November 30, 2022

                            November 30, 2022

                November 30, 2022

Dreadnought Holiday @TheDreadShips
It's a well-known fact that steam engines can be bloody dangerous, what with being powered by water in its angriest phase and all, so rejoice in its replacement with something safer.

[checks notes]

Engines powered by boiling gasoline.

We're going to need a thread here... 
8:47 PM ∙ Jun 24, 2022
697Likes182Retweets
-
Matthijs R. Koot @mrkoot
Screenshots: the 4-page summary of "China Security Report 2023: China's Quest for Control of the Cognitive Domain & Gray Zone Situations", published by the Japanese National Institute for Defense Studies.  
Matthijs R. Koot @mrkootChina Security Report 2023: China's Quest for Control of the Cognitive Domain & Gray Zone Situations (2.3MB .pdf, Nov 2022, 93pp) https://t.co/Yo4iZdXEDP

From the Japanese MoD Nat'l Institute for Defense Studies (NIDS).

All such reports, 2010-present: https://t.co/aiw2uIXQt9 https://t.co/zJOHF6B2ON3:21 PM ∙ Nov 29, 2022
5Likes5Retweets
-
Subscribe now
-
Sam Curry @samwcyo
More car hacking!

Earlier this year, we were able to remotely unlock, start, locate, flash, and honk any remotely connected Honda, Nissan, Infiniti, and Acura vehicles, completely unauthorized, knowing only the VIN number of the car.

Here's how we found it, and how it works: 
3:18 AM ∙ Nov 30, 2022
2,801Likes900Retweets
-
Jack Watling @Jack_Watling
A privilege to have worked on this study with Lieutenant General Mykhaylo Zabrodskyi, Oleksandr V. Danylyuk and Nick Reynolds for @RUSI_org. An incomplete, but hopefully useful baseline for learning lessons in conventional warfighting from Ukraine: rusi.orgPreliminary Lessons in Conventional Warfighting from Russia’s Invasion of Ukraine: February–July 2022This study of the early phases of the 2022 war sheds light on Ukraine’s strengths and vulnerabilities, and the need for further Western support.4:06 AM ∙ Nov 30, 2022
518Likes144Retweets
-
cts @gf_256
fucking around:                         finding out: 
9:08 PM ∙ Nov 29, 2022
901Likes125Retweets
cts @gf_256
9:09 PM ∙ Nov 29, 2022
147Likes6Retweets
-
Lúcás Meier @cronokirby
Someone should convince audiophiles that like, IPV6 has better audio quality10:31 PM ∙ Nov 29, 2022
749Likes120Retweets
-
Not the onion.
KRON4 News @kron4news
San Francisco police clarified that it would not arm robots with guns. Instead, they would be equipped with explosives. trib.alSF police ‘killer robots’ motion passesSAN FRANCISCO (AP) — Police in San Francisco will have the ability to deploy potentially lethal, remote-controlled robots in emergency situations after supervisors of the politically Democratic cit…8:30 PM ∙ Nov 29, 2022
1,180Likes458Retweets
-
Gwendal Le Coguic @gwendallecoguic
New GitHub search is 🔥🔥🔥 
4:06 PM ∙ Nov 28, 2022
10,783Likes1,444Retweets
-
Chang Che @Changxche
How to protests under 21st century authoritarianism. A thread 🧵1:30 PM ∙ Nov 28, 2022
574Likes192Retweets
-
Chang Che @ChangxcheCall it the 21st century authoritarian paradox.

The more repressive a system is with political signs, symbols and forms of expression, the more anything can BECOME a sign or symbol etc.

Symbolism never dies. It just moves to the next best thing. 12/1:30 PM ∙ Nov 28, 2022
284Likes86Retweets-
#secops is undoubtedly challenging, but our analysis of detection policies/rules vs the usefulness of alerts suggests many organizations are making it even harder on themselves. Full study: https://www.securonix.com/resources/quantifying-siem-effectiveness/

https://infosec.exchange/@cyentiainst/109388194072970615

-
Recently, I was developing RCE exploits for Xiongmai NVR/IPC. I was focused on 7 vulnerabilities published between 2017 and 2022 (a couple of which had no CVE). Based on my research, I put together a write-up explaining why Xiongmai devices are interesting, shared thoughts on exploit dev, and shared some caught-in-the-wild exploitation.

https://vulncheck.com/blog/xiongmai-iot-exploitation

https://infosec.exchange/@albinolobster/109428990805099502

-
John MacNeill Miller @Snarls_Dickens
Every Victorian novel should come with a set of fabric samples bound in at the back. Then when we read about worsted or crape or cambric or bombazeen we could flip to the textile glossary, run our eyes and hands over a little swatch, and actually grasp the textures of that world.3:32 PM ∙ Nov 29, 2022
14,219Likes1,541Retweets
 -
vx-underground @vxunderground
We've updated the vx-underground Archives.

- Windows Malware Analysis Series by @ale_sp_brazil 
- Windows Internals Blog Series by @yarden_shafir 

Check it out here: vx-underground.org/archive.html 
11:07 PM ∙ Nov 29, 2022
101Likes17Retweets

                            Don't miss what's next. Subscribe to the grugq's newsletter: