October 17, 2024
October 17, 2024
Administrivia: the deadline for my application to the PhD program is the 20th. I’m finalizing my proposal and don’t have much time for the newsletter right now. I apologize for the inconvenience, normal service to resume next week.
I just live hacked @ArleneDickinson (Dragons' Den star - Canada's Shark Tank) by using her breached passwords, social media posts, an AI voice clone, & just 1 picture for a deepfake live video call.
— Rachel Tobac (@RachelTobac) October 16, 2024
Thank you @ElevateTechCA @Mastercard for asking me to demo these attacks live! pic.twitter.com/SqQLceOj33
Today, the famous hacker known as USDoD was arrested by the Brazilian police.
— Baptiste Robert (@fs0c131y) October 16, 2024
The FBI had a way to find his identity and home address since at least June 2022. I will show you how.
It's OSINT time! ⬇️ https://t.co/f0uoz8CgIH
Thread by @fs0c131y on Thread Reader App – Thread Reader App
@fs0c131y: Today, the famous hacker known as USDoD was arrested by the Brazilian police. The FBI had a way to find his identity and home address since at least June 2022. I will show you how. It's...
That's all what is left behind our bright and brave kid USDoD who was arrested today in Brazil. We wish him to return as soon as possible! Bratva will always remember you and your fight.
— B r a t v a (@BratvaCorp) October 16, 2024
WE ARE ALL USDOD NOW! pic.twitter.com/5JGA6dC7v4
DEF CON 32 video (Optical Espionage: Using Lasers to Hear Keystrokes Through Glass Windows) and Git released for my high-fidelity RF-laser microphone (converting infrared light into high quality sound and keystrokes): https://t.co/12JdnHdSCU
— samy kamkar (@samykamkar) October 17, 2024
Scoop: Anonymous Sudan, an extraordinary cyberattack for hire gang, has been taken down by the U.S. and unnamed other governments after in-depth investigations by U.S. companies that lost millions to the gang's work. GIFT LINK in reply.
— Joseph Menn (@josephmenn) October 16, 2024
It’s two dudes in Sudan. Lol
How to find 0days in cutting edge next-gen security products:
— Hamid Kashfi (@hkashfi) October 16, 2024
1- Install Ghidra
2- Read Marco's notes
3- Literally copy-paste instructions and apply them to your favorite expensive appliance firmware.
4- Win bugs like CVE-2024-23113. https://t.co/qWXhzZTYrp
Automating binary vulnerability discovery with Ghidra and @Semgrep, by yours truly 💚https://t.co/zZWKvsAaAS
— raptor@infosec.exchange (@0xdea) July 7, 2022
Automating binary vulnerability discovery with Ghidra and Semgrep - hn security
“Humans are more suited to recognize […]
IMEI is not the only hardware identifier for the device available to the cellular network. Changing the IMEi alone isn't enough to hide the device identity from the network. It will only hide one commonly used ID rather than making the device not uniquely identifiable.
— GrapheneOS (@GrapheneOS) October 17, 2024