November 6, 2022

                            November 6, 2022

                November 6, 2022

                        New Lazerpig. The ad is probably the greatest ever made. 

-
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

-
rosebud @t34doll
european students in the '70s: bruh i got an essay due tomorrow and i gotta kidnap the prime minister and bomb a bank by friday 😭😭😭12:41 PM ∙ Nov 5, 2022
7,903Likes730Retweets
-
Ollie Whitehouse @ollieatnccgroupWeekly analysis is out:
-🇻🇳 ops using hacked IoT
-🇷🇺 crime ops in 🇺🇦🇬🇧
- 30💸 ops net $30 mil - inc via SWIFT
-🇮🇳 ops use stolen code signing certs
-🇰🇵 🎣 ops

plus:
- scanning for 🇨🇳 C2
- root cause from 100 DeFi hacks
- SPARK exploitation

bluepurple.substack.com/p/bluepurple-p…
bluepurple.substack.comBluepurple Pulse: week ending November 6thGuy Fawkes edition and not in the V for Vendetta sense...6:55 AM ∙ Nov 6, 2022
25Likes12Retweets
-
Interesting 
Rob Joyce @NSA_CSDirectorFormer NSA or Intel community?  Come on back!  We now have a vacancy listing to fast track former employees back in.  Check it out.
apply.intelligencecareers.gov/job-descriptio… 
1:20 AM ∙ Nov 6, 2022
269Likes54Retweets
-
Stephen Punwasi 📉🎄🎅🏼🐈 @StephenPunwasi
I hope Elon Musk buys Facebook next10:30 PM ∙ Nov 5, 2022
782Likes120Retweets
-
raptor @0xdeaJuniper SSLVPN / JunOS RCE and Multiple Vulnerabilities 🤦🤦‍♂️🤦‍♀️

// by @OctagonNetworks 

octagon.net/blog/2022/10/2… 
8:52 AM ∙ Nov 6, 2022
7Likes5Retweets
-
Gored Licorice II: The Spookquel @LordLicoriceDrp@AlexandraErin Listen, I don't have a crystal ball, and I haven't consulted the oracles.

But. 12:00 AM ∙ Nov 6, 2022
255Likes50Retweets-
A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain

https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html

-
Lawrence Freedman @LawDavFTo reinforce @shashj - I went through the history of negotiations in this piece. samf.substack.com/p/getting-to-n… There was never an agreed deal and in his only public statement Johnson accepted that a deal might involve Ukraine abandoning idea of joining NATO. 
Shashank Joshi @shashj
Jonathan Steele in the Guardian repeats the damaging myth that the UK & US sabotaged a Russia-Ukraine deal in March. There’s no evidence for this claim, yet it has become an article of faith among certain people. https://t.co/i0ndsXTajz https://t.co/DYY3JSavEY
8:38 AM ∙ Nov 6, 2022
120Likes40Retweets
-
Crypto phones. Offensive cyber by states. A perspective. [NoScript, or Reader View to read]
Jan-Jaap Oerlemans @jjoerlemansIn dit interview deel ik mijn onderzoek en inzichten naar de verzameling van inlichtingen door o.a. de politie in de cryptotelefoonzaken (EncroChat, Sky ECC, etc.): ftm.nl/artikelen/jan-… -> Niet de politie en het OM stellen de grens over wat wel en niet mag, maar de wetgever.
ftm.nl‘Door gebrek aan toezicht gaan overheidsinstanties soms te ver bij het verzamelen van inlichtingen’Hoogleraar inlichtingen en recht Jan-Jaap Oerlemans ziet steeds meer overheidsinstanties inlichtingen over burgers verzamelen. En omdat toezicht en adequate wetgeving ontbreken, gaan sommige instanties over de schreef. Oerlemans waarschuwt dat burgers niet voldoende zijn beschermd tegen misbruik van…7:56 AM ∙ Nov 6, 2022
22Likes10Retweets
-
raptor @0xdea
CVE-2022-43995 is really something.

Sudo 1.8.0 through 1.9.12 contains an array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by local users with access to Sudo by entering a password of 7 chars or fewer.

github.com/sudo-project/s… 
8:22 AM ∙ Nov 6, 2022
23Likes5Retweets
-
🥀_Imposter_🕸️ @Imposter_Edits
Kinda impressed by the dedication honestly. 
1:47 AM ∙ Nov 6, 2022
3,646Likes699Retweets
-
Marietje Schaake @MarietjeSchaake
Top officials tried to link protesters to an imaginary terrorist plot in an apparent effort to boost Trump’s reelection odds, raising concerns now about the ability of a sitting president to co-opt billions of dollars’ worth of domestic intelligence assets gizmodo.comHomeland Security Cops to Manufacturing Fake Terrorists for TrumpA new Homeland Security report details orders to connect protesters arrested in Portland to one another in service of the Trump’s imaginary antifa plot.7:11 AM ∙ Nov 6, 2022
24Likes18Retweets
-
hakan @hatrcheck this story for the slides alone but also for quotes like this

"The greatest achievement to date of Project Merciless […] have come from successful penetration operations targeting vocal critics inside the FIFA organization."

swissinfo.ch/eng/business/-… 
3:31 PM ∙ Nov 3, 2022
22Likes14Retweets
-
0xor0ne @0xor0neGlibc heap exploitation: House of IO technique
Blog post by @Dooflin5 

maxwelldulin.com/BlogPost/House… 

#glibc #heap #exploit #infosec #cybersecurity #learning 
7:30 PM ∙ Nov 5, 2022
92Likes25Retweets
-
NeilMackay @NeilMackayProf Matt Qvortrup @drqvortrup is the world’s leading authority on independence movements. He’s subjected the SNP’s plans to ruthless analysis in his new book about how to create an indy nation. There’s good and bad news for the Yes movement. I’ll explain🧵heraldscotland.com/politics/23104…
heraldscotland.comLeading global academic on independence says SNP can easily win indyref2 - if it embraces populismProfessor Matt Qvortrup is a world expert on how countries achieve independence. He says Scotland would easily become a successful independent…8:51 AM ∙ Nov 6, 2022
161Likes101Retweets
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

                            Don't miss what's next. Subscribe to the grugq's newsletter: