Curly Cyber

Happy to announce that @ArielJT and myself will be delivering another round of 'The North Korean AV Anthology', depicting a collage of sketchy DPRK-made security solutions at #TheSAS2020. Come see us!pic.twitter.com/q5tcPaQwDF

The @TheSAScon agenda is live! This is an example of the quality (back-to-back-to-back) https://thesascon.com/program pic.twitter.com/fan6SVMUef

We published our research "An Overhead View of the Royal Road" (English version) #JSAC2020 #CPX360 https://nao-sec.org/2020/01/an-overhead-view-of-the-royal-road.html … https://github.com/nao-sec/materials/blob/master/JSAC%2BCPRCon2020/An_Overhead_View_of_the_Royal_Road.pdf …pic.twitter.com/AxfVn6dfTV

بيروت.. مدينة الأمل والسلام.. حتى إشعار آخر .. تصوير حسين مللا - @APpic.twitter.com/TxU4lrN4Vk

This is a thumbnail of the video that Saudi Arabia's Mohammad Bin Salman's WhatsApp account sent to Jeff Bezos, which investigators believe is connected to a hack of his phone https://www.vice.com/en_us/article/v74v34/saudi-arabia-hacked-jeff-bezos-phone-technical-report …pic.twitter.com/KjagFhV3fs

CSRF + XSS + SMS spoofing + Android deep link URL redirection Great example of chaining low impact vulnerabilities in #TikTok to remotely manipulate account content -delete user video -upload user video -make "private" videos "public" https://research.checkpoint.com/2020/tik-or-tok-is-tiktok-secure-enough/ … via @_CPResearch_pic.twitter.com/10DSkSwth4

Twitter discloses new Saudi state-backed information operation https://blog.twitter.com/en_us/topics/company/2019/new-disclosures-to-our-archive-of-state-backed-information-operations.html …pic.twitter.com/PwtW0SbfX0

There's some NSO news today, but I'd like to enlist Twitter's help to find more. Here's how you can pitch in: About a month ago, WhatsApp began issuing messages to 1,400 targets of Pegasus spyware, sending in-app "green badge" warnings to users. Here's what they look like:pic.twitter.com/XBuCw3bBi1

Update: 90 hours after #Iran implemented a near-total internet shutdown, connectivity continues to flatline at just 5% of ordinary levels Iranians deserve access to the outside world like everyone else #Internet4Iran #IranProtests https://netblocks.org/reports/internet-disrupted-in-iran-amid-fuel-protests-in-multiple-cities-pA25L18b …pic.twitter.com/32QZ9Vhbol

Update: #Iraq has woken to a fourth day of near-total internet shutdowns, with growing concern that blackouts are hindering the documentation of human rights violations; connectivity at 35% of normal levels; incident ongoing #insm_iq #IraqProtests https://netblocks.org/reports/iraq-shuts-down-internet-again-as-protests-intensify-Q8oOWz8n …pic.twitter.com/utcuD5sX7b

When I got into cybersecurity, I totally underestimated the amount of time I'd be spending hunting down high-quality icons with transparent backgrounds for slide decks.pic.twitter.com/5URGk5j1MV

Top #Android #malware threats - Month of October, 2019 Full list - (link: http://skptr.me/malware_timeline_2019.html …) Download (most of the) samples - (link: https://github.com/sk3ptre/AndroidMalware_2019 …) #infosec #securitypic.twitter.com/G3L7Eaj8WG

More details about an actor targeting SMB companies with ransomware - #BitPaymer/#DopplePaymer ? Look at our latest post with @SecurityBeard & @_vventura: https://blog.talosintelligence.com/2019/11/c2-with-it-all.html … He's not only playing with ransomware but also with RAT and Point-of-Sale malware - #TinyPOS.pic.twitter.com/bomH3lNOpk