@hatr profile picture
hatr@bsky.social or hatr@infosec.exchange @hatr
Joined June 2009
  • Tweets 258
  • Following 1,148
  • Followers 15,110
136 Photos and videos
just sth I'm tweeting so I can pin it. I'm not really active on this site any longer. if you want to get in touch, you can find me on bsky.app/profile/hatr.bsky.s… infosec.exchange/@hatr
7
1,589
The initial – and most important – finding was that Sky ECC used two servers, and traffic between those wasn't encrypted. More on some of the data this yielded in this thread on metadata. x.com/hatr/status/1849047551…

1
672
Sky used a myriad of methods to encrypt their data, e.g. one (encrypted) key was stored only on the server, deleted from the phone's memory and requested when needed. Alongside TLS etc.
1
547
One key aspect was that the traffic between the servers of Sky ECC, sitting at OVH in France, was unencrypted. This enabled law enforcement to wiretap all and listen in passively. Story in 🇩🇪 at @derStandardat derstandard.at/story/3000000…

Der Fall von Sky ECC: Wie eine der größten Polizeiaktionen Europas ablief

STANDARD-Recherchen zeigen erstmals, wie die Behörden beim Hack der Messenger-App Sky ECC vorgegangen sind – und warum die Aktion rechtlich höchst fragwürdig war

derstandard.at
1
3
8
1,297
This would prove extremely helpful later on, for hacking all of the devices, but for now it put them into the position of having access to a lot of information right out the gate. One thing they could see. Queries to the SQL-database.
2
312
keeps getting wilder x.com/timourazhari/status/18…

Timour Azhari
@timourazhari
17 Sep 2024
BREAKING - Iranian ambassador to Lebanon Mojtaba Amani injured by pager explosion, Iran's Mehr news agency says
1
4
1,100
"The official said some people felt the pagers heat up and disposed of them before they burst" wsj.com/world/middle-east/hu…

Hezbollah Pagers Explode in Apparent Attack Across Lebanon

Lebanon’s health minister said exploding devices across the country injured almost 2,800 people and killed nine, including a child.

wsj.com
1
11
3,522
The hackers started back in 2010, with initial mapping of the infrastructure and then, until 2015, tried to siphon data out of VW networks – repeatedly and successfully so. Even though VW removed the hackers, they kept coming back. zdf.de/nachrichten/wirtschaf…
6
34
3,969
Replying to @MarcelRosenbach @h_munzinger @JumpforJoyce
Kimsuky starts out by casually asking questions, gaining your trust. Then comes malware. Now, they've widened their scope to also go after defense companies, as described in an joint warning by German and South Korean domestic intelligence agencies. zdf.de/nachrichten/digitales…

1
1
19
2,796
Described in the alert is a case of #Kimsuky hacking a defense research center. North KOrea has prioritized strengthening its naval power and the hackers executed a supply-chain-attack through a website maintenance company
1
15
2,596
Titled “Information confrontation in World politics”, Serebriakov lays out his worldview, describing how 🇷🇺 is on the defensive and has to protect itself against the West. Controlling flows of information is one way of doing that, he writes.
1
1
30
7,223
At times, Serebriakov’s writing made it seem like he was in awe of what he clearly thinks the U.S. is capable of. At other times, he adopts conspiratorial thinking. The thesis dates back to 2019, so is pre-war. derstandard.de/consent/tcf/s…

Die paranoide Weltsicht des russischen Staatshackers Serebrjakow

Er leitet Sandworm, eine der gefährlichsten Hackergruppen der Welt: Jewgeni Serebrjakow. Wie dieser Mann denkt, hat er in einer Masterarbeit auf mehr als 90 Seiten ausgeführt

derstandard.de
1
5
29
8,219
When asked if they're running this account, one intelligence agency analyst laughed: "We'd love to take credit", they said. But in their telling, it wasn't them.
1
11
958
In the #Vulkanfiles, we can see references to "Znatok", e.g. somebody installs a virtual machine called "znatok-flat.vdmk". But not much more. So "Znatok" remains a mystery, very much like m4lwatch.
14
1,229
Load more