New: police have hacked Ghost, an encrypted app used by organized crime. I think this shows a fundamental shift: criminals are no longer on huge platforms like Sky/Encrochat. They're on these disparate platforms, and consumer apps we all use like Signal https://t.co/Uk7PbH9bLI

— Joseph Cox (@josephfcox) September 18, 2024

Indiscriminate by design:

"Integrity Technology Group, a PRC-based company, has controlled and managed a botnet active since mid 2021 ... maintained between tens to hundreds of thousands of compromised devices. As of June 2024, the botnet consisted of over 260,000 devices." https://t.co/droq5cXLOk

— Dan Black (@DanWBlack) September 18, 2024

Excellent talk at the Off-By-One Conference 2024 (@offbyoneconf) "Exploring WebKit’s Just In Time Compilation" by @sherl0ck__

Presentation video:https://t.co/CZEV5UQYkC
Presentation paper:https://t.co/yx15Wfc2iy

— xvonfers (@xvonfers) September 18, 2024

Interesting: seems that the Golden Apollo boss dealt with an Austrian dude name "Tom" (last name unavailable) -- who he never met in person -- at Hungarian co BAC Consulting. Tom had apparently been distributing of Apollo products, and had a new proposal.. https://t.co/BIkqFp9z4i

— Bill Marczak (@billmarczak) September 18, 2024

- The pagers that exploded in Lebanon were actually manufactured in Budapest
- But a Taiwanese firm authorized the use of its brand on the devices
- The Hungarian firm that manufactured the pagers, BAC Consulting KFT, “appeared to be a shell company”https://t.co/ue1fnA1Rnk

— Vera Bergengruen (@VeraMBergen) September 18, 2024

I don’t think I’ve ever seen a grosser string of words than: 'to develop cutting-edge, capital-efficient content creation opportunities.' pic.twitter.com/1CZJJRX7v9

— Joe Russo (@joerussotweets) September 18, 2024

For those into embedded reverse engineering, we released a new Binja plugin for extracting files from firmware/flash dumps.https://t.co/o1YXoTxagj

— Brandon Miller (@zznop_) September 18, 2024

"Please learn from our mistakes. Don't do exactly the same things that we did, or you'll end up in ten years with having nothing to show for it." — Nicholas Carlini urging AI researchers to avoid the pitfalls of past adversarial ML research at the Vienna Alignment Workshop 2024. pic.twitter.com/YRy4Ot5ti5

— FAR.AI (@farairesearch) September 17, 2024

Slides from my @MCTTP_Con talk "A Decade of Active Directory Attacks - What We've Learned & What's Next" are now posted: https://t.co/IOhVdRoNYb pic.twitter.com/5xYbpEX8hL

— Sean Metcalf (@PyroTek3) September 18, 2024

Extracting Credentials From Windows Logs : https://t.co/v8TBzLFdCE pic.twitter.com/nBlFNlHS21

— Binni Shah (@binitamshah) September 18, 2024

🚨More insights into the Kremlin’s disinformation machine, the Social Design Agency.🚨

Luckily, the Russians kept detailed records.

Here I am scrolling through tens of thousands (!) of archived fake comments by Russian trolls. #FactoryofFakes🧵

1/11 pic.twitter.com/rwgk4hRJnE

— Martin Laine (@Martinlaineolen) September 18, 2024

A research paper using de-identified smartphone geolocation data of employees of the U.S. Securities and Exchange Commission. ”We provide new insights into the SEC's monitoring practices by tracking SEC-associated devices that visit firm headquarters.” https://t.co/4lxPDVNMBG

— @mikko (@mikko) September 19, 2024

ughh, so Apple knew about the macOS 15 firewall/networking issues?! 😭🫠 pic.twitter.com/B6JHBDICtn

— Patrick Wardle (@patrickwardle) September 19, 2024

Updated with more details -- how 3-5 grams (0.1-0.2 oz) of explosive caused maximum damage @forbes https://t.co/uPrcV1BotD

— David Hambling (@David_Hambling) September 19, 2024