🧵 View Thread
🧵 Thread (21 tweets)
This is why I don't work in Information Technology anymore. I have twice had superiors unironically complaining about people clicking things in emails when the actual problem was persistent root kit spread via autoruns on network shares randomly downloading new fake-AV payloads. https://t.co/475oGrnDAW
Watching download things from C&C server via wireshark... and showing it to my bosses. Also showing them the way that they persist after having windows reinstalled on them, and how even a new HDD doesn't matter due to the network share.
I watched this a few days ago. Things are going to get a lot worse.https://t.co/eXtbXjBKVt
Watching supply chain attacks scale out and looking at the future as people are inspired by the ideas.https://t.co/Qy9cH1sEDR
Attacks go from "merely hypothetical" to "now people are using them to push advertising and large scale tracking via audio modems". Because ideas like to inspire people.https://t.co/AZzycgjFc5
Ya'll got any of them anti-rootkit root-kits?https://t.co/LknviHJtCmOr are you just moving the attack surface around?https://t.co/XZrn2bV7O8
One of the largest bank heist ever to happen used no guns. https://t.co/DOzGBlr3g5https://t.co/zYk3JBfoMG
So how do you solve the scaling problem? Build a platform. https://t.co/HKXNj9QYOS
Soon: the world's largest hacking group, has no hackers?Now you're a market maker, harry.https://t.co/cNpxlGs8EO
Prebuilt reverse proxy to the mothership."designed to authenticate an endpoint and enable domain scripts to run as soon as the machine powers on. This is useful because it allows admins to manage large fleets of machines without knowing the password"https://t.co/RNy0dN381j
Growth market. This.https://t.co/jqtvWaYIa5
This is how you build skynet. https://t.co/mdhYYIuPUJ
Another fun thing is this information exfiltration group that probably has hundreds of crowdworkers. They have the Modus Operandi of modern "AI" systems that just farm work out to paid employees. https://t.co/QSBZU8odmU
Data is the new Oil.You can mine oil with people. But without an economic incentive, people don't typically care about oil.And the incentives to mine data are booming.https://t.co/hzAyKuRQ1Y https://t.co/BbV1qGR5c4
and now google is recommending me a video on how to pwn x86"what we're gonna see today is an architectural solution for ring -2 privilege escalation" 🤔https://t.co/GNexg4Tb0R
So to fight this, we'd have to hack our own system and install an anti-rootkit rootkit in ring -2 while also recreating the bios code so the system would functional without issue.Also, video implicitly suggests a supply chain attack vector https://t.co/5dnDCvGmrI
Side Channel Attack your own computer to detect malicious code and hijacked hardware by just cataloguing the entire EMF spectrum. DARPA ain't fsck'ing around.https://t.co/NsJ7cav7qz
So can that run in reverse? Can we inject code by using high energy EMF and timing attacks?https://t.co/wd8UEM0UEd
Tired: @internetofshit Wired: internetofspies"Personalized Advertising Computational Techniques: A Systematic Literature Review, Findings, and a Design Framework" 🤮https://t.co/sqN3Bx8d3Q