By the way, this is precisely the kind of a problem prevented with SBOMs. "Mossad-installed explosive payload" would readily stand out.

— lcamtuf (@lcamtuf) September 17, 2024

🇩🇪 prosecutors appear to be able to deanonymize Tor by tapping servers, for years (!) and doing "timing analysis". In one case – Ricochet, related to CSAM – they did this four times, ordered telco provider to identify customer connecting to entry nodehttps://t.co/CIKshiP4se

— hakan (@hatr) September 18, 2024

Important story! Such traffic correlation attacks are known risk in Tor’s threat model, but this is one area where machine learning technique may make these attacks more practical

— Donncha Ó Cearbhaill (@DonnchaC) September 18, 2024

Fortunately most regular Tor browser users should not have major risk. Ricochet runs a local onion service. An attacker with the onion service address can send active traffic to the target to create a recognisable traffic pattern

— Donncha Ó Cearbhaill (@DonnchaC) September 18, 2024

The ability to do active probing makes onion service guard discovery attacks much more practical and difficult to defend against than targeting browsing users. Tor is still, by far, the most secure tool for private browsing, but more efforts needed on timing and metadata analysis

— Donncha Ó Cearbhaill (@DonnchaC) September 18, 2024

Slides and recording from my "SLUB Internals for Exploit Developers" talk at @LinuxSecSummit yesterday 🥳

Slides: https://t.co/wleH6nJDeW
Slides PDF: https://t.co/1x5cvc6wjh
Recording: https://t.co/jjzxebiBOp https://t.co/8FXC0Wfkju pic.twitter.com/E0dB8nrDun

— Andrey Konovalov (@andreyknvl) September 17, 2024

Read via open access 👉 our new piece '#Russian #Sabotage in the #Gig-Economy Era' w/ @kloosha, @magda_long & @PatrickBury in The RUSI Journal. Many 🙏 to @RUSI_org for this opportunity!

See more on what we argue 👇https://t.co/3gVokmt8S8

— Dr Daniela Richterova (@dRichterova) September 17, 2024

By the way, this is precisely the kind of a problem prevented with SBOMs. "Mossad-installed explosive payload" would readily stand out.

— lcamtuf (@lcamtuf) September 17, 2024

While dusting off some old stuff, I came across some old logs and sample. Here's some live PCAP files from back in July 2010 when I was watching some Stuxnet implants across Iran, living their last days of life. Probably first ever public traffic samples?https://t.co/2PyW3MR3zL

— Hamid Kashfi (@hkashfi) September 17, 2024

💡Chainalysis Successful Deanonymization Attack on Monerohttps://t.co/3eSUygIKzQ

— Dark Web Informer (@DarkWebInformer) September 17, 2024

If you’re interested in getting started in cryptography, check out the crypto 101 course by Dr. Alfred Menezes from UWaterloo.https://t.co/cevF3j5OTb

He’s planning on publishing the lectures from his Applied Cryptography course, which was my introduction to the field.

— Nick Sullivan (@grittygrease) September 17, 2024

Exploding pagers via a potential supply chain attack is a new threat vector unseen at this scale before

Also unseen at this scale and exploding is my strategy for B2B sales

🧵👇

— rekdt (@rekdt) September 17, 2024

NOT EVERYONE WAS KUNG FU FIGHTING MOM SOME OF US WERE TRYING TO BREAK IT UP

— Viktor Winetrout (@Cpin42) February 8, 2023

💥Incredible story https://t.co/aH9VqPXmIP pic.twitter.com/vip7OAfOQG

— Noga Tarnopolsky נגה טרנופולסקי نوغا ترنوبولسكي (@NTarnopolsky) September 17, 2024

Exploding smartphones?

In 2021, a GPS tracker implant was found in an iPhone in Russia. The iPhone was replaced with a smaller battery to create an extra space for the tracker, and reassembled back. This appears to be a specific case rather than a supply chain attack. pic.twitter.com/BPV55TuEuY

— Mobile Hacker (@androidmalware2) September 18, 2024

🚨 Our amazing #FUZZING'24 keynotes are online!

"Reasons for the Unreasonable Success of Fuzzing" by Thomas Dullien (@halvarflake) https://t.co/Q0tyqEiqv6

"Is 'AI' useful for fuzzing?" by Brendan Dolan-Gavitt (@moyix) https://t.co/EqdkWNxI8C

//@mboehme_, @lszekeres

— Yannic Noller (@yannicnoller) September 17, 2024