mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.

Administered by:

Server stats:

9.6K
active users

#ModifiedElephant

0 posts0 participants0 posts today
📡 RightToPrivacy & Tech Tips<p>🔓 Anti-Encryption Laws Are Deadly &amp; Real-world Examples Threaten Journalism</p><p>(made with <a href="https://fosstodon.org/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOSS</span></a> <a href="https://fosstodon.org/tags/Kdenlive" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kdenlive</span></a>)</p><p><a href="https://fosstodon.org/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://fosstodon.org/tags/chatcontrol" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>chatcontrol</span></a> <a href="https://fosstodon.org/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> <a href="https://fosstodon.org/tags/e2ee" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>e2ee</span></a> <a href="https://fosstodon.org/tags/journalism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>journalism</span></a> <a href="https://fosstodon.org/tags/ethics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ethics</span></a> <a href="https://fosstodon.org/tags/backdoors" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backdoors</span></a> <a href="https://fosstodon.org/tags/StanSwami" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StanSwami</span></a> <a href="https://fosstodon.org/tags/ModifiedElephant" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ModifiedElephant</span></a> <a href="https://fosstodon.org/tags/RestrictAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RestrictAct</span></a> <a href="https://fosstodon.org/tags/EarnItBill" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EarnItBill</span></a> <a href="https://fosstodon.org/tags/EarnItAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EarnItAct</span></a> <a href="https://fosstodon.org/tags/freespeech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>freespeech</span></a> <a href="https://fosstodon.org/tags/freeExpression" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>freeExpression</span></a> <a href="https://fosstodon.org/tags/HumanRights" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HumanRights</span></a> <a href="https://fosstodon.org/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://fosstodon.org/tags/peertube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>peertube</span></a> <a href="https://fosstodon.org/tags/tilvids" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tilvids</span></a> <a href="https://fosstodon.org/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://fosstodon.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> </p><p><a href="https://tilvids.com/w/1eBFN8q7HvhqAUsbGCPJ1T" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tilvids.com/w/1eBFN8q7HvhqAUsb</span><span class="invisible">GCPJ1T</span></a></p>
Robert Jan Mora<p>The first anchored narrative of 2023 has just been released! This time it is quite an explosive one of an in-depth malware forensic follow-up on the famous Bhima Koregaon case, where a nation-state threat actor named&nbsp;<a href="https://infosec.exchange/tags/ModifiedElephant" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ModifiedElephant</span></a> planted evidence on the computers of several activists in India and; as a result, have been put in jail. In this anchored narrative, the latest report V from Arsenal Consulting will be covered as well as their <a href="https://infosec.exchange/tags/MemoryForensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MemoryForensics</span></a> techniques they applied to reconstruct the uploading of incriminating documents to the computer of an 84-year-old Jesuit Priest, Father Stan Swamy. I was interviewed to review that case by award-winning journalist Niha Masih from The Washington Post. From her, I received court documents detailing the forensics of Mr. Rona Wilson. In those documents, I found an unreported and unidentified piece of malware by the Regional Forensic Science Laboratory in Pune dating back to 2017. This is a horrifying case of poor digital forensics performed by the government and a red flag for our forensic community.</p><p>In short, a must-read!</p><p><a href="https://anchorednarratives.substack.com/p/the-trojan-solved-the-bhima-koregaon" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">anchorednarratives.substack.co</span><span class="invisible">m/p/the-trojan-solved-the-bhima-koregaon</span></a></p><p><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/MemoryForensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MemoryForensics</span></a> <a href="https://infosec.exchange/tags/APT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>APT</span></a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://infosec.exchange/tags/investigations" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>investigations</span></a> <a href="https://infosec.exchange/tags/Humanrights" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Humanrights</span></a> <a href="https://infosec.exchange/tags/innocenceproject" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>innocenceproject</span></a> <a href="https://infosec.exchange/tags/bhimakoregaon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bhimakoregaon</span></a> <span class="h-card"><a href="https://infosec.exchange/@hegel" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>hegel</span></a></span> <span class="h-card"><a href="https://infosec.exchange/@SentinelLabs" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>SentinelLabs</span></a></span> <span class="h-card"><a href="https://mastodon.world/@nihamasih" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nihamasih</span></a></span> <span class="h-card"><a href="https://infosec.exchange/@agreenberg" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>agreenberg</span></a></span> <span class="h-card"><a href="https://mastodon.social/@citizenlab" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>citizenlab</span></a></span> <span class="h-card"><a href="https://mstdn.social/@washingtonpost" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>washingtonpost</span></a></span></p>
📡 RightToPrivacy & Tech Tips<p>When <a href="https://fosstodon.org/tags/activists" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>activists</span></a> share personal info w/#SocialMedia, they are more open to targeting.</p><p>Ex: <a href="https://fosstodon.org/tags/ModifiedElephant" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ModifiedElephant</span></a> <a href="https://fosstodon.org/tags/India" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>India</span></a> Activists / Journalists Targeted 10yr + Framed For False Assassination Charges.</p><p><a href="https://fosstodon.org/tags/Backdoor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backdoor</span></a>-free <a href="https://fosstodon.org/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> matters: these individuals had false evidence planted on their devices.</p><p>Thankfully <a href="https://fosstodon.org/tags/forensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>forensics</span></a> saved their lives (won't always be case)</p><p><a href="https://fosstodon.org/tags/activism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>activism</span></a> </p><p><a href="https://tube.tchncs.de/w/p3X6RRccMjBmitmXS6tayM" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tube.tchncs.de/w/p3X6RRccMjBmi</span><span class="invisible">tmXS6tayM</span></a></p>
Tom Hegel<p>Quick post to summarize happenings in the world of 'APTs fabricating evidence to throw people in jail':</p><p>This week a new report was released by Arsenal Consulting related to pro bono forensic work they’ve done for defendants in the Bhima Koregaon (aka BK16) case in India. In this report, we’ve learned that a second defendant in the case was framed. The digital evidence of their crimes (domestic terrorism) were documents planted by <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> – specifically a variety of NetWire RAT samples. This framed individual (Stan Swamy) died while incarcerated – he was an 84 year old priest. </p><p><span class="h-card"><a href="https://infosec.exchange/@agreenberg" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>agreenberg</span></a></span> at Wired wrote about this news here (definitely read!): <a href="https://www.wired.com/story/modified-elephant-stan-swamy-hacked-evidence-frame-bhima-koregaon-16/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wired.com/story/modified-eleph</span><span class="invisible">ant-stan-swamy-hacked-evidence-frame-bhima-koregaon-16/</span></a> </p><p>Now this confirmation of evidence planting is simply not that surprising to us. Another defendant in the case (Rona Wilson) was confirmed to have evidence planted as well – and we’ve had confidence the same is done to many others. In addition to these two individuals, we know this same threat actor targeted many more individuals – including those not involved in this case at all. This threat actor is working in collusion with the Indian government, plain and simple.</p><p>We named this threat actor <a href="https://infosec.exchange/tags/ModifiedElephant" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ModifiedElephant</span></a> after profiling an extensive cluster of infrastructure and malware. The IOCs we released are tied to the decade+ life of the group so far. </p><p>PDF Report: <a href="https://s1.ai/mod-elephant" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">s1.ai/mod-elephant</span><span class="invisible"></span></a></p><p><span class="h-card"><a href="https://infosec.exchange/@jags" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>jags</span></a></span> and I did a BlackHat talk on this actor - a good overview on how they operate: <a href="https://youtu.be/zGorOeQS5C8" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/zGorOeQS5C8</span><span class="invisible"></span></a> </p><p>So, what’s next? The threat actor remains a focus of mine, and new research is ongoing. I hope to have more to share publicly soon. <a href="https://infosec.exchange/tags/StayTuned" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StayTuned</span></a> <a href="https://infosec.exchange/tags/BestJobIEverHad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BestJobIEverHad</span></a></p>