September 19, 2024
September 19, 2024
New: police have hacked Ghost, an encrypted app used by organized crime. I think this shows a fundamental shift: criminals are no longer on huge platforms like Sky/Encrochat. They're on these disparate platforms, and consumer apps we all use like Signal https://t.co/Uk7PbH9bLI
— Joseph Cox (@josephfcox) September 18, 2024
Indiscriminate by design:
— Dan Black (@DanWBlack) September 18, 2024
"Integrity Technology Group, a PRC-based company, has controlled and managed a botnet active since mid 2021 ... maintained between tens to hundreds of thousands of compromised devices. As of June 2024, the botnet consisted of over 260,000 devices." https://t.co/droq5cXLOk
Excellent talk at the Off-By-One Conference 2024 (@offbyoneconf) "Exploring WebKit’s Just In Time Compilation" by @sherl0ck__
— xvonfers (@xvonfers) September 18, 2024
Presentation video:https://t.co/CZEV5UQYkC
Presentation paper:https://t.co/yx15Wfc2iy
Interesting: seems that the Golden Apollo boss dealt with an Austrian dude name "Tom" (last name unavailable) -- who he never met in person -- at Hungarian co BAC Consulting. Tom had apparently been distributing of Apollo products, and had a new proposal.. https://t.co/BIkqFp9z4i
— Bill Marczak (@billmarczak) September 18, 2024
- The pagers that exploded in Lebanon were actually manufactured in Budapest
— Vera Bergengruen (@VeraMBergen) September 18, 2024
- But a Taiwanese firm authorized the use of its brand on the devices
- The Hungarian firm that manufactured the pagers, BAC Consulting KFT, “appeared to be a shell company”https://t.co/ue1fnA1Rnk
I don’t think I’ve ever seen a grosser string of words than: 'to develop cutting-edge, capital-efficient content creation opportunities.' pic.twitter.com/1CZJJRX7v9
— Joe Russo (@joerussotweets) September 18, 2024
For those into embedded reverse engineering, we released a new Binja plugin for extracting files from firmware/flash dumps.https://t.co/o1YXoTxagj
— Brandon Miller (@zznop_) September 18, 2024
"Please learn from our mistakes. Don't do exactly the same things that we did, or you'll end up in ten years with having nothing to show for it." — Nicholas Carlini urging AI researchers to avoid the pitfalls of past adversarial ML research at the Vienna Alignment Workshop 2024. pic.twitter.com/YRy4Ot5ti5
— FAR.AI (@farairesearch) September 17, 2024
Slides from my @MCTTP_Con talk "A Decade of Active Directory Attacks - What We've Learned & What's Next" are now posted: https://t.co/IOhVdRoNYb pic.twitter.com/5xYbpEX8hL
— Sean Metcalf (@PyroTek3) September 18, 2024
Extracting Credentials From Windows Logs : https://t.co/v8TBzLFdCE pic.twitter.com/nBlFNlHS21
— Binni Shah (@binitamshah) September 18, 2024
🚨More insights into the Kremlin’s disinformation machine, the Social Design Agency.🚨
— Martin Laine (@Martinlaineolen) September 18, 2024
Luckily, the Russians kept detailed records.
Here I am scrolling through tens of thousands (!) of archived fake comments by Russian trolls. #FactoryofFakes🧵
1/11 pic.twitter.com/rwgk4hRJnE
Thread by @Martinlaineolen on Thread Reader App – Thread Reader App
@Martinlaineolen: 🚨More insights into the Kremlin’s disinformation machine, the Social Design Agency.🚨 Luckily, the Russians kept detailed records. Here I am scrolling through tens of thousands (!) of archived fake ...…
A research paper using de-identified smartphone geolocation data of employees of the U.S. Securities and Exchange Commission. ”We provide new insights into the SEC's monitoring practices by tracking SEC-associated devices that visit firm headquarters.” https://t.co/4lxPDVNMBG
— @mikko (@mikko) September 19, 2024
ughh, so Apple knew about the macOS 15 firewall/networking issues?! 😭🫠 pic.twitter.com/B6JHBDICtn
— Patrick Wardle (@patrickwardle) September 19, 2024
Updated with more details -- how 3-5 grams (0.1-0.2 oz) of explosive caused maximum damage @forbes https://t.co/uPrcV1BotD
— David Hambling (@David_Hambling) September 19, 2024