the grugq's newsletter

Subscribe
Archives
May 19, 2025

May 19, 2025

May 19, 2025

O2 VoLTE: locating any customer with a phone call | mastdatabase.co.uk

Privacy is dead: For multiple months, any O2 customer has had their location exposed to call initiators without their knowledge.


This is too f’n funny. pic.twitter.com/89r5hUVst4

β€” Matt Johansen (@mattjay) May 15, 2025


Have you ever wondered "How do I found out who owns an IP address?" or "Who is the owner of these IP addresses?"

A new @CuratedIntel resource is available. Check it out πŸ‘‡https://t.co/hhVPbirIR5

β€” Will (@BushidoToken) May 17, 2025


Soldier of FORTRAN :ReBoot:​: "Mainframe Hacker a Choose Your Own Adventure game…" - Infosec Exchange

Attached: 1 image Mainframe Hacker a Choose Your Own Adventure game. Exclusively on the Apple Macintosh. #Mainframe #macintosh #hypercard #CYOA https://archive.org/details/MainframeHackingCYOA


A friend just received a robocall purporting to be from a criminal holding me to ransom. But the scambot went on to describe me as "handsome of stature, grave of gait, rich and sonorous of voice, eloquent of speech".

This is because, some years ago, I put this on my blog: pic.twitter.com/4xGG1UDjtQ

β€” gavin leechβ€Ž β€Ž β€Ž β€Ž β€Ž β€Ž (@g_leech_) May 18, 2025


Based on presentations by members of the team it took months to find all the parts of this story.

The First Interstellar Software Update - The Insane Hack That Saved Voyager 1https://t.co/JVyb0YEMpv

β€” Scott Manley (@DJSnM) May 17, 2025


Criminals stealing espionage tradecraft

🚨 The Fake Ledger That Stole Everything

(1/8)
James* thought he was safe. He used a Ledger hardware wallet, kept his 24 words private, and followed every crypto security tip out there.

Then one day… a package arrived.
πŸ§΅πŸ‘‡ pic.twitter.com/9fAkGctS3q

β€” Intelligence On Chain (IOC) πŸ”Ž (@intell_on_chain) May 18, 2025

Thread by @intell_on_chain on Thread Reader App – Thread Reader App

@intell_on_chain: 🚨 The Fake Ledger That Stole Everything (1/8) James* thought he was safe. He used a Ledger hardware wallet, kept his 24 words private, and followed every crypto security tip out there. Then one day...…

This story might not be true, but the technique was definitely used in the past:

Scammers Are Sending Ledger Users Fake Hardware Wallets

The fake Ledger wallets are an escalation in phishing attempts following a 2020 data breach that exposed 272,000 customer addresses.


Pwn2Own Berlin 2025 comes to a close. We awarded $1,078,750 for 28 unique 0-days. Congrats to @starlabs_sg for winning Master of Pwn with $320,000. Thanks to @offensive_con for hosting, and thanks to all who participated. Can't wait to see you next year! #Pwn2Own #P2OBerlin pic.twitter.com/gNJxhVjCiB

β€” Trend Zero Day Initiative (@thezdi) May 17, 2025


https://www.theregister.com/2025/05/18/ex_nsa_scattered_spider_call/


Don't miss what's next. Subscribe to the grugq's newsletter:
X