Archive (Page 12) • the grugq's newsletter

May 11, 2023 pic.twitter.com/npCldqb1UG— Satan (@s8n) May 9, 2023 The tool lets you search for intersecting features within a certain radius of...

May 10, 2023 Good news for Corellium! Apple just lost its lawsuit trying to ban iOS virtual machines | TechRadar iOS VMs for research are legit, and legal,...

May 9, 2023 ⛓️Diving deeper into MSI leak, it has been discovered that one of the leaked keys (bxt_dbg_priv_key.pem) is associated with Intel Orange or OEM...

Why WWII US Bombers Ditched Tracers

$ · May 9, 2023

Why WWII US Bombers Ditched Tracers When the US entered world war two tracers were a standard part of the ammunition belts in bomber machine guns. Tracers...

May 8, 2023 Modern inflatable decoy tanks, and other military vehicles. So cool! https://www.inflatechdecoy.com See also https://t.co/Fy9fcF3BJZ— Adam...

May 7, 2023 What people call “mental illness” is most often the result of pathological, radicalized network configurations. See my paper...

May 6, 2023 Really nice exploitation here! https://t.co/ehBTI8Ajw9— ϻг_ϻε (@steventseeley) May 5, 2023 lol I knew about the Wikipedia editor with 90,000+...

May 5, 2023 https://twitter.com/ruby_stevens/status/1653868622320680960 MemProcFS memory analysis and forensics v5.6 released! FindEvil with built-in Yara...

May 3, 2023 [2304.14717] faulTPM: Exposing AMD fTPMs' Deepest Secrets Trusted Platform Modules constitute an integral building block of modern security...

May 2, 2023 Apple has just released the first Rapid Security Response for Ventura – The Eclectic Light Company Apple has just released the first of its new...

May 1, 2023 Happy May Day Twitter is complying with a far higher percent of demands from governments for user data & takedowns since the acqusition, and...

April 30, 2023 hall of fame disclosure here lol https://t.co/lPkKTrdA8k pic.twitter.com/S2pp0pWO5c— DEI Lead at British East India Co. (@AnikVJoshi) April...

April 29, 2023 On the Road to Failure Presentations and pitch decks by the largest business failures and corporate frauds...

April 28, 2023 First up-close images of Mars’s little-known moon Deimos Images from the UAE’s Hope mission suggest that the moonlet’s composition is similar...

April 27, 2023 So, I think I figured out how these edited casualty counts came about. The first public mention of them was through the pro-Russia Donbass...

April 26, 2023 I clicked on an ad and saw this in the url &utm_campaign=NC_Conv_babyboomers and I've never been so offended— GonzoHacker (@GonzoHacker) April...

April 25, 2023 Administrivia: Sorry about the last couple newsletters. There is a bug in the newsletter provider’s code. The preview shows proper embedding,...

April 24, 2023 Apologies for the previous newsletter. INVISV: "What can the Cretaceous-Paleogene (K-Pg) extincti…" - IOC.exchange What can the Cretaceous-...

April 23, 2023 Administrivia: I have migrated to buttdown.email which supports markdown, has embeds for Twitter and Mastodon and even has an API. I'm still...

April 22, 2023 https://www.youtube.com/watch?v=w8q24QLXixo https://twitter.com/janlemnitzer/status/1649426904460546048...

April 21, 2023 China building cyber weapons to hijack enemy satellites, says US leak via @FT (£) https://t.co/foagowZQp0— Ciaran Martin (@ciaranmartinoxf)...

Google embargo on another linux kernel issue found by @_esoj1 and I finally lifted... here is the advisory: https://t.co/ZQ9EmEvtwW— Rodrigo Branco...

https://grugq.beehiiv.com/p/april-17-2023 - - New blog post: Data Driven Detection Engineering. In which I argue for stronger software engineering skills in...

https://grugq.beehiiv.com/p/april-16-2023 Next week I will be able to migrate the mailing list over to Beehiiv. This will hopefully be one of the last...

https://grugq.beehiiv.com/p/april-15-2023 Try this ^^ - New: the bombs weren't real. Neither was the voice. We've traced some of the nationwide swatting wave...

Announcement I am trying out Beehiiv as a replacement for Substack, given how Substack is no longer supported by Twitter. If the newsletter changes...

In retrospect, this seems like a bad idea. - The #VulkanFiles were shared with a media org through its @SecureDrop server, the source never revealing their...

Biden is visiting Norther Ireland and the locals have put up welcome signs. - Microsoft just patched a Critical vulnerability we found in the Message Queuing...

This sucks. I think I will have to actively seek a solution because this is no fun. The Info Op is a reader-supported publication. To receive new posts and...

- FTX stored private keys to its crypto wallets in AWS 🫠 pic.twitter.com/IFoLwBhmzZ— Molly White (@molly0xFFF) April 9, 2023 - *youth pastor voice* you know...

- Mark Mossberg @offlinemarkUpdate: I started a Youtube channel!🎥 In addition to writing, I've found that I really enjoy recording screencasts Currently...

Leaked top secret documents were posted on a Discord server called, “Thug Shaker Central.” Possibly as early a January. They spread to other servers and to...

Twitter cuts off Substack embeds and starts suspending bots Twitter now disables likes, replies, and retweets if a tweet has Substack links - The Verge...

Cyber doctrine?

$ · April 7, 2023

One of the more amazing things that the US military did was their force restructuring program in the 1970s. They thought about what sort of wars they would...

Substack and Twitter are fighting, or one/both of them is non functional. Substack insists on converting Twitter links into embedded tweets. Great! Except...

Joseph Cox @josephfcoxNew: the IRS wants to buy an internet mass monitoring tool. This tool allows investigators to see what is happening on the wider...

clem @clementbriensMeet the FSB contractor: 0Day Technologies An investigation into the FSB’s digital surveillance and disinformation contractor (🧵) clement-...

SLF @slffishOur Q1 selection OpenSSH Pre-Auth Double Free CVE-2023-25136 jfrog.com/blog/openssh-p… Dota 2 Under Attack: How a V8 Bug Was Exploited in the...

- Yesterday's Print @yesterdaysprintThe Tampa Tribune, Florida, April 1, 1939 6:00 PM ∙ Apr 1, 2023140Likes30Retweets - Ian Coldwater 📦💥 @IanColdwaterok this...

Jan Lemnitzer @JanLemnitzerIf this is a supply chain attack them it is a very well chosen target as the critical services it provides to the UK government...

AI and the American Smile A really good critique of AI images. The training data is on photos of modern Americans, who have a certain cultural conditioning...

Between Two Nerds: The Real Problem with TikTok The best podcast has released another episode. https://risky.biz/BTN30/ - Google finds more Android, iOS...

Cannot recommend this highly enough Dan Black @DanWBlackGrateful to @IISS_org for the opportunity to share some thoughts around the success of Ukraine’s...

Sarah McLaughlin @sarahemclaughI wrote about this issue earlier this year when Twitter complied with India's demands to censor a BBC doc. It laid bare the...

- Matthew Green @matthew_d_greenThe future of censorship-resistant communications is going to be distributing LLMs trained on dissident content, rather than...

Mike Eckel @Mike_Eckelfascinating, granular details in this FBI affidavit unsealed last night about a Russian intel agent who created a false Brazilian...

raptor@infosec.exchange @0xdeaCurrently catching up with some not-so-recent papers... I love this one from 2021 by @marcograss and @0xKira233! Over The Air...

Brendan Dolan-Gavitt @moyixTwo interesting security examples from the recently-released paper from MSR "Sparks of Artificial General Intelligence: Early...

Aristotle Tzafalias @Aristot73Open source libraries should stop forcing their way into the code base of billion $ companies. just stop! Sam Altman @samawe...

David Buchanan @David3141593holy FUCK. Windows Snipping Tool is vulnerable to Acropalypse too. An entirely unrelated codebase. The same exploit script works...