September 13, 2024
September 13, 2024
Despite Musk's best efforts, this website continues to deliver jaw-dropping moments. pic.twitter.com/SvYS0XD2nr
— Daniel Sugarman (@Daniel_Sugarman) September 12, 2023
Let's find more image parsing bugs together! Jackalope now comes with an example harness (and some tips & tricks) for fuzzing Apple image parsers, see https://t.co/pIPySPNecb. If you ever ran test_gdiplus from WinAFL, this is the equivalent for macOS.
— Ivan Fratric 💙💛 (@ifsecure) September 12, 2023
A POC of the ContainYourself research presented in DEF CON 31, which abuses the Windows containers framework to bypass EDRs.
— Swissky @ Home (@pentest_swissky) September 11, 2023
Slides: https://t.co/79swsNIWmu https://t.co/kes4GXuV8o
"We discovered 13 vulnerabilities in 6 frameworks, including 12 RCE vulnerabilities.
— 𝚛𝚎𝚣𝟶 (@rez0__) September 11, 2023
...
After testing 51 apps, we found vulnerabilities in 17 apps, 16 of which are vulnerable to RCE."
The latest LLM Security paper is 🔥 Here's a few more details. pic.twitter.com/I8MRcklm1Y
https://arxiv.org/pdf/2309.02926.pdf
Norway’s police intelligence agency PST has charged a 25-year-old Malaysian citizen with spying on the Office of the Prime Minister, the defense ministry and other government offices in Oslo. He allegedly drove around or parked near them in a rental car, and tried to tap into their electronic communications.
PST arrests young Malaysian for spying - Norway's News in English — www.newsinenglish.no
Norway’s police intelligence agency PST has charged a 25-year-old Malaysian citizen with spying on the Office of the Prime Minister, the defense ministry and other government offices in Oslo. He allegedly drove around or parked near them in a rental car, and tried to tap into their electronic communications. “We face quite an extensive investigation and […]
A look at the cyber underworld, and some developments in the C2C markets. A hybrid war makes a hacker diaspora.
UK's NCA and NCSC release a study of the cybercriminal underworld. HijackLoader's growing share of the C2C market. WinRAR vulnerability explained. Spyware in malicious Telegram apps. Russia's hacker diaspora in Turkey. Russian cyber diplomat warns against US escalation in cyberspace. Update on Starlink's availability in the Black Sea.
https://lemire.me/blog/2023/04/27/hotspot-performance-engineering-fails/
The 2023 DOD cyber strategy
https://media.defense.gov/2023/Sep/12/2003299076/-1/-1/1/2023_DOD_Cyber_Strategy_Summary.PDFPentagon-funded study warns dementia among U.S. officials poses national security threat, as Senators Mitch McConnell and Dianne Feinstein — who enjoy privileged access to top secret info — suffer health episodes.https://t.co/TzYRNgRzEZ
— Ken Klippenstein (@kenklippenstein) September 12, 2023
All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk.
— vx-underground (@vxunderground) September 13, 2023
A company valued at $33,900,000,000 was defeated by a 10-minute conversation.
— No Context Brits (@NoContextBrits) September 12, 2023
Tough talk from a kennedy https://t.co/p9Luz9T16t
— eve6 (@Eve6) September 12, 2023
Command and Control Warfare (Old school) – Station HYPO
Command and Control Warfare (C2W) is a military concept that originated in the 1970s during the Cold War era. C2W is the use of information and communication technologies to disrupt an enemy’…
ok this is absolutely *wild*
— gaut (@0xgaut) September 12, 2023
using AI to live translate and sync your lips
pic.twitter.com/qY9xaRFhTb
here's the link for those interested: https://t.co/LWg23AJKhh
— gaut (@0xgaut) September 12, 2023
'[Hotel security] noticed a member [of the PRC delegation] carrying a bag with "unusual dimensions". [Amateur hour from the Chinese.]
— Ravi Nayyar (@ravirockks) September 13, 2023
'... in one of the rooms occupied by the delegation, a hotel employee spotted “suspicious equipment” inside two bags.https://t.co/mcThrUdDkJ
'... requested the delegation members to put the bags through a scanner, but they resisted that...
— Ravi Nayyar (@ravirockks) September 13, 2023
'Their denial, sources say, led to a standoff and was resolved only after the Chinese officials agreed to send the bags to the embassy.
'The security team stood guard outside the hotel room for about 12 hours, but the Chinese officials refused to get their bags checked...'
— Ravi Nayyar (@ravirockks) September 13, 2023
The embassy is closer to South Block and the G20 Summit Venue than the hotel --> Why do Sigint/Elint on bureaucrats/delegates from the hotel?
👀 Fascinating article from @NottsPolitics colleague Bettina Renz on assessments of 🇷🇺 military power before the #UkraineWar.
— Dr. Dan Lomas (@Sandbagger_01) September 13, 2023
🔗 Full article: Western Estimates of Russian Military Capabilities and the Invasion of Ukraine https://t.co/cgdYL2e4Rx
Just saw that this vulnerability I reported to Microsoft was found to be exploited in the wild. Guess we are looking in the right places. Blog and exploit code to be released soon.https://t.co/zCxcs5x8Kb
— chompie (@chompie1337) September 12, 2023
I love KEV.
— Daniel Cuthbert (@dcuthbert) September 12, 2023
Today I noticed a figure that made me uncomfortable. It's a figure that tells me vendors are not taking my security seriously. To think this is the "known" part and not the unknown https://t.co/WCU126lp5j pic.twitter.com/3uEimfqWhW
This new article presents an analysis of espionage against European NATO and/or EU members, based on court convictions in 2010–2021. It provides a first overview of contemporary espionage in Europe. https://t.co/OdqS12FSk3
— Danny Pronk (@DannyPronk2) September 12, 2023
Start the conversation: