November 4, 2022

# This is a first. A mastodon link instead of Twitter. Unsupported though, so I’ll have to change my workflow if Twitter tanks.

                            November 4, 2022

                November 4, 2022

Friend: oh no, crows have read FM 3-24 Counterinsurgency 
Sydney Battle @SydneyBattle
huge drama on my block rn. basically my crows got tired of the local squirrels always taking some of the food i leave out. so now, as an act of retaliation— the crows are going yard to yard, finding the squirrels’ stashes, & eating everything. squirrels are watching in horror7:30 PM ∙ Nov 2, 2022
90,366Likes8,049Retweets
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

-
ORKL Cyber Threat Intelligence Library @orkleuHello World 👋 orkl.eu is finally available to the public.
orkl.euORKLORKL Threat Intelligence Library1:08 PM ∙ Nov 3, 2022
173Likes78Retweets
-
Florian Hansemann @CyberWarship"Coercer: A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods."

#infosec #pentest #redteam
github.com/p0dalirius/Coe… 
12:33 PM ∙ Nov 3, 2022
146Likes57Retweets-
Lukasz Olejnik @lukOlejnikNew TikTok's privacy policy (2December) is here. "information includes your device model, operating system, keystroke patterns or rhythms...". So, what's your favorite video filter on TikTok? tiktok.com/legal/page/eea… 
3:41 PM ∙ Nov 3, 2022
13Likes9Retweets
-
Dr Kate Compton #BotGirlSummer @GalaxyKate
4:24 PM ∙ Nov 3, 2022
138Likes23Retweets
-
Basically a press release from cyberint, but it’s kinda interesting to see the evolution of a criminal hacking group.

https://www.timesofisrael.com/israeli-cyber-intel-firm-shines-bright-light-on-new-shadowy-cybercrime-collective/

-
raptor @0xdea
Now this is a pretty handy tool...

"A plugin to introduce interactive symbols into your debugger from your decompiler"

// by @mahal0z

github.com/mahaloz/decomp… 
5:21 PM ∙ Nov 3, 2022
36Likes13Retweets
-
Ciaran Martin @ciaranmartinoxf
Big. Important.  theregister.comMondelez, Zurich settle $100m+ NotPetya insurance lawsuitDeal could ‘upend the entire cyber-insurance ecosystem and make it almost impossible to get meaningful cyber coverage’5:28 AM ∙ Nov 3, 2022
34Likes7Retweets
-
Sheon Han @sheonhan
My employee login @Twitter vs. Lettuce
Let's goooooooooo 
4:44 AM ∙ Nov 3, 2022
37,770Likes2,825Retweets
-
Matt Levine @matt_levine
i was not expecting this to end with the world's richest man spending all day on twitter begging people for $8 but it's extremely funny? 
Elon Musk @elonmusk
https://t.co/kGncG7Hs3M12:04 AM ∙ Nov 3, 2022
6,489Likes747Retweets
Elon Musk @elonmusk
7:47 PM ∙ Nov 2, 2022
1,809,148Likes173,192Retweets
-
Luka Ivan Jukic @lijukic
Listening to this 24/7 and waiting to see how long it takes me to go insane 
7:55 PM ∙ Nov 2, 2022
1,367Likes182Retweets
-
raptor @0xdea
Ghidra 10.2 is out!

github.comRelease Ghidra 10.2 · NationalSecurityAgency/ghidraWhat’s New
Change History
Installation Guide
SHA-256: a5163f50bd6ce725c4c8638f7505b64bb603ea6bfe3f7d9ed4e403236716f7877:26 PM ∙ Nov 3, 2022
68Likes27Retweets
-
Council on Foreign Relations @CFR_org
Beijing continues to double down on its efforts to build a more sustainable and self-reliant digital economy, and the country’s handling of data and computing infrastructure will surely prove to be an important thing to watch, writes Seaton Huang. on.cfr.orgChina’s Latest National Infrastructure Project Spotlights Computing CapabilitiesA new computing project in China aims to reorient the country’s data processing capabilities while jumpstarting lagging growth in interior provinces and meeting increasingly demanding environmental r…7:14 PM ∙ Nov 3, 2022
7Likes3Retweets
-
Rich Warren @buffaloverflow
If you thought #ProxyRelay was dead with Extended Protection, think again!

Thanks to #ProxyNotShell and @irsdl’s encoding bypass it’s alive and well! 👻 
Rich Warren @buffaloverflow@GossiTheDog I’ve got it working in impacket. Bypasses both the rewrite mitigation and the Extended Protection that was supposed to mitigate ProxyRelay.

None of the current fixes are enough.

https://t.co/8KUK8FG9K811:12 AM ∙ Nov 3, 2022
26Likes10Retweets
-
spookie chompie @chompie1337
SandboxEscaper (Essbee) found her cryptographic memory corruption bugs ☺️ (she discovered the recent OpenSSL bugs). Was determined to go from logic LPE bugs to remote memory corruption; found both kernel and user 0click in  < 3mo. One of the most prolific bug hunters of all time3:03 AM ∙ Nov 4, 2022
434Likes38Retweets
-
dustin Couch @Dustinkcouch
why would anyone pay for this 
1:55 AM ∙ Nov 4, 2022
35,322Likes3,622Retweets
-
François Chollet @fchollet
Software companies aren't made of code. They're made of processes that produce and maintain code. And the foremost component of these processes are people.

The code is just a by-product. More of a liability than an asset.3:25 AM ∙ Oct 30, 2022
3,636Likes586Retweets
-
Dan Black @DanWBlack
Important point here.

So much of our understanding of cyber operations has been framed under conditions short of war that we are nowhere close to understanding it under conditions of war. There's much more to cyber support to military ops than wipers timed with troop movements. 
Glitchy Michael 🌻 @GlitchyMichael
@HostileSpectrum @shashj This, and we need to stop categorizing sets intended to produce geo, pattern of life, etc towards theater kinetic targeting or wet work as the same thing as CNE with a policymaker customer.8:01 AM ∙ Nov 4, 2022
6Likes1Retweet
-
Justin Elze @HackingLZEveryone uses the same recon playbook 

assets.sentinelone.com/sentinellabs22… 
1:43 PM ∙ Nov 3, 2022
326Likes52Retweets
-
Rachel Tobac @RachelTobac
No identity verification, & 8 bucks for a verified account?
Get ready for the new cyber criminal playbook: use stolen credit card to buy verified Twitter account, impersonate real customer support channels, trick users into handing over account details in DM, account takeover. https://t.co/lZ9wCVSc0a
Ryan Mac 🙃 @RMac18We saw internal docs with more insight into the new Twitter Blue:

-Launch on Nov. 7 but only in current markets (US, CA, Aus, NZ)
-Check marks for subscribers, no current ID authentication
-Some features announced by Musk won't be ready
-Euro launch soon
https://t.co/K646aQrThi https://t.co/1jToHytXfi3:08 AM ∙ Nov 4, 2022
1,200Likes501Retweets
Rachel Tobac @RachelTobac
Want to know why this attack method works now & will work in the updated Twitter Blue scenario? Because real companies use Twitter as a customer support channel and they actually *do* ask for account details to support. When the criminals can match real world behavior, it works.3:20 AM ∙ Nov 4, 2022
161Likes42Retweets
-
Adamned Cerious @Browtweaten[first day as a doorman]

me: bye, thanks for coming 

sperm bank manager: *pulling me to the side* this was literally the first thing we talked about10:24 PM ∙ Nov 3, 2022
1,398Likes222Retweets-
ste brown @stebrown8
There used to be 3 cash machines at Bootle Asda. A few years ago they took 1 away and covered the hole with a metal plate. Someone has took the metal plate away last night, climbed through the hole and emptied the other 2 cash machines 😂 
12:47 PM ∙ Nov 3, 2022
43,950Likes2,789Retweets
-
Lukasz Olejnik @lukOlejnik
My analysis of Permissions Policy. Very useful security/privacy feature, allows granular/global disabling of access to sensitive web browser features. Helps with tech development, also compliance. Add it to the standard privacy engineering checklist! :) blog.lukaszolejnik.comPermissions Policy as a key configuration component of site privacy and securityAs privacy engineering is getting more and more mature as a field in some settings experts are creating a “privacy checklist” of things to have. It’s useful in design, development, and deployment, but also audits. Many useful things could be added to such a list. Of particular recent relevance is10:23 AM ∙ Nov 4, 2022
4Likes1Retweet
-
Bert Hubert 🇺🇦 @bert_hu_bertSlides with notes from my presentation "Cyber and Information Security: have we all gone mad?" held yesterday at @CyberSecTUDelft @tudelftTBM. A reflection on how our norms and attitudes have truly been shattered since the 1990s: berthub.eu/cyber-mad/Cybe… 
10:32 AM ∙ Nov 4, 2022
17Likes6Retweets
-
# This is a first. A mastodon link instead of Twitter. Unsupported though, so I’ll have to change my workflow if Twitter tanks.

https://infosec.exchange/@FlUxIuS/109284728102602160

USENIX 22 video recordings are up

https://www.usenix.org/conference/usenixsecurity22/technical-sessions

-
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

                            Don't miss what's next. Subscribe to the grugq's newsletter: