September 5, 2022

Never reveal information for free! Only trade it for something of equal or greater value. — extreme edition.

When NOFORN is more important than bilateral relationships.

Electrospaces @electrospaces

In 2013, #NSA director Keith Alexander didn't inform his British counterpart that they had identified Snowden, leaving #GCHQ investigating its own ranks in the search for the leaker until Snowden’s identity was eventually revealed by the Guardian:

theguardian.comUS asked British spy agency to stop Guardian publishing Snowden revelationsHead of GCHQ rebuffed late-night request from National Security Agency amid strained relations in Five Eyes intelligence coalition

1:18 PM ∙ Sep 4, 2022

---

23Likes9Retweets

-

KiwiFarms was dropped by their Russian host / anti-DDoS provider. The admin seems to have thrown in the towel for at least a week.

Kevin Beaumont @GossiTheDog

Kiwi Farms is down across all domains as their Russian DDoS provider terminated them as a customer. Cloudflare ignored them for years, btw. Kiwifarms.ru Kiwifarms.top etc

10:01 AM ∙ Sep 5, 2022

---

1,507Likes356Retweets

-

Dreadnought Holiday @TheDreadShips

This thing here - an example of the dangers of leaving ships with low melting points in the hot sun - is HMS Glatton. And last month I went to visit it.

10:44 AM ∙ Sep 4, 2022

---

808Likes101Retweets

-

keffals #DropKiwifarms @keffals

When we took it upon ourselves to get Cloudflare to drop Kiwi Farms, we had no idea Joshua Moon’s company 1776 Solutions, LLC hosted anything else. Apparently we have inadvertently de-platformed a neo-nazi group based in New Zealand.

8:01 AM ∙ Sep 4, 2022

---

24,871Likes4,191Retweets

-

wint @dril

In 1980, audiences delighted in watching the Blues Brothers ravage a shopping mall with a car. Today, we understand they were wrong to do so

10:53 AM ∙ Sep 3, 2022

---

13,424Likes1,391Retweets

-

@mikko @mikko

Netzpolitik has published a chapter about Law Enforcement Malware from my new book. Excerpted with permission from John Wiley & Sons, Inc. netzpolitik.org/2022/mikko-hyp… @WileyTech

netzpolitik.orgMikko Hyppönen: The first time we encountered law enforcement malwareMikko Hyppönen is a security expert and author. In an excerpt from his new book “If It’s Smart, It’s Vulnerable” he writes about government malware and the techniques of law enforcers. He also reveals how he learnt about German law enforcement malware and how the Chaos Computer Club made sure that e…

3:06 PM ∙ Sep 4, 2022

---

41Likes17Retweets

-

Call to update the UKs computer crimes law.

Ciaran Martin @ciaranmartinoxf

Pleased to put my name to the open letter to the new administration on the case for updating the Computer Misuse Act. It's not, I hope, a divisive issue. The Govt isn't doing anything wrong. It's just that legislation from 1990 on the misuse of computers is obviously out-of-date

Gareth Corfield @GazTheJourno

Britain's ISPs, together with @ciaranmartinoxf and parts of the UK infosec industry, have written to 10 Downing Street demanding reform of the Computer Misuse Act to protect white-hat hackers. Writeup in @telebusiness by @matthfield and me https://t.co/hdS8Gi84Hv

11:17 AM ∙ Sep 5, 2022

---

57Likes25Retweets

-

Anders_Tengström @TengstromAnders

Russian railways are grinding to a halt - why? Because they can't replace worn out bearings on their train carriers. Why can't they do that? Because Swedish SKF closed their factory in Tver (RU) in mars and the output produced was for the RU railways.

youtu.beWestern sanctions have stopped Russian railway industry: Kremlin is panickingNo bearings: Russian railway could come to a halt due to the unexpected shortages. Due to sanctions, Russian enterprises cannot produce and repair railway-ca...

9:33 AM ∙ Sep 4, 2022

---

2,056Likes417Retweets

-

I know this will come up so I’m including it, but I am not at all convinced by the claims of Knysh. I’ve asked around and been told to take anything he says with a huge grain of salt. Although someone did say words to the effect, “at least hot air makes fog.” [that is: “It is good if the Russians are unsure of what is happening in cyber”]

FLASH @Flash_news_ua

⚡️The Russians gave the coordinates of a military base to Ukrainian hackers who were posing as attractive women. IT specialist and founder of the Hackyourmom group Mykyta Knysh told about this in an interview with the Financial Times. Knysh also shared that his team succeeded:

4:26 PM ∙ Sep 4, 2022

---

1,277Likes194Retweets

FLASH @Flash_news_ua

- show news stories on Russian TV about civilians killed in Ukraine; - break thousands of video surveillance cameras in Belarus and in the Russian-occupied parts of Ukraine; - hack and steal databases of Russian military contractors.

4:26 PM ∙ Sep 4, 2022

---

482Likes55Retweets

This is an exception to the above. There are open mechanisms for getting targeting information to the Ukraine military. There’s literally an app for that! And catfishing young Russian soldiers seems plausible. Plus the FT says they verified the photos. However, getting in the news to say you personally targeted Russian soldiers for death is a risky move. Avoid windows in tall buildings.

Lukasz Olejnik @lukOlejnik

Interesting tactic of (non-government) operators. Campaign to get geotagged photos from Russian soldiers via chat, pretending to be women; then giving the data to Ukraine's army for the bases to be blown up. Would be a direct involvement in war effort? ft.com/content/f4d25b…

Lukasz Olejnik @lukOlejnik

My article, analysis, op-ed in @WIRED about smartphone apps letting Ukrainians report Russian forces. Such capability blurs the lines between civilians (to be protected by international humanitarian law) and combattants, the core principle of distinction. https://t.co/3eWE7diWI7

4:56 PM ∙ Sep 4, 2022

---

34Likes21Retweets

-

“Metaverse poses unique privacy threats”

Barry Dorrans @blowdart

Oh now I see why meta wants to be a metaverse so badly. arxiv.org/abs/2207.13176

1:11 AM ∙ Sep 5, 2022

---

92Likes47Retweets

-

No paper / report as of yet.

Byron Wan @Byron_Wan

🇨🇳 National Computer Virus Emergency Response Center and 🇨🇳 security products provider 360 release a report claiming Northwestern Polytechnic University (西北工业大学), one of 🇨🇳’s 7 major defense-related universities, was hacked by 🇺🇸 NSA’s TAO in June. cverc.org.cn/head/zhaiyao/n…

3:12 AM ∙ Sep 5, 2022

---

39Likes17Retweets

-

The absolute best way to spend about 30 minutes today.

Patrick Gray @riskybusiness

Our latest Between Two Nerds podcast with @tomatospy and @thegrugq is up! risky.biz/BTN4 Subscribe to our new Risky Business News RSS feed here: risky.biz/subscribe

3:31 AM ∙ Sep 5, 2022

---

11Likes3Retweets

-

An in-depth report on the defeat of the Syrian army (with massive Russian support) in 2019 by a group of guerrillas with small arms.

https://international-review.org/battle-for-kabani-a-rare-defeat-for-the-syrian-army/

-

kmkz @kmkz_security

Supervisor mode execution protection (SMEP) breaking-bits.gitbook.io/breaking-bits/…

+ pwn. college helper environment for kernel development and exploitation:

github.comGitHub - ChrisTheCoolHut/Linux_kernel_exploitation: https://breaking-bits.gitbook.io/breaking-bits/exploit-development/linux-kernel-exploit…https://breaking-bits.gitbook.io/breaking-bits/exploit-development/linux-kernel-exploit-development - GitHub - ChrisTheCoolHut/Linux_kernel_exploitation: https://breaking-bits.gitbook.io/breaking-b...

6:29 PM ∙ Sep 3, 2022

---

44Likes15Retweets

-

Nicholas says, NGDP Targeting Now! 🏳️‍🌈🌐🇺🇦 @captgouda24

The Chinese Communist Revolution was one of the most leveling events in history. The land of the better off was confiscated, and those who were wealthy were denied education. Yet, none of that mattered. Those who wealthy before, went back on top. nber.org/system/files/w…

2:59 AM ∙ Sep 3, 2022

---

9,307Likes2,015Retweets

-

Łukasz @maldr0id

This is a thread for people wondering about “Jonathan Scott” (a.k.a jonathandata1). He is an abusive person who makes grand, unsubstantiated claims about large cybersecurity incidents. These claims usually lack logic and are severely misguided. Let me explain in this 🧵👇

7:54 PM ∙ Sep 4, 2022

---

672Likes164Retweets