May 28, 2022

Belgium seems to want to ban Signal.

Matthew Green @matthew_d_green

Belgium’s new data retention laws might result in a Signal ban.

edri.orgBelgium wants to ban Signal – a harbinger of European policy to come - European Digital Rights (EDRi)Last week, the Belgian government launched a proposal that would ban Signal. What’s going on?

3:04 PM ∙ May 27, 2022

---

77Likes77Retweets

-

Kelly Shortridge @swagitda_

I want a full textbook of computer concepts analogized to magic like this

2:42 PM ∙ May 27, 2022

---

2,374Likes468Retweets

-

🏳️‍⚧️Hoity-Toity🏳️‍🌈 @WeAreHoityToity

@SethGreen @BoredApeYC @opensea @doodles @yugalabs @DarkWing84 hi Seth I wrote a song for you and your lost monkey jpeg

6:43 AM ∙ May 26, 2022

---

808Likes194Retweets

-

Report on a disinformation bother.

Allan “Ransomware Sommelier🍷” Liska @uuallan

A botnet capable of spreading disinformation on a massive scale, really interesting report from @nisos & @vincas_ciziunas

nisos.comFronton: A Botnet for Creation, Command, and Control of Coordinated Inauthentic BehaviorMay 2022 Investigative Report Release: Nisos analysts determined that Fronton is a system developed for coordinated inauthentic behavior on a massive scale. Read more.

6:06 PM ∙ May 27, 2022

---

10Likes10Retweets

-

Out of Context Human Race @NoContextHumans

2:20 PM ∙ May 26, 2022

---

348,250Likes31,023Retweets

-

Maia @MonetaristMaia

6:57 PM ∙ May 27, 2022

---

568Likes120Retweets

-

Crypto. Fraud. Scam. Great thread on a bug that was silently exploited for a year, stealing $30m overall.

FatMan @FatManTerra

🧵👇 What if I told you that Mirror Protocol, up until 18 days ago, was susceptible to the one of the most profitable exploits of all time, allowing an attacker to generate $4.3m from $10k in a single transaction? Here's how I discovered this - by pure serendipity. 🧵👇

12:12 AM ∙ May 27, 2022

---

1,373Likes349Retweets

FatMan @FatManTerra

PS. They tried hard to obfuscate their cashouts on Ethereum, but we're looking for them, and I hope we find them eventually. My team of researchers and I are hard at work - you can hide IRL, but the blockchain never forgets.

12:21 AM ∙ May 27, 2022

---

495Likes44Retweets

-

Looks like an interesting topic.

Stephan Lipp @stephanlipp

How good are SAST tools at detecting C code vulnerabilities, and what types of security bugs are better detected than others? Answers to this can be found in our @issta_conf'22 paper. 📄 mediatum.ub.tum.de/doc/1659728/16… 💾 doi.org/10.5281/zenodo… With Alexander Pretschner & @banescusebi

doi.orgArtifacts for the ISSTA 2022 Paper: An Empirical Study on the Effectiveness of Static C Code Analyzers for Vulnerability DetectionThis repository contains the evaluation script and the corresponding data of the ISSTA′22 paper “An Empirical Study on the Effectiveness of Static C Code Analyzers for Vulnerability Detection”.

10:31 AM ∙ May 27, 2022

---

52Likes15Retweets

-

Wild thread. lol

Metro @MetroUK

A team of scientists at Northwestern University in the US have accidentally created overly-aggressive mutant hamsters following a gene-editing experiment. 🐹 They were trying to increase bonding between the lovable animals but failed. Let's Discuss 👇 trib.al/KQYbMqu

trib.alGene-editing experiment turns fluffy hamsters into ‘aggressive’ rage monstersThe results of the experiment were a ‘startling conclusion’.

3:36 PM ∙ May 27, 2022

---

3,345Likes1,340Retweets

-

Cool research. It allows an attacker to manipulate your phones touch screen from up to 4 cm away after you’ve unlocked it. Ok, cool theoretical research.

https://thehackernews.com/2022/05/attackers-can-use-electromagnetic.html

-

Parsia @CryptoGangsta

@JasonGeffner I'd just like to interject for a moment. What you’re referring to as Azure, is in fact, Office 365/Azure, or as I’ve recently taken to calling it, O365 plus Azure. Azure is not cloud product unto itself, but rather another free component of a fully functioning O365 system.

5:14 PM ∙ May 27, 2022

---

357Likes65Retweets

-

raptor @0xdea

Well-written blog post about how to approach (Java) security audits, by @frycos

Security Code Audit - For Fun and Fails

frycos.github.ioSecurity Code Audit - For Fun and FailsRecently, I asked the Twitter community if anyone would be interested in a blog post about “failed” security code audit attempts. A lot of you seemed to like this idea, so here it is. I was somehow afraid to make a fool out of myself with this blog post but sometimes it seems that everybody thinks t…

7:32 AM ∙ May 28, 2022

---

61Likes31Retweets

-

Rory Cormac @RoryCormac

Lol @PrivateEyeNews

7:42 AM ∙ May 28, 2022

---

56Likes7Retweets

-

Another type of cyber vulnerability.

@jwildeboer@social.wildeboer.net @jwildeboer

One single type of payment terminal (the Verifone H5000), a rather old platform, officially announced End of Life 2018 with some sort of support until 2023, brought down big parts of card payment all over Germany as one of the embedded certificates expired unnoticed on Tuesday.

4:40 PM ∙ May 27, 2022

---

7,955Likes1,878Retweets

-

shubs @infosec_au

Jordan (@vitalemonntea) and I spent some time understanding CVE-2022-22972 (VMWare Workspace One Access Auth Bypass) as we were very curious about the root cause. If you're interested in understanding this vulnerability, check out our blog.

blog.assetnote.ioUnderstanding CVE-2022-22972 (VMWare Workspace One Access Auth Bypass)Application security issues found by Assetnote

10:15 AM ∙ May 28, 2022

---

89Likes21Retweets

-

Lol

Leon Derczynski 🏡🌱 @LeonDerczynski

'I don't really trust papers out of "Top Labs" anymore' reddit.com/r/MachineLearn…

12:11 PM ∙ May 27, 2022

---

2,290Likes376Retweets