May 21, 2023

frantically googling “how to communicate with orcas”

                            May 21, 2023

                May 21, 2023

                        May 21, 2023

            Tunnel via Cloudflare to any TCP Service
            Cloudflare's cloudflared tunnels are commonly used to 'publish' a web server that runs behind a firewall (e.g. making the webserver accessible from the Internet). Cloudflare restricts the traffic to HTTP-style traffic: It won't allow the publishing o...

pic.twitter.com/8kME4cdWFb
— Out of Context Human Race (@NoContextHumans) May 20, 2023

            Thales seizes control of ESA demonstration satellite in first cybersecurity exercise of its kind | Thales Group
            The European Space Agency (ESA) challenged cybersecurity experts in the space industry ecosystem to disrupt the operation of the agency's OPS-SAT demonstration nanosatellite. Participants used a variety of ethical hacking techniques to take control of the system used to manage the payload's global positioning system, attitude control system1 and onboard camera. Unauthorised access to these systems can cause serious damage to the satellite or lead to a loss of control over its mission. Thales's offensive cybersecurity team worked with the Group's Information Technology Security Evaluation Facility (ITSEF2) for this unique exercise, which demonstrates the need for a high level of cyber resilience in the very specific operating environment of space.

Mexico’s attorney general announced on Monday that they’re prosecuting four former officials in connection with an “illegal” purchase of Pegasus in 2014. https://t.co/D9rTDKmEvH
— Runa Sandvik (@runasand) May 20, 2023

If he participated in the DDoS activities linked to IT Army of Ukraine, while being in Russia, that was... bold ... or unwise. Fortunately for him, the court only used the computer crime clauses, not anything related to more serious issues, unless we're not aware of something. https://t.co/oFnEUfquPJ
— Lukasz Olejnik, Ph.D, LL.M (@lukOlejnik) May 20, 2023

Weekly analysis is out

- 🇺🇸 'expeditionary cyberspace operations'

-🇷🇺 ops in 🇺🇦

-🇨🇳 router implants & eBPF implant upgrade

-🇰🇵 ops in 🇪🇺 

-🇰🇵 ops in 🇮🇳

-🇻🇳 ops in 🇨🇳

-🦹‍♂️ SIM swapping

then we have

-🇦🇿 ✂️ insecure gov

plus the usual tradecraft analysis.https://t.co/i4bFpIddPx
— Ollie Whitehouse (@ollieatnowhere) May 21, 2023

(fictional) Google Interview process ca 2012:

Interviewer walks in. Hands candidate a die. Candidate throws a 4.

"Wrong. No hire."

Interviewer walks out.
— Halvar Flake (@halvarflake) May 20, 2023

⁉️ SIS: What's In a Name?

The Secret Intelligence Service has had numerous names over the years, famously referred to as #MI6.

But what other names have there been? A thread🧵 pic.twitter.com/HlTIMU0h3t
— Dr. Dan Lomas (@Sandbagger_01) May 21, 2023

#SpyNews - week 20 (May 14-20)

A summary of 81 espionage-related stories from week 20 coming from 🇨🇳🇺🇸🇿🇦🇺🇦🇷🇺🇰🇷🇬🇧🇮🇳🇵🇰🇨🇦🇮🇶🇧🇬🇩🇿🇯🇵🇵🇱🇧🇩🇯🇴🇸🇩🇮🇱🇧🇾🇫🇷🇦🇺🇧🇭🇷🇴🇰🇵🇶🇦🇬🇷🇹🇷🇰🇪🇷🇸🇦🇪🇸🇴🇲🇱🇳🇴🇹🇼🇸🇾🇮🇷🇳🇮🇨🇾🇬🇪🇨🇭🇩🇪🇱🇺 https://t.co/uFTRAlP4Yj#Espionage #OSINT #HUMINT #SIGINT
— Spy Collection (@SpyCollection1) May 21, 2023

Here are the slides from @tiraniddo and my talk, "The Print Spooler Bug that Wasn't" this morning at @offensive_con. We take you through our investigation into CVE-2022-41073, an in-the-wild 0-day that Microsoft patched in Nov 2022. #OffensiveCon2023

https://t.co/nM1T5a5XoR pic.twitter.com/6jpiEclnTD
— Maddie Stone (@maddiestone) May 19, 2023

The best way to learn how real threat actors operate is to read the many published threat reports on their activity

DFIR Reporthttps://t.co/smuy9CAfqS

APT Groups and Operationshttps://t.co/prEGxXIV8l

ORKL https://t.co/t1aqv4Febr

I’ll add more links in the replies 🧵
— Florian Roth (@cyb3rops) May 20, 2023

PyPI temporarily pauses new users, projects amid high volume of malware https://t.co/B8BnJBKMef
— Nicolas Krassas (@Dinosn) May 21, 2023

We have just uploaded the slides for "Unearthing Vulnerabilities in the Apple Ecosystem: The Art of KidFuzzerV2.0" by @Peterpan980927 

Our team member is truly honored to participate in OffensiveCon 2023.

https://t.co/Jj9HQ1OKf5
— starlabs (@starlabs_sg) May 21, 2023

frantically googling “how to communicate with orcas” pic.twitter.com/PkYbhiWXva
— Stone Cold Jane Austen (@AbbyHiggs) May 20, 2023

https://twitter.com/samczsun/status/1660012956632104960

Ukrainian hackers hacked the emails of Oxana Netyksho, the wife of one of the FBI's most wanted #Russian war criminals who interfered in the 2016 #US election. The hack managed to retrieve a photo of Netyksho, which the #FBI did not have.@FBIMostWanted  More:… pic.twitter.com/Wy0EkhYLGr
— InformNapalm (@InformNapalm) May 20, 2023

“Since Rufina’s death, a number of other items, notably Philby’s books, have appeared on the open market. The whereabouts of the rest of the Philby collection is unknown.” https://t.co/fV5VwIBtwa
— Michael Weiss (@michaeldweiss) May 21, 2023

Evergreen
✅ Google: "We’re committing $10 billion to advance cybersecurity" 

✅ Microsoft: "[We] will invest $20 billion to advance our security solutions"

❌ Apple: Appeals case it lost against Corellium
— Patrick Wardle (@patrickwardle) August 25, 2021

The @GlobalCyberAlln  is launching the Accessible Cybersecurity Tools initiative as a part of #CyberCivilDefense, sponsored by @craignewmark. The idea is simple – leverage the power of inclusivity and solutions from open-source, commercial, and government providers to empower pic.twitter.com/3TdZoBTTck
— Phil Reitinger @philr.bsky.social (@CarpeDiemCyber) May 20, 2023

Bill Gates' arch-nemesis, Bill Fences. Bill Fences invented Linux.
— vx-underground (@vxunderground) May 20, 2023

The legend of Cleo in the Mathematics StackExchange. 😂 pic.twitter.com/imrBLda1LH
— Andrew Ruiz (@then_there_was) April 20, 2023

                            Don't miss what's next. Subscribe to the grugq's newsletter: