Today's GRU indictment is an incredible document. The Five Eyes intelligence communities, I would suspect, must have stunning visibility into Russian military intelligence operations if today's disclosures are considered dispensable justice.gov/opa/press-rele…
Note: Russian military intelligence camouflaged as North Korean
Whoever wrote that paragraph probably had a smirk on their face
Possibly the first indictment with a Mr. Robot reference
Defendant Kovalev is having a bad day today
🕵️🕵️🕵️ ... when the FBI outlines a GRU operation for an indictment, complete with exploit codenames, but somehow forgets to mention that those exploits were developed and named by the NSA ...
How it started: How it's going:
Also, just kudos to the FBI for consistently including names in non-Latin alphabets
• • •
Missing some Tweet in this thread? You can try to
force a refresh
An observation on the Taurus leak that I have not seen elsewhere (could have missed it):
The intercepted recording starts with BG Frank Graefe, in Singapore, saying "Hallo," to which the response is "Moin Moin Herr General, Hauptmann Irrgang hier." "Servus." (A common greeting)
Irrgang: "I would add you now, if you like."
Graefe: "Thank you."
Then: automated Webex voice: "You are accessing the conference now."
My interpretation: the general, from a hotel room in Singapore, likely did not join by URL, but called a staff officer to phone-connect him into the meeting. The intercept likely started before entering the Webex session. So that leaves us with two most probable scenarios:
Some of you asked. So here are a few reflections on how I've started using Twitter moving forward—and whatever will come to replace it. Some of you may want to do the same.
Because this approach works even if—when, really—Twitter itself has disappeared.
Posts on Twitter, or Mastodon, are a bit like public events with drinks afterwards: crucial for inspiration, for meeting people, for keeping up-to-date. But what really matters are the human-to-human connections, not the platform of choice. Bear with me.
Hugely significant, precedent-setting outcome of the biggest insurance trial related to a cyberattack ever (I think): NotPetya was not "hostile or warlike action," insurers must pay $1.4B to Merck, ruled New Jersey appellate division judges Monday wsj.com/articles/merck…
Perhaps not how you articulate a winning argument.
This story is interesting. But it straight-up takes my quote out of context. Not great.
Bottom line: I told @josephmenn that I *do not* believe the Russian figures and boasting intercepted and publicized here is credible, in line with historical precedent washingtonpost.com/technology/202…
GlavNIVT's "report" should be treated with a great deal of caution. Surprised the analyst writing this didn't include a stronger caveat.
Quoting me as the main person supporting the "drew alarm" line there strikes me as a very poor choice. I was not and am not alarmed by this figure. It is exactly the kind of boasting and self-deception that you would expect from a disinformation shop in an authoritarian system.
This week Google/Mandiant published a blockbuster report on cyber ops in the context of the Russian invasion of Ukraine. Google is probably, next to Microsoft, the company with the most high-res visibility into CNE/CNA in and around the war. A few thoughts blog.google/threat-analysi…
This report is impressive work by a company that has invested an extraordinary amount of resources into defending Ukraine. Google, like Microsoft, deserves credit for doing the right thing and for publishing a big-picture, analytical report on cyber operations in Ukraine.
Also worth nothing that these two firms probably have more comprehensive telemetry than most SIGINT agencies today. Each of them.
Last week I was a student for five days, five hours per day—with ChatGPT fully integrated into teaching. Here's what we learned, just in time for Spring Term (which starts tomorrow. Class was Malware Analysis, taught by @juanandres_gs@alperovitch) alperovitch.sais.jhu.edu/five-days-in-c…
AI isn’t going to replace people. People who use AI well will replace people who don’t use AI well.
Our little educational experiment with ChatGPT @alperovitch made it into the FT, of sorts