November 23, 2024
November 23, 2024
If you’re looking to kill 3hrs with a podcast of my talking about hacker history, Phrack, and a bunch of random thoughts, I’ve heard this is pretty good:
And if that’s your kinda thing, I recommend this interview as well. It was a lot of fun.
Write-ups, blog posts and papers related to cybersecurity, reverse engineering and exploitation (updated collection)https://t.co/g2cERXRyeY#infosec #cybersecurity pic.twitter.com/JCbLjyHz3u
— 0xor0ne (@0xor0ne) November 22, 2024
Today at @CYBERWARCON we watched arguably one of the most interesting talks we've seen in awhile.@stevenadair gave a nearly 1 hour presentation regarding APT28's "Nearest Neighbor Attack". In summary, because it was a long and wild story, APT28 successfully compromised one of…
— vx-underground (@vxunderground) November 22, 2024
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access | Volexity
In early February 2022, notably just ahead of the Russian invasion of Ukraine, Volexity made a discovery that led to one of the most fascinating and complex incident investigations Volexity had ever worked. The investigation began when an alert from a custom detection signature Volexity had deployed at a customer site (“Organization A”) indicated a threat actor had compromised a server on the customer’s network. While Volexity quickly investigated the threat activity, more questions were raised ...
35 year old Chinese man arrested in Bangkok, driving around populated areas with a SMS blaster with a 3km radio sending 1,000,000 phishing SMS per hour. "Phone users within range received a message stating: “Your 9,268 points are about to expire! Hurry up and redeem your gift… pic.twitter.com/YdaV5VSdF2
— Sick.Codes (@sickcodes) November 22, 2024
Yesterday night (or early morning November 22nd depending on where you reside), it was unveiled an unknown Threat Actor(s) had compromised Andrew Tate's online university, dubbed "The Real World (Hustler's University)".
— vx-underground (@vxunderground) November 23, 2024
Note(s):
1. The content was given to non-profit… pic.twitter.com/UHNlIqVy2d
Chinese data broker services on Telegram are recruiting insiders at China's state surveillance agencies, paying them as much as $10k a day for their access, then reselling it for cheap searches of almost every kind of personal info imaginable. https://t.co/3Cg6Aj1gSZ
— Andy Greenberg (@agreenberg at the other places) (@a_greenberg) November 21, 2024
Listening to James Elliot from MSTC discuss the "Triple Threat" of North Korean IT workers a/k/a Ruby Sleet via @CYBERWARCON.
— vx-underground (@vxunderground) November 22, 2024
We've learned a lot about their methods of applying for jobs, their templates and portfolios, how they use AI for faking images, etc. Included in this is…
They should have. We need to unironically ask the DPRK for job hunting tips
— vx-underground (@vxunderground) November 22, 2024
Middle Ages had it right all along. pic.twitter.com/abbV08CsHC
— Bojan Tunguz (@tunguz) November 22, 2024
Finally had some time to dig into the subsea cable cuts in the Baltic Sea that have gotten a lot of attention lately.
— Doug Madory (also on Bluesky) (@DougMadory) November 21, 2024
Due to the region's rich fabric of connectivity, the cable cuts caused minimal disruption.
However, here are some subtle BGP impacts I was able to identify. 🧵
Bangkok Post - Thai court dismisses activist’s spyware suit
The Bangkok Civil Court has dismissed a lawsuit by activist Jatupat Boonpattararaksa against NSO Group Technologies for allegedly failing to prevent him from being targeted with its Pegasus spyware , according to Amnesty International.
DUAL USB-C https://t.co/98FU9uVA3Q pic.twitter.com/dE9wF40mSF
— 丹生坂つかさ (@nibsakat) November 22, 2024
— effectfully (@effectfully) November 21, 2024