May 20, 2023

                            May 20, 2023

                May 20, 2023

                        May 20, 2023
Our @rapid7 AttackerKB analysis detailing CVE-2023-28771 is available. Unauthenticated command injection on the WAN interface of several Zyxel devices. Bug is in the IKE packet decoder for the IPSec VPN service, running by default. https://t.co/5GjbUOydsO
— Stephen Fewer (@stephenfewer) May 19, 2023

Here’s the slides of the talk I gave yesterday at NorthSec 2023

"Tips and tricks for Burp Suite Pro, ten years later" #nsec23 @NorthSec_io https://t.co/QUjLUPBV7j
— Nicolas Grégoire (@Agarri_FR) May 19, 2023

The FBI has misused a powerful digital surveillance tool more than 278,000 times. 

Fascinating @washingtonpost story: https://t.co/tK7TjyH6Ek

And the FISC opinion that describes the violations: https://t.co/acw8xSAvW1 pic.twitter.com/VNHTDjnyQi
— Brad Heath (@bradheath) May 19, 2023

Wildest part of today's declassified FISC documents is that for four years, the FBI was routinely running the names of those who appeared in police homicide reports through its foreign intelligence database — including victims, witnesses and next of kin. https://t.co/5bNMmcFVat
— Byron Tau (@ByronTau) May 19, 2023

https://www.wsj.com/articles/fbi-improperly-searched-spy-database-for-information-on-americans-court-says-2f12bcd

New from me, in @just_security: why the OLC's release of an index of recent unclassified opinions is a big step forward for the agency's relationship to public accountability . . .  and why there's still a ways to go.https://t.co/NB0DdfhoM0
— Stephanie Krent (@StephanieKrent) May 19, 2023

“I shall regard any answer to this as a hostile act.”
If you’ve looked through old political letters, no doubt you have seen notes that say “no reply” or “please, no reply necessary” as a courtesy to the receiver.

But this, from Alan Lennox-Boyd, Secretary of State for the Colonies, is the most dramatic wording I’ve ever seen! pic.twitter.com/ske3ULvfUf
— Lee David Evans (@LeeDavidEvansUK) May 18, 2023

Today is the 25th anniversary of my testimony to the U.S. Senate as part of a group of 7 hackers from the L0pht. The hearings were titled, "Weak Computer Security in Government: Is the Public at Risk?" (cont) pic.twitter.com/A12eYa3IUT
— Chris Wysopal (@WeldPond) May 19, 2023

NEW: New details about the technical training, the Top Secret/SCI clearance and the workplace of Jack Teixeira, the man behind the #PentagonLeak:https://t.co/Bik4JnrdQe
— Electrospaces (@electrospaces) May 19, 2023

            Dronewatching in the Ukraine War. Part 1: An Incredible Aerial Spectacle
            What have I learned from watching drones in the Ukraine war? In Part 1 of a series, I look at how drones represent an incredible visual spectacle.

hey my wife and I saw you from across the bar and we really dig your vibe pic.twitter.com/kDf7NsLUae
— Seva (@SevaUT) May 19, 2023

me (doubtingly): the seas are too rough, i can't go on!

jesus (wisely): mermaid jugs https://t.co/PIHOVuZfB3
— thomas violence (@thomas_violence) May 19, 2023

Keep on trucking…#WorldBollardAssociation 

pic.twitter.com/dg9IBJNOUb
— World Bollard Association™ (@WorldBollard) May 20, 2023

                            Don't miss what's next. Subscribe to the grugq's newsletter: