French National Strategic Review published - cyber features heavily
"In terms of hybridity, states are increasingly systematically using cyber as a weapon to defend their strategic interests or in the context of geopolitical tension. In addition to the development of offensive capabilities, sophisticated off-the-shelf, cyber-espionage weapons and tools are gradually being developed by private companies. This cyber-arms race increases the risk of escalation, the stages of which are not equally understood. Finally, cybercrime, a threat that has reached an unprecedented level of sophistication and disinhibition, constitutes a strategic challenge for our national security."

"They have diversified capabilities for deep strikes in the context of first entry, support to a coalition operation, retaliatory actions, or strategic warning. France is able to target and strike (kinetic or cyber) targets of interest."


https://preview.redd.it/jmyv6prjjoz91.png?width=1099&format=png&auto=webp&s=630129cf7be10cc78b6f795cf9c9d6741d92fbfb


Document:
http://www.sgdsn.gouv.fr/uploads/2022/11/national-strategic-review-intermediate-version-1.pdf
🗣digicat


🎖@malwr

Introducing Shufflecake: plausible deniability for multiple hidden filesystems on Linux
🗣0xdea

If I recall correctly, the adversary strategy when meeting this kind of scheme is to continue to beat you until you're dead, even if you gave up all the secrets.
👤018118055

Maybe a stupid question, since a kernel module is needed, can't I just search for that on the target and then never trust the owner saying that only X layers of encryption are there instead of X+1? which of course can have worst results. Or is it "common sense" that the user has to modify the source and change names/parameters of the module to something else in order to hide it ?
👤ge_bil

So I can have a fake hidden volume filled with hentai and furry porn in case somebody uses the 5$ wrench technique, interesting 🤔🤣🤪

For research only, of course…
👤iamfromouttahere


🎖@malwr

Is using an Android emulator like BlueStacks a forensically viable method of testing app behavior?
For example, if I wanted to confirm where, how, and when an application creates folders in the file system when I send an attachment. And I do my due diligence to match the operating system and version numbers. Could this be used as an explanation in court, or is this a dangerous oversimplification or misunderstanding of BlueStacks capability?
🗣Expensive_Ad6442

The official android emulator should behave as it would on a live system, so should be indicative enough of the app's functionality to demonstrate what you need to show.

Depending on the context, it's worth considering that an app could identify that it's in an emulator and change its behaviour accordingly though, so if it's something custom/niche then consider that some analysis of the apk might be required.
👤minimize

I wouldn't use BlueStacks just based on the amount of bloatware and OS-level modifications done to it, but people have certainly used it for that purpose (for better or worse).

I think what you're looking for is the official Android dev tools via Android Studio.

https://developer.android.com/studio/run/emulator
👤CrisisJake


🎖@malwr

A Technical Analysis of Royal Ransomware [PDF](https://securityscorecard.pathfactory.com/research/the-royal-ransomware)
🗣CyberMasterV


🎖@malwr