- The Grugq's Newsletter
- Posts
- March 21, 2023
March 21, 2023
A very sad day. Kelly was a wonderful person who was always good to talk to. We met over a decade ago at Ekoparty, we had a great time. Over the years we spoke many times. I will miss her.
It is with profound sadness that we mourn the loss of our friend and mentor, @aloria. Kelly had an indomitable spirit, and our world is a bit darker without her.
— SummerCon (@SummerC0n)
1:25 AM • Mar 21, 2023
-
This is a very interesting development. Detecting authorship is a very interesting problem.
GPT-4 is able to infer authorship from a passage of text based on style and content alone.
Given the first four paragraphs of the March 13, 2023 @stratechery post on SVB, GPT-4 identified Ben Thompson as the author.
stratechery.com/2023/the-death…
— Mike Conover (@vagabondjack)
2:59 PM • Mar 19, 2023
-
After a tip from @thegrugq (thanks!) I've added a review of _The Widow Spy_ to . It is an intriguing little book from one of the pioneering female @CIA officers, describing her work in Laos and (mostly) Moscow. Recommended!
— Bert Hubert 🇺🇦 (@bert_hu_bert)
7:12 PM • Mar 20, 2023
-
Do you know how much fun you could have messing with people if you bought this decommissioned FBI spy van?
— Ben Collins (@oneunderscore__)
6:28 PM • Mar 20, 2023
-
🔥New blog: "The Untold Story Of The #BlackLotus UEFI Bootkit".
🔬Binarly REsearch discovered new interesting data points about the nature of the BlackLotus code. It appears it based on the Umap GitHub (2020) or coincidently arrived at the same ideas.
binarly.io/posts/The_Unto…
— BINARLY🔬 (@binarly_io)
6:04 PM • Mar 9, 2023
-
That one time I stayed up all night, found a new remote browser bug in OSX, wrote the exploit, and sent it over to win the first PWN2OWN in one night and had a million google hits for my name for a bit...
— Dino A. Dai Zovi (@dinodaizovi)
3:03 AM • Mar 21, 2023
-
Banning software that is a necessary part of every modern intelligence agency’s toolkit will produce either outlaw agencies or ineffective ones. Neither is desirable.
This story is being framed as the result of “mercenary spyware,” which I believe is a huge mistake. A lawful government agency conducted (what appears to be)1 unethical surveillance. Framing this as a problem of the tools available to spy agencies is actually beneficial to the bad actors here. “Honest guv’, I’m innocent, it was the spyware what made me do it.”
Spy agencies have agency. They aren’t lured into spying by the devious come-hither looks of some software. The decision to conduct an operation targeting this person was made at the agency; and it was either lawful or it was not.
If it was a lawful operation, then the problem is with the law that allows this to happen without sufficient oversight to prevent it.
If it was an unlawful operation, then the problem is with the agency that allows this to happen without sufficient oversight to prevent it.
In either case the problem to be addressed is the system that enabled this to happen, and that system is not the software.
Greek intelligence looking extremely dodgy. “Two people with direct knowledge of the case said that Ms. Seaford had in fact been wiretapped by the Greek spy service from August 2021, the month before the spyware hack, and for several months into 2022.”
— Shashank Joshi (@shashj)
9:42 AM • Mar 21, 2023
-
Congratulations, you just lost the element of surprise. Idiots.
— pourmecoffee (@pourmecoffee)
2:15 AM • Mar 21, 2023
-
.@Meta Manager Was Hacked With Spyware, Wiretapped In Greece
The full story of @ArtemisSeaford, the first known American national to be targeted with Predator in the EU while also being surveilled by the Greek national intelligence service.
nytimes.com/2023/03/20/wor…
— Matina Stevis-Gridneff (@MatinaStevis)
2:58 PM • Mar 20, 2023
-
NO IT'S A TRAP! Remember what happened last time someone was asked this??
— Classical Studies Memes for Hellenistic Teens (@CSMFHT)
8:35 AM • Mar 20, 2023
-
💬 "I've got a story to tell you, it's all about spies".
Today, we're talking counterintelligence.
— Dr. Dan Lomas (@Sandbagger_01)
7:28 AM • Mar 21, 2023
-
Breached administrator Baph has stated the forums will not be returning. He stated in an update today he believes law enforcement has compromised the forum following the arrest of Pompompurin.
Full statement: baph.is/finalupdate.tx…
— vx-underground (@vxunderground)
9:54 AM • Mar 21, 2023
-
CVE-2023–26604: "[...] This presents a substantial security risk when running systemctl from Sudo, because #less executes as root when the terminal size is too small to show the complete systemctl output."
medium.com/@zenmovieforno…
— [email protected] (@0xdea)
8:36 AM • Mar 21, 2023
-
If you’re not familiar with the spyware scandal unfolding in Greece, check out this podcast from @MacroPolis_gr.
— Runa Sandvik (@runasand)
10:58 AM • Mar 21, 2023
-
Important take-away from today's Between Two Nerds by @thegrugq and @tomatospy: As an attacker, vulnerabilities can be proven. As a defender, you can't prove something is not breachable. That's why defensive decisions in orgs are hard to justify.
[10:19+]:— Phillip Kemkes (@pkemkes)
10:43 AM • Mar 21, 2023
-
New video: A 2010 presentation leaked from New Zealand's #SIGINT agency, the #GCSB. It's an update from the #Waihopai (codename #IRONSAND) spy station to the rest of the #5EYES partners: youtu.be/s1ZkLoj3zR8
#HISTINT#Espionage
— Spy Collection (@SpyCollection1)
7:20 PM • Mar 20, 2023
-
'We could be entering an era where IS and Al-Qa’ida are not much more than labels of convenience – evocative brand names that local extremists adhere to while deciding their strategies and tactics for themselves' writes @EFittonBrown.
#RUSICommentary
rusi.org/explore-our-re…— RUSI (@RUSI_org)
9:07 PM • Mar 20, 2023
-
Interesting concepts to improve #fuzzing of closed source software by calculating a "fuzzability score" with a #binaryninja plugin
Excavating Fuzzable Targets Through Static Analysis with Binary Ninja codemuch.tech/2021/06/07/fuz…
Code is here:
— [email protected] (@0xdea)
9:11 AM • Mar 21, 2023
-
Nice #hypervisor#vulnerability!
#Parallels Desktop Toolgate Vulnerability (CVE-2023-27326) blog.impalabs.com/2303_advisory_…
Full #exploit is here: github.com/Impalabs/CVE-2…
// cc @alisaesage
— [email protected] (@0xdea)
8:57 AM • Mar 21, 2023
-
Awesome #hardware#hacking work as usual by @raelizecom 👏
Espressif ESP32: #Glitching The OTP Data Transfer
— [email protected] (@0xdea)
8:22 AM • Mar 21, 2023
-
Wonderful OPSEC on display here. James Craig arrested for poisoning his wife. He searched for “undetectable poison,” though to make sure it was secret he used a work computer. After hours. In the dark. While being watched by an office manager. Then:
James Craig texted that office manager to say he would soon receive a personal package in the mail and she should not open it, according to the affidavit. That package arrived on March 13 and had been opened by another employee. When the office manager looked inside, she saw “a biohazard sticker and what said ‘potassium cyanide’ on a circular canister,” the document reads. She sealed it back up and gave it to James Craig.
Reply