Fascinating and sophisticated MiTM ('man in the middle') at Hetzner (DE) and Linode, targeting Russia's largest XMPP/Jabber (civilian) chat service. The authors of the article make a reasonably compelling case that "this is lawful interception Hetzner and Linode were forced to setup."
notes.valdikss.org.ru/jabber.r…
Excellent mitigation walkthrough here:
Sure gets me thinking.
JQ - is one of the most popular command line utilities for extracting and processing data from JSON files.
Here is a ultimate cheatsheet to the most useful JQ functions for #osint, #dfir, and #forensics:
sans.org/posters/json-and-jq-q…
Contributors twitter.com/SANSInstitute twitter.com/DavidSzili
This guide is a supplement to SANS FOR572: Advanced Network Forensics and Analysis. It covers the basics of JSON and some of the fundamentals of the jq utility.www.sans.org
