Archive (Page 4) • the grugq's newsletter

June 19, 2024 Fun Twitter search of the day: parsejson creditshttps://t.co/eSd1bAKIyB#bots #chatgpt— Alec Muffett (@AlecMuffett) June 18, 2024 Russia forgot...

June 18, 2024 Hackers who stole Ticketmaster data from Snowflake account appears to have accessed data through a contractor named EPAM Systems. EPAM has...

June 17, 2024 Video of the Keynote talk from last T2 infosec conference in history: 𝒮𝒴𝒮𝒯𝐸𝑀𝒮 𝒜𝐿𝒞𝐻𝐸𝑀𝒴. By @thegrugq. https://t.co/5NrHNuNAmA— @mikko (@mikko)...

June 16, 2024 Here are the slides from my @WarConPL presentation about Large Language Models and their security implications: https://t.co/nqynAfRnCX—...

June 15, 2024 Ea-nasr moves into the titanium market Boeing and Airbus may have used 'counterfeit' titanium in planes, FAA saysThe Federal Aviation...

June 14, 2024 Today’s must read thread. The House Homeland Security Committee is beginning its hearing with Microsoft President @BradSmi about the company's...

June 13, 2024 SoftBank’s new AI makes angry customers sound calm on phone | The Asahi Shimbun: Breaking News, Japan News and AnalysisGood news for call...

June 12, 2024 microsoft: Exploit Code Unporoven me: i literally gave you a compiled PoC and also exploit code m$: No exploit code is available, or an exploit...

June 11, 2024 The New York Times source code leaked by a 4chan userA user on the online forum 4chan has leaked a massive 270GB of data belonging to The New...

June 10, 2024 We have a (draft) @metasploit exploit module in the queue for CVE-2024-4577, the new PHP CGI argument injection vuln disclosed yesterday. h/t...

June 9, 2024 As another dinosaur who knows the ancient dance, I feel you @daveaitel. While I get the need for better tooling, the modern approach of...

June 8, 2024 another day, another BONTO https://t.co/blglxQOfYI pic.twitter.com/EgsIJ8yNaR— not wint (@drilhistorian) June 6, 2024 Breaking News: William...

June 7, 2024 🚨NEW: Last Christmas Eve, @newsbreakApp, a free app with roots in China that is the most downloaded news app in the U.S. published an alarming...

June 6, 2024 Study shows banning false information traffickers online can improve public discourse Post-January 6th deplatforming reduced the reach of...

June 5, 2024 Russian citizens have lost $2.8 billion to phone scammers in 2023. Deputy Board Chairman of Russia Sberbank Stanislav Kuznetsov says the...

June 4, 2024 I recently found an exploitable timing leak in the reference implementation of Kyber (ML-KEM), the soon-to-be NIST standard for post-quantum key...

June 3, 2024 We are happy to share our slides for TyphoonCon 2024 and the exploit code for v8ctf. We hope this will be helpful for those who study browser...

June 1, 2024 I’m not freaking out that the year is half over, you’re freaking out! Microsoft told media outlets a hacker cannot exfiltrate Copilot+ Recall...

May 31, 2024 SIREN 1: you absolutely cannot make them do it again SIREN 2: I really can i'll do it right now SIREN 3: is this a nice thing to be doing SIREN...

May 30, 2024 May 22nd security research @GossiTheDog was able to get Microsoft Recall. His wrote a long thread on Mastodon regarding it. The full thread is...

May 29, 2024 Given the recent data released from the publishing industry, I estimate there are ~500 non-celebrity book authors making a living. Meanwhile,...

May 28, 2024 it's so cool that they fed every reddit shitpost into this thing and there's probably no way to fix it now pic.twitter.com/W0I0wjbeAx— lauren...

May 27, 2024 just finished a new blogpost on how i exploited the V8 javascript engine at a CTF! it's a beginner friendly journey from a memory corruption to...

May 26, 2024 "Spy" is also interchangeable with "idiot".https://t.co/buyTvjpoQ5 via @MailOnline— Dr. Dan Lomas (@Sandbagger_01) May 23, 2024 Great free book...

May 25, 2024 https://www.antipope.org/charlie/blog-static/2024/05/on-mistaking-a-transient-state.html...

May 24, 2024 BORN TO CODE KERNEL IS A FUCK Compile Em All C89 I am mailing list man 410,757,864,530 CVEs https://t.co/IpCMclFydq— chompie (@chompie1337) May...

May 23, 2024 Google AI overview suggests adding glue to get cheese to stick to pizza, and it turns out the source is an 11 year old Reddit comment from user...

May 22, 2024 Abusing url handling in iTerm2 and Hyper for code execution | Vin01’s BlogWhat are escape sequences My data protection assessment of TLS Session...

May 21, 2024 So you want to get into bug hunting huh? Well this blog post by @assetnote is a perfect example of the flow, the itch, the scratch and...

May 20, 2024 Because Soviets worked to have tight political/civilian control over the nuclear forces one of the challenges was maintaining constant...

May 18, 2024 #ICYMI: IT workers infiltrated more than 300 U.S. companies, earning millions in North Korean illicit revenue generation scheme....

May 17, 2024 A belated writeup about macOS snapshot fuzzing I talked about last year: https://t.co/s4JzidEqm5 Builds on @0vercl0k 's WTF and adds loading of...

May 16, 2024 Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach | Ars TechnicaEbury backdoors SSH servers in hosting...

May 15, 2024 I'm back from Offensive Con. Was great to meet up with friends and meet new people. Inside a low budget consumer hardware espionage implant...

May 10-11-12, 2024

May 10-11-12, 2024 I was having too much fun at offensive con to read anything. I wholeheartedly endorse Offensive Con. Had a great time, even if some ppl I...

May 9, 2023 Excited to share my latest article: "Russia’s Declining Satellite Reconnaissance Capabilities and Its Implications for Security and International...

May 8, 2024 Announcement: Expect some disruption to the newsletter this week as I’ll be at OffensiveCon in Berlin. If you’re around feel free to say hello....

May 7, 2024 This is excellent. Today Lockbit ransomware group's website has been seized (again). The new server hijack mocking asks Lockbit ransomware group...

The Revolution in Military Media Affairs

The Revolution in Military Media Affairs Shifting Dynamics of the Information Environment during Conflicts While watching this interview I had some thoughts....

May 6, 2024 People adapt to systems, because changing systems is hard North Yorkshire Council to phase out apostrophe use on street signs - BBC NewsA North...

May 5th, 2024 The Attritional Art of War: Lessons from the Russian War on Ukraine | Royal United Services InstituteIf the West is serious about the...

May the 4th, 2024

May the 4th, 2024 Be with you. CZ taking action against APT28: "In the context of the upcoming European elections, national elections in a number of European...

May 3, 2024 The McAfee central America Travel Guide - Who Is McAfee?As all of my close friends know, I have not always been a teetotalling, drug fighting...

May 2, 2024 A Phantom’s Tale: The Coyote Influencer on TikTok - bellingcatHe had tens of thousands of followers and posted regularly about his alleged people...

May 1, 2024 Happy May Day! LABScon23 Replay | From Vulkan to Ryazan – Investigative Reporting from the Frontlines of Infosec, by @hatr...

April 30, 2024 Wow wow wow wow First there were "The Americans", now there are "The Czechs": Husband and wife outed as GRU spies aiding bombings and...

April 29, 2024 Interesting reading on antivirus evasion techniques for beginners Credits @gatarieehttps://t.co/D2CApg1fXT#infosec #evasion...

April 28, 2024 Excellent LPE write-up by @gabe_k , where he details how suspected compiler changes lead to the introduction of double fetch vulnerabilities....

April 27, 2024 Exploiting the NT Kernel in 24H2: New Bugs in Old Code & Side Channels Against KASLR by @gabe_k https://t.co/E7PhfD8TbR— lander (@landaire)...

April 26, 2024 Absolutely wild story. A Baltimore County principal was seemingly caught on recorded audio making blatantly racist and anti-Semitic comments....