October 7, 2022

The hacktivist group Guacamaya compromised the chiefs of staff of Chile and published several gigabytes of their e-mail spools online. In this data, there's some references to known spyware and resellers of these tools. 🧵👇

Interesting piece about the #Snowden files: "journalists find themselves in the ironic position of responsibly protecting some of NSA’s most sensitive secrets."

Cybersecurity Awareness Month Tip #5: If a big attacker is close by: Stay in a group; carry junior developers; make noise. Do not run and do not bend down to pick up code. Act dominant and stand your ground — stare in the attacker’s eyes and show your teeth while making noise.

Interesting paper from @Nature showing that SARS-CoV-2 reduces antiviral response by disrupting gene transcription. It does this mimicking histone proteins which are ordinarily responsible for packaging DNA in a cell’s nucleus

Earlier this year, financial journalist @nasoskook and @citizenlab found that his phone had been infected with the Predator spyware from Cytrox. He’s now suing the parent company, Intellexa, “alleging a criminal breach of privacy and communication laws.”

#HITB2022SIN KEYNOTE 2: Adventures In Security Research - Runa Sandvik -

Okay

telling github copilot to write my next function "in the style of john carmack"

@turtlekiosk @adhsec Yes this works

Another update to #ProxyNotShell blog - There's an unannounced bypass to the mitigation again today. - Windows Server 2016 and above automatically excludes IIS processes from Defender scanning, which has implications for detection and MS telemetry.

First seminar of the term done and I, at least, really enjoyed it. We used this article to deconstruct prisms which shape understandings of secrecy - & why they matter It's got Bond, it's got Diana, it's got guns, legends, "mad" ops, license to kill!

An interesting development in the Kim <> Kanye saga

Actively exploited Zimbra zero-day Exploited for a month ☑ Public PoC ☑ Patch ❌