Sicherheitsforscher haben einen Weg gefunden den #AWS #SSM Agent als #Trojaner einzusetzen.
Der SSM Agent läuft u.a. auf #ec2 Instanzen und kommuniziert mit dem Systems Manager Service des Accounts zu dem die EC2 Instanz gehört.
Durch einen Hybrid Modus kann der Agent dazu gebracht werden mit einem anderen Account zu kommunizieren (ggf. dem des Angreifers).
In 2024, there will likely be an California State Ballot Initiative to repeal Proposition 8 and officially codify same-sex and interracial marriage rights in the state. Seeing how this far-right U.S. Supreme Court has now just demonstrated that it will even use fabricated cases to take away our equality, I hope we all get behind this effort. #California #SSM #GayMastodon
На #AWS тепер можно безкоштовно використовувати #UbuntuPro для LTS інстансов. Достатньо мати встановленим #SSM агент (якщо у вас нема його - обовʼязково це зробить)
Единий мінус - для цього треба стопати інстанс, а це може бути проблемою для прод оточень.
Інструкція тут
https://ubuntu.com/tutorials/how-to-upgrade-ubuntu-lts-to-ubuntu-pro-on-aws-using-aws-license-manager#1-overview
Hey Fosstodon, I just published something! - an article on how to extend the use of #aws #ssm Sessions Manager! Excited about this first publication to #fosstodon and could use some feedbacks from this awesome community🚀
Medium Article : bit.ly/3KTUtsH
GitHub Repo : bit.ly/3KPfp2P
Trapped & Traced #GammsGroup #FinFisher 03-13-2023 from new AT&T Motorola Phone under ~$100 🔎☣️🤳👀👀🔍
¹ From Virus Total Scanner:
https://www.virustotal.com/en/file/9b53e0eeb35c173fd0c56b85812c0e59501a8588037dc92b8bac38e916ffdf09/analysis/ #VisualVoicemail
GammaGroup.com Visual voicemail FinFisher Module 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g806efa51f1af4a638b20262b6931f8b0caab56f276834ca58b01afcc4605057e
² From Virus Total Scanner:
https://www.virustotal.com/en/file/5387c9d5a137908cdc7820af51fea018c7b96dcce08a32a1fc20e9b6e64c8738/analysis/ #CarrierHub
GammaGroup From FinFisher CarrierHub 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g13901560905741e48e926e061e01252bfa4ff6e8255f4156b56ca739c4ecaff3
³ From Virus Total Scanner:
https://www.virustotal.com/en/file/433321001cb907c775e4a06c1a2e36861b0d0355a74b4b9d0d1c2e48cce55d4c/analysis/ #MCMClient
GammaGroup FinFisher Module MCMClient 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/gf312aa3fc4174d9b88355ad755e6f24522e795ee3a304d3db07bb0ec7daa702b
⁴ From Virus Total Scanner:
https://www.virustotal.com/en/file/ae22b44ad5381463912046aea7ec541352e22b02f2f0887864807b22473c92ca/analysis/ #MTPHost 📬 Gmail backdoor Client
GammaGroup FinFisher Module MTPHost 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g2579d64499654488a367fc14de7457bb6cd1b7489d0840cf8e0b61baa1d96bd6
⁵
From Virus Total Scanner:
https://www.virustotal.com/en/file/727ed61fe7e6476a4a7e08fcc16447fb74f6df317ea16f483efcf3da709cd4ba/analysis/ #MobileInstaller
GammaGroup FinFisher Module MobileInstaller 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g5af535a69bba4ad6a8db6866f9e46075d42e2e8e0b424cfb93ec7bd473ff2180
⁶ From Virus Total Scanner:
https://www.virustotal.com/en/file/87b87fc66535c3415bffd4cd34c48d67054b9b4b90c4092fa535cb45ed5a0f41/analysis/ #InvisibleNet Motorola
GammaGroup FinFisher Module InvisibleNet 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g01fa7fb9fb744f0d903e473bcd5fbad0a079d61992144621852170d09a81b6c9
⁷ #GammaGroup #FinFisher #FinSpy #Finsky #infosec #detectionkit for #Android apps list & tools involved
¹ Firewall AI -🔎 Blocking / Host Lists 🔍
² VirusTotal App 🔎🤳💻☣️🔍
³ VirusTotal Forensics ENV Read-Only Account 🔎☣️🔍
⁴ PCAPdroid App - PCAP files / Host Lists 🔎🗒️🔍
⁵ Textpad or Text file editor - 🔎📝🔍
⁶ Web2 + Web3 posting 👨💻👩💻💻🖥️💿💾🖨️👀🎧👂
#SSM™ #StateSponsoredMalware™ #investigations by #infosec_jcp
#gammsgroup #finfisher #visualvoicemail #carrierhub #mcmclient #mtphost #mobileinstaller #InvisibleNET #gammagroup #finspy #Finsky #infosec #detectionkit #android #ssm #statesponsoredmalware #investigations #infosec_jcp
So after having a $1200 Samsung phone bricked by #SSM™ #StateSponsoredMalware™ from #GammaGroup's #FinFisher #FinSpy #Finsky I am writing a post analysis of some 'features' to be detailed at a later time when I have time.
Suffice to say some items available include:
¹ Disabling Digitizer
² Disabling the lower part of the
"◀️ ◼️ ⚫" so you can't minimize, go back or home key."
³ Neu use of #QuciksandModule to #BatteryDrain and change the voltage input on the charger and/or altering the 🔋 #battery power display
⁴ #Nuking & #Disabling the #Phone dialer app to make the #CallLog show nothing.
⁵ #Nuking & #Disabling the #Contacts app so you can't add any numbers
⁶ #Corrupting the #Addressbook so that all your #contacts go 💥
⁷ Intermittent Display of items
⁸ #E911Backdoor usage such that even without a #SIMCard comms & even #AirplaneMode overlay shows airplane mode but really the phone is ON the Data network.
⁹ Removal of the #simcard got temporary usage of my phone and it went back to normal use wise but then the #E911Backdoor was data enabled once they got approval.
#ssm #statesponsoredmalware #gammagroup #finfisher #finspy #Finsky #quciksandmodule #batterydrain #battery #nuking #disabling #phone #calllog #contacts #corrupting #addressbook #e911backdoor #simcard #AirplaneMode
So after having a $1200 Samsung phone bricked by #SSM™ #StateSponsoredMalware™ from #GammaGroup's #FinFisher #FinSpy #Finsky I am writing a post analysis of some 'features' to be detailed at a later time when I have time.
Suffice to say some items available include:
¹ Disabling Digitizer
² Disabling the lower part of the
"◀️ ◼️ ⚫" so you can't minimize, go back or home key."
³ Neu use of #QuciksandModule to #BatteryDrain and change the voltage input on the charger and/or altering the 🔋 #battery power display
⁴ #Nuking & #Disabling the #Phone dialer app to make the #CallLog show nothing.
⁵ #Nuking & #Disabling the #Contacts app so you can't add any numbers
⁶ #Corrupting the #Addressbook so that all your #contacts go 💥
#ssm #statesponsoredmalware #gammagroup #finfisher #finspy #Finsky #quciksandmodule #batterydrain #battery #nuking #disabling #phone #calllog #contacts #corrupting #addressbook
So after having a $1200 Samsung phone bricked by #SSM™ #StateSponsoredMalware™ from #GammaGroup's #FinFisher #FinSpy #Finsky I am writing a post analysis of some 'features' to be detailed at a later time when I have time.
Suffice to say some items available include:
¹ Disabling Digitizer
² Disabling the lower part of the
"◀️ ◼️ ⚫" so you can't minimize, go back or home key."
³ Neu use of #QuciksandModule to #BatteryDrain and change the voltage input on the charger and/or altering the 🔋 #battery power display
⁴ #Nuking & #Disabling the #Phone dialer app to make the #CallLog show nothing.
⁵ #Nuking & #Disabling the #Contacts app so you can't add any numbers
⁶ #Corrupting the #Addressbook so that all your #contacts go 💥
#ssm #statesponsoredmalware #gammagroup #finfisher #finspy #Finsky #quciksandmodule #batterydrain #battery #nuking #disabling #phone #calllog #contacts #corrupting #addressbook
So #DataAggregation has been going on since... Forever. iF you don't or even iF you DO pay for the service the data from said services are the currency globally. This is not new.
My suggestion I.S. to use services where #DataSovereignty laws are FOR the consumer of services. But be aware that #GammaGroup and #NSOGroup #target based on a number of factors to break this with their #SSM™ #StateSponsoredMalware ... Easily.
🔎 #Journalists, #PoliticalActivists, #Fortune1000 types are ripe targets in all industries. #WelcomeToAMER 👀👀🔍
https://techcrunch.com/2023/03/08/startups-today-should-terrify-you/
This is a great article that talks around the manipulation web by The Usual Platforms 🙄 😒
#enshittification of #ARPANET1
https://locusmag.com/2023/03/commentary-cory-doctorow-end-to-end/
#dataaggregation #datasovereignty #gammagroup #nsogroup #target #ssm #statesponsoredmalware #journalists #politicalactivists #fortune1000 #welcometoamer #enshittification #arpanet1
So was digging back on my #TWTR timeline during the #Pandemic and found a real banger story I was plate spinning which has a #StateSponsoredMalware #SSM™ angle as well as a #PDFSpearPhishing component of a shady #HousingEvictionSpecialist who is well known in the #BayArea , #BrianScarsbeckLaw who is now working with #ToddRothsbardLaw for Todd. Hi Todd! 👋
So, I did a traceback on this #SpearPhishingPDF that Brian Scarsbeck was serving to HIS CLIENTS AND POTENTIAL CLIENTS which compromises their clients computer and allows full access into said clients systems.
Use of #FinFisher #FinSpy #Finsky client #investigations
#HousingEvictionFraud using #MetaBrigades #GangStalkers who organized a coordinated effort to harass me while I worked for #CiscoSystems.
☣️👋 #Investigations by #infosec_jcp ☣️👋
Thread:
https://mobile.twitter.com/infosec_jcp/status/1448069568254124037
#twtr #pandemic #statesponsoredmalware #ssm #pdfspearphishing #housingevictionspecialist #bayarea #brianscarsbecklaw #toddrothsbardlaw #spearphishingpdf #housingiskey #COVID19 #infosec #investigations #finfisher #finspy #Finsky #housingevictionfraud #metabrigades #gangstalkers #ciscosystems #infosec_jcp
So was digging back on my #TWTR timeline during the #Pandemic and found a real banger story I was plate spinning which has a #StateSponsoredMalware #SSM™ angle as well as a #PDFSpearPhishing component of a shady #HousingEvictionSpecialist who is well known in the #BayArea , #BrianScarsbeckLaw who is now working with #ToddRothsbardLaw for Todd. Hi Todd! 👋
So, I did a traceback on this #SpearPhishingPDF that Brian Scarsbeck was serving to HIS CLIENTS AND POTENTIAL CLIENTS which compromises their clients computer and allows full access into said clients systems.
Use of #FinFisher #FinSpy #Finsky client #investigations
#HousingEvictionFraud using #MetaBrigades #GangStalkers who organized a coordinated effort to harass me while I worked for #CiscoSystems.
☣️👋 #Investigations by #infosec_jcp ☣️👋
Thread:
https://mobile.twitter.com/infosec_jcp/status/1448069568254124037
#twtr #pandemic #statesponsoredmalware #ssm #pdfspearphishing #housingevictionspecialist #bayarea #brianscarsbecklaw #toddrothsbardlaw #spearphishingpdf #housingiskey #COVID19 #infosec #investigations #finfisher #finspy #Finsky #housingevictionfraud #metabrigades #gangstalkers #ciscosystems #infosec_jcp
So was digging back on my #TWTR timeline during the #Pandemic and found a real banger story I was plate spinning which has a #StateSponsoredMalware #SSM™ angle as well as a #PDFSpearPhishing component of a shady #HousingEvictionSpecialist who is well known in the #BayArea , #BrianScarsbeckLaw who is now working with #ToddRothsbardLaw for Todd. Hi Todd! 👋
So, I did a traceback on this #SpearPhishingPDF that Brian Scarsbeck was serving to HIS CLIENTS AND POTENTIAL CLIENTS which compromises their clients computer and allows full access into said clients systems.
#HousingIsKey #COVID19 #infosec #investigations #FinFisher #FinSpy #Finsky #investigations #HousingEvictionFraud #Investigations by #infosec_jcp
Thread:
https://mobile.twitter.com/infosec_jcp/status/1448069568254124037
#twtr #pandemic #statesponsoredmalware #ssm #pdfspearphishing #housingevictionspecialist #bayarea #brianscarsbecklaw #toddrothsbardlaw #spearphishingpdf #housingiskey #COVID19 #infosec #investigations #finfisher #finspy #Finsky #housingevictionfraud #infosec_jcp
So was digging back on my #TWTR timeline during the #Pandemic and found a real banger story I was plate spinning which has a #StateSponsoredMalware #SSM™ angle as well as a #PDFSpearPhishing component of a shaded #HousingEvictionSpecialist who is well known in the #BayArea , #BrianScarsbeckLaw who is now working with #ToddRothsbardLaw for Todd. Hi Todd! 👋
So, I did a traceback on this #SpearPhishingPDF that Brian Scarsbeck was serving to HIS CLIENTS AND POTENTIAL CLIENTS which compromises their clients computer and allows full access into said clients systems.
#HousingIsKey #COVID19 #infosec #investigations #FinFisher #FinSpy #Finsky #investigations #HousingEvictionFraud #Investigations by #infosec_jcp
Thread:
https://mobile.twitter.com/infosec_jcp/status/1448069568254124037
#twtr #pandemic #statesponsoredmalware #ssm #pdfspearphishing #housingevictionspecialist #bayarea #brianscarsbecklaw #toddrothsbardlaw #spearphishingpdf #housingiskey #COVID19 #infosec #investigations #finfisher #finspy #Finsky #housingevictionfraud #infosec_jcp
Detection And Monitoring Of Small-Scale Diamond And Gold Mining Dredges Using Synthetic Aperture Radar On The Kadéï (Sangha) River, Central African Republic
--
https://doi.org/10.3390/rs15040913 <-- shared paper
--
#GIS #spatial #mapping #remotesensing #SyntheticApertureRadar #radar #satellite #SAR #dredges #artisanalmining #smallscalemining #ASM #radardetection #goldmining #illegalmining #mining #Africa #centralafricanrepublic #CAR #KadeiRiver #Sangha #diamonds #gold #monitoring #survey #detection #spatialanalysis #spatiotemporal #SSM #technology #data #hydrology #rivers
#gis #spatial #mapping #remotesensing #syntheticapertureradar #radar #satellite #sar #dredges #artisanalmining #smallscalemining #asm #radardetection #goldmining #illegalmining #mining #africa #centralafricanrepublic #car #kadeiriver #sangha #diamonds #gold #monitoring #survey #detection #spatialanalysis #spatiotemporal #ssm #Technology #data #hydrology #rivers
Today I got four more IP's from four different IP ranges calling back as #System app from a #GammaGroup #FinFisher #FinSpy #Finsky desperately trying to reach 🔎 #Google's, #AWS , #Twitter and another #CloudFront (not shown).🔍🧙♂️🤔
Edit: See attached direct IPs and FQDNs. ☣️
So desperate this #CarrierHub #SSM™ #malware #UIUX #infosec #DetectionWithoutSoftware 👀👀 #ForcedMDM demo
#system #gammagroup #finfisher #finspy #Finsky #google #aws #twitter #cloudfront #carrierhub #ssm #malware #uiux #infosec #detectionwithoutsoftware #forcedmdm
Today I got four more IP's from four different IP ranges calling back as #System app from a #GammaGroup #FinFisher #FinSpy #Finsky desperately trying to reach 🔎 #Google's, #AWS , #Twitter and another #CloudFront (not shown).🔍🧙♂️🤔
Edit: See attached direct IPs and FQDNs. ☣️
So desperate this #CarrierHub #SSM™ #malware #UIUX #infosec #DetectionWithoutSoftware 👀👀 demo
#system #gammagroup #finfisher #finspy #Finsky #google #aws #twitter #cloudfront #carrierhub #ssm #malware #uiux #infosec #detectionwithoutsoftware
#NSOGroup #Pegasus #malware #SSM™ #court ☣️👨⚖️👩⚖️☣️
#news #journalism #RTDNA #StateSponsoredMalware #infosec
☣️👩⚖️👨⚖️ Now do #GammaGroup's #FinFisher #FinSpy #Finsky from #Google! ☣️👩⚖️👨⚖️ 👀👀
#nsogroup #pegasus #malware #ssm #court #news #journalism #rtdna #statesponsoredmalware #infosec #gammagroup #finfisher #finspy #Finsky #google