇦🇪🇫🇮🇻🇳🇭🇰🇹🇼🇻🇪🇨🇱🇩🇴🇨🇴🇪🇨🇪🇸🇬🇷🇽🇰🇷🇸🇹🇷🇳🇿🇳🇴🇳🇱🇧🇬🇩🇪🇨🇦🇱🇹🇦🇹🇲🇰🇨🇿 https://t.co/HmQmE0Fomv#OSINT #HUMINT #SIGINT #spy #espionage

— Spy Collection (@SpyCollection1) March 9, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
X