Feb 4, 2023

Nice. Ukraine’s security service hacked a zoom-call between moscow and the quislings in Ukraine. And officially notified the latter that they’re charged with treason.

And then let them listen to 🇺🇦 anthem.

#StandWithUkraine

— olexander scherba🇺🇦 (@olex_scherba)
9:29 AM • Feb 4, 2023

I have to admit it seemed silly at first but it costs nothing to use less harmful language

— ACABylon Bot, LLC (@ACABylonBee)
5:52 PM • Feb 2, 2023

The intelligence officer in #Germany unmasked as a #Russian agent and charged with treason has been identified: Carsten Linke, 52. A "rising star" in the BND, Linke handled foreign SIGINT, some related to Ukraine, all of which he sold to Moscow.

— Kyle Orton (@KyleWOrton)
12:03 AM • Feb 4, 2023

Mr. President, a second balloon has been spotted.

— jordan (@JordanUhl)
1:18 AM • Feb 4, 2023

Today in 1961, the first “Looking Glass” EC-135 airborne command post went aloft from SAC HQ at Offutt AFB, Nebraska, ensuring the ability to fight a nuclear war if SAC were destroyed. For more than 29 years—until July 24, 1990—at least one aircraft was continuously airborne.

— Stephen Schwartz (@AtomicAnalyst)
4:29 PM • Feb 3, 2023

We're updating our course on the economics of information security, which is used by many universities and other organisations worldwide: lightbluetouchpaper.org/2023/02/04/sec…

— Ross Anderson (@rossjanderson)
9:36 AM • Feb 4, 2023

Cryptophone service "Exclu" has been dismantled; 79 searches & 42 arrests took place in a/o NL, DE & BE, incl. owners & operators of Exclu.

The Exclu app cost € 800 per 6 months. It had ~3k users, ~750 of whom speak Dutch.

News release (Feb 3, in Dutch) https://t.co

— Matthijs R. Koot (@mrkoot)
5:27 PM • Feb 3, 2023

MITRE Cyber Resiliency Engineering Framework (CREF) Navigator crefnavigator.mitre.org/navigator

Free visualization tool to allow organizations to customize their resiliency goals, objectives & techniques, aligned w/NIST SP 800-160, Vol. 2 (Rev. 1).

Press release: httpbusinesswire.com/news/home/2023…p

— Matthijs R. Koot (@mrkoot)
2:38 PM • Feb 3, 2023

„An employee belonging to the company reportedly used the GIS data during a test and left a database online without securing it. Investigators said the hacker found the data through a search engine 'that wasn't Google'.“

— Stefan Stockhammer (@St0cki)
7:52 AM • Feb 4, 2023

Software Supply Chain Attacks: An Illustrated Typological Review (.pdf, January 2023, 50pp) css.ethz.ch/content/dam/et…

By Sean Cordey, former Researcher in the Risk and Resilience Team at @CSS_ETHZurich and currently Associate for Cyber and Digital Policy at @ICRC 👏.

— Matthijs R. Koot (@mrkoot)
9:17 AM • Feb 4, 2023

Our #rapid7 blog about an 0-day being actively exploited in Forta GoAnywhere:

— Ron Bowes (@iagox86)
4:42 PM • Feb 3, 2023

Well done @frycos, such a sweet pre-auth RCE!

— ϻг_ϻε (@steventseeley)
8:37 AM • Feb 4, 2023

Handbook to combat CBRN disinformation (4.3MB .pdf, Jan 2023, 122pp) unicri.it/sites/default/…

A @UNICRI report on countering misleading & deceptive info re: chemical, biological, radiological & nuclear (CBRN) threats.

By Francesco Marelli & Mariana Diaz Garcia (@marianadiaz@MarianaDiaz_Gaco

— Matthijs R. Koot (@mrkoot)
10:05 AM • Feb 4, 2023

Retired Air Force Intelligence Officer Had Hundreds of Classified and Secret Files at His Florida Home: Military.com

— Electrospaces (@electrospaces)
10:47 AM • Feb 4, 2023

New p-code emulator for fuzzing based on ghidra sleigh. Full system fuzzing perf comparable to qemu, CmpLog support etc.

Icicle: A Re-designed emulator for greybox firmware fuzzing arxiv.org/pdf/2301.13346…

— Richard Johnson (@richinseattle)
7:13 AM • Feb 4, 2023