September 5, 2022

                September 5, 2022

            September 5, 2022

            Never reveal information for free! Only trade it for something of equal or greater value. — extreme edition.
When NOFORN is more important than bilateral relationships. 
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

Electrospaces @electrospaces
In 2013, #NSA director Keith Alexander didn't inform his British counterpart that they had identified Snowden, leaving #GCHQ investigating its own ranks in the search for the leaker until Snowden’s identity was eventually revealed by the Guardian:
theguardian.comUS asked British spy agency to stop Guardian publishing Snowden revelationsHead of GCHQ rebuffed late-night request from National Security Agency amid strained relations in Five Eyes intelligence coalition1:18 PM ∙ Sep 4, 2022
23Likes9Retweets
-
KiwiFarms was dropped by their Russian host / anti-DDoS provider. The admin seems to have thrown in the towel for at least a week. 
Kevin Beaumont @GossiTheDogKiwi Farms is down across all domains as their Russian DDoS provider terminated them as a customer. 

Cloudflare ignored them for years, btw. 

Kiwifarms.ru Kiwifarms.top etc 
10:01 AM ∙ Sep 5, 2022
1,507Likes356Retweets
-
Dreadnought Holiday @TheDreadShips
This thing here - an example of the dangers of leaving ships with low melting points in the hot sun - is HMS Glatton.

And last month I went to visit it. 
10:44 AM ∙ Sep 4, 2022
808Likes101Retweets
-
keffals #DropKiwifarms @keffals
When we took it upon ourselves to get Cloudflare to drop Kiwi Farms, we had no idea Joshua Moon’s company 1776 Solutions, LLC hosted anything else. Apparently we have inadvertently de-platformed a neo-nazi group based in New Zealand. 
8:01 AM ∙ Sep 4, 2022
24,871Likes4,191Retweets
-
wint @dril
In 1980, audiences delighted in watching the Blues Brothers ravage a shopping mall with a car. Today, we understand they were wrong to do so10:53 AM ∙ Sep 3, 2022
13,424Likes1,391Retweets
-
@mikko @mikkoNetzpolitik has published a chapter about Law Enforcement Malware from my new book. Excerpted with permission from John Wiley & Sons, Inc. netzpolitik.org/2022/mikko-hyp… @WileyTech
netzpolitik.orgMikko Hyppönen: The first time we encountered law enforcement malwareMikko Hyppönen is a security expert and author. In an excerpt from his new book “If It’s Smart, It’s Vulnerable” he writes about government malware and the techniques of law enforcers. He also reveals how he learnt about German law enforcement malware and how the Chaos Computer Club made sure that e…3:06 PM ∙ Sep 4, 2022
41Likes17Retweets
-
Call to update the UKs computer crimes law. 
Ciaran Martin @ciaranmartinoxf
Pleased to put my name to the open letter to the new administration on the case for updating the Computer Misuse Act. It's not, I hope, a divisive issue. The Govt isn't doing anything wrong. It's just that legislation from 1990 on the misuse of computers is obviously out-of-date 
Gareth Corfield @GazTheJourno
Britain's ISPs, together with @ciaranmartinoxf and parts of the UK infosec industry, have written to 10 Downing Street demanding reform of the Computer Misuse Act to protect white-hat hackers. Writeup in @telebusiness by @matthfield and me https://t.co/hdS8Gi84Hv11:17 AM ∙ Sep 5, 2022
57Likes25Retweets
-
Anders_Tengström @TengstromAnders
Russian railways are grinding to a halt - why? 

Because they can't replace worn out bearings on their train carriers. 

Why can't they do that?

Because Swedish SKF closed their factory in Tver (RU) in mars and the output produced was for the RU railways.
youtu.beWestern sanctions have stopped Russian railway industry: Kremlin is panickingNo bearings: Russian railway could come to a halt due to the unexpected shortages. Due to sanctions, Russian enterprises cannot produce and repair railway-ca...9:33 AM ∙ Sep 4, 2022
2,056Likes417Retweets
-
I know this will come up so I’m including it, but I am not at all convinced by the claims of Knysh. I’ve asked around and been told to take anything he says with a huge grain of salt. Although someone did say words to the effect, “at least hot air makes fog.” [that is: “It is good if the Russians are unsure of what is happening in cyber”]
FLASH @Flash_news_ua
⚡️The Russians gave the coordinates of a military base to Ukrainian hackers who were posing as attractive women. IT specialist and founder of the Hackyourmom group Mykyta Knysh told about this in an interview with the Financial Times.

Knysh also shared that his team succeeded:4:26 PM ∙ Sep 4, 2022
1,277Likes194Retweets
FLASH @Flash_news_ua
- show news stories on Russian TV about civilians killed in Ukraine;
- break thousands of video surveillance cameras in Belarus and in the Russian-occupied parts of Ukraine;
- hack and steal databases of Russian military contractors.4:26 PM ∙ Sep 4, 2022
482Likes55Retweets
This is an exception to the above. There are open mechanisms for getting targeting information to the Ukraine military. There’s literally an app for that! And catfishing young Russian soldiers seems plausible. Plus the FT says they verified the photos. However, getting in the news to say you personally targeted Russian soldiers for death is a risky move. Avoid windows in tall buildings.
Lukasz Olejnik @lukOlejnikInteresting tactic of (non-government) operators. Campaign to get geotagged photos from Russian soldiers via chat, pretending to be women; then giving the data to Ukraine's army for the bases to be blown up. Would be a direct involvement in war effort? ft.com/content/f4d25b…  
Lukasz Olejnik @lukOlejnik
My article, analysis, op-ed in @WIRED about smartphone apps letting Ukrainians report Russian forces. Such capability blurs the lines between civilians (to be protected by international humanitarian law) and combattants, the core principle of distinction. https://t.co/3eWE7diWI7
4:56 PM ∙ Sep 4, 2022
34Likes21Retweets
-
“Metaverse poses unique privacy threats”
Barry Dorrans @blowdartOh now I see why meta wants to be a metaverse so badly. arxiv.org/abs/2207.13176
1:11 AM ∙ Sep 5, 2022
92Likes47Retweets
-
No paper / report as of yet. 
Byron Wan @Byron_Wan🇨🇳 National Computer Virus Emergency Response Center and 🇨🇳 security products provider 360 release a report claiming Northwestern Polytechnic University (西北工业大学), one of 🇨🇳’s 7 major defense-related universities, was hacked by 🇺🇸 NSA’s TAO in June.

cverc.org.cn/head/zhaiyao/n… 
3:12 AM ∙ Sep 5, 2022
39Likes17Retweets
-
The absolute best way to spend about 30 minutes today.
Patrick Gray @riskybusinessOur latest Between Two Nerds podcast with @tomatospy and @thegrugq is up!

risky.biz/BTN4

Subscribe to our new Risky Business News RSS feed here:

risky.biz/subscribe 
3:31 AM ∙ Sep 5, 2022
11Likes3Retweets-
An in-depth report on the defeat of the Syrian army (with massive Russian support) in 2019 by a group of guerrillas with small arms.

https://international-review.org/battle-for-kabani-a-rare-defeat-for-the-syrian-army/

-
kmkz @kmkz_securitySupervisor mode execution protection (SMEP) 
breaking-bits.gitbook.io/breaking-bits/…

+ pwn. college  helper environment for kernel development and exploitation:
github.comGitHub - ChrisTheCoolHut/Linux_kernel_exploitation: https://breaking-bits.gitbook.io/breaking-bits/exploit-development/linux-kernel-exploit…https://breaking-bits.gitbook.io/breaking-bits/exploit-development/linux-kernel-exploit-development - GitHub - ChrisTheCoolHut/Linux_kernel_exploitation: https://breaking-bits.gitbook.io/breaking-b...6:29 PM ∙ Sep 3, 2022
44Likes15Retweets
-
Nicholas says, NGDP Targeting Now! 🏳️‍🌈🌐🇺🇦 @captgouda24The Chinese Communist Revolution was one of the most leveling events in history. The land of the better off was confiscated, and those who were wealthy were denied education. Yet, none of that mattered. Those who wealthy before, went back on top.
nber.org/system/files/w… 
2:59 AM ∙ Sep 3, 2022
9,307Likes2,015Retweets
-
Łukasz @maldr0id
This is a thread for people wondering about “Jonathan Scott” (a.k.a jonathandata1).
He is an abusive person who makes grand, unsubstantiated claims about large cybersecurity incidents. These claims usually lack logic and are severely misguided. 
Let me explain in this 🧵👇7:54 PM ∙ Sep 4, 2022
672Likes164Retweets
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

                Don't miss what's next. Subscribe to the grugq's newsletter: