September 8, 2024
September 8, 2024
Cracking an old ZIP file to help open source the ANC's "Operation Vula" secret crypto code
This is quite cool.
John Graham-Cumming's blog: Cracking an old ZIP file to help open source the ANC's "Operation Vula" secret crypto code
It's not often that you find yourself staring at code that few people have ever seen, code that was an important part in bringing down the a...
#SpyNews - week 36 (September 1-7):
โ Spy Collection (@SpyCollection1) September 8, 2024
A summary of 91 espionage-related stories from week 36 coming from ๐ณ๐ฌ๐ง๐ท๐ฐ๐ท๐ต๐ฐ๐บ๐ธ๐ป๐ณ๐ณ๐ด๐ท๐บ๐ฉ๐ฟ๐ฒ๐ฆ๐ฆ๐บ๐พ๐ช๐ฎ๐ฑ๐ณ๐ฑ๐ญ๐บ๐จ๐ณ๐ฌ๐ง๐ง๐ช๐บ๐ฆ๐ณ๐ฟ๐ซ๐ท๐ณ๐จ๐น๐ท๐ท๐ด๐ท๐ธ๐ฑ๐ง๐ฉ๐ช๐ต๐ฑ๐ฆ๐ฑ๐ต๐ญ๐ฎ๐ฉ๐ถ๐ฆ๐ฐ๐ต๐ฑ๐ป๐ง๐พ๐น๐ผ๐ฎ๐ท๐ฉ๐ฐ๐ช๐ช๐ฏ๐ต๐จ๐ฑ๐จ๐ฆ๐จ๐ฟ๐จ๐ฉ๐ฆ๐ด๐ฆ๐ช๐ฒ๐ฌ๐ธ๐ฆ๐ธ๐ฐ๐ฎ๐ณ๐ณ๐ต๐ธ๐ฌ๐ญ๐ฐ๐ธ๐ช๐ช๐ฌ๐ฑ๐พ https://t.co/r2KcrQFSkD#Espionage #OSINT #HUMINT #SIGINT #Spy
Series by @quarkslab on dynamically hooking Golang programs
โ 0xor0ne (@0xor0ne) September 8, 2024
Part 1: https://t.co/RYjBvVHQi9
Part 2: https://t.co/gzuyIThaNW
Part 3: https://t.co/vgKvJphE2x#golang #infosec pic.twitter.com/TePvShzkyG
Passport
Forwarding TCP ports through Passkey servers to bypass censorship.
GitHub - c-skills/passport
Contribute to c-skills/passport development by creating an account on GitHub.
WHOSE BODY WAS IT??? pic.twitter.com/nTlBibw3Px
โ SarcasticRover (@SarcasticRover) September 8, 2024
Hypervisors are way more useful than you think.
โ LaurieWired (@lauriewired) September 7, 2024
A great example is the AVF (Android Virtualization Framework). This recently-added feature allows code to execute inside it's own VM, with isolated memory space from the host.
Imagine a banking app written with AVF in mind. Evenโฆ pic.twitter.com/Lrs0d8Xwv1
imagine that.https://t.co/M5Gk7BZvdA https://t.co/G2Qj9K1okw pic.twitter.com/AbSggDOrzK
โ Jโฉโmieโก๏ธBSides๐ โVโ (@jamieantisocial) September 7, 2024
Listening to Richard Moore & Bill Burns at Kenwood House. https://t.co/nNE7FiOEvA pic.twitter.com/fYCnmebkH4
โ Shashank Joshi (@shashj) September 7, 2024
ChromeKatz: Dump cookies and credentials directly from Chrome/Edge process memory https://t.co/uZpm3XGKu2
โ Spiros Fraganastasis (@m3g9tr0n) September 7, 2024
> What Chainanalysis does is, get the cheapest VPS in OVH and setup a reverse proxy to some real nodes. Then they advertise it on https://t.co/aBjCDU8FQ2 etc. and use it to trace TXs to IPs.
โ Rotten (@rottenwheel1) September 8, 2024
< I see. So they see the tx. It looks to the wallet like it's a real node, but they areโฆ
crash.js will just crash with an OOB writehttps://t.co/J6ny4k8Mhk
โ xvonfers (@xvonfers) September 7, 2024
leak_hole.js will use the OOB access to leak the hole objecthttps://t.co/vwGCQrEaqz
Exploit:https://t.co/t6sz0tw01q https://t.co/s5WadrXM5c