SecurityRatty: tag: opsec

Violating OPSEC for Increasing the Probability of Malware Infection

2008-07-11 19:39:32 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...OPSEC (operational security) for the sake of increasing the probability of successful malware infection by on purposely lowering down the security settings of Internet Explorer, by adding their malicious netblocks and domains into "Trusted Sites"? You bet The infamous Smitfraud or PSGuard Desktop Hijacker, has been cooperating with known...

Tags: malware, malware authors, smitfraud, smitfraud infection, successful malware infection, sacrifice operational security, operational security, malware pcs, infamous smitfraud

Why Some Terrorist Attacks Succeed and Others Fail

2008-02-28 06:25:13 by schneier in Schneier on Security

...OPSEC). The case studies indicate that even plots that are otherwise well-planned and operationally sound will fail if there is a lack of attention to OPSEC. Security services cannot "cause" poor OPSEC, but they can create the proper conditions to capitalize on it when it occurs Observant public and vigilant security services. OPSEC breaches...

Tags: vigilant security services, vigilant, recent terrorist plots, terrorist plots, information fits, information, intelligence information, security services, law enforcement

Real-Time OSINT vs Historical OSINT in Russia/Georgia Cyberattacks

2008-10-20 09:58:59 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...OPSEC) the initiators of a particular campaign apply at the beginning, so that it would scale faster and attract more participants. What the Russian government was doing is fueling the (cyber) fire - literally, since all it takes for a collectivist socienty's cyber militia to organize, is a "call for action" which was taking place at the...

Tags: georgia, cyberattacks, cyber, georgia cyber attacks, real-time osint, project, project grey goose, forums, cut georgia

Money Mules Syndicate Actively Recruiting Since 2002

2008-10-28 08:44:21 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...OPSEC (operational security) by establishing a trust based model based on recommendations in order to even consider letting you register for their services. Their geographical location not only reflects the average time it would take to take action against their activities and expose yet another extensive network of fraudulent operations, but...

Tags: money mules, money, mules, drop service, service, service providers, services, scam, cybercrime community

The Cyber Storm II Cyber Exercise

2008-04-03 12:29:03 by HASH0x8b6d0a8 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...OPSEC violation in the form of sensitive information leaking on blogs . A very ambitious initiative, given the many other distribution channels, which when combined in a timely manner make it virtually impossible to shut down and censor, the leaked material. What if it gets spammed? Moreover, what's a leak to some, is transparency into the...

Tags: cyber warfare, passive cyber warfare, cyber warfare tensions, offensive cyber warfare, cyber warfare exercise, warfare, econonomic warfare, cyber warfare attacks, broader information warfare

The Rise of Kosovo Defacement Groups

2008-04-21 04:31:00 by HASH0x8b5b604 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...OPSEC, by obtaining internal metrics for defaced sites on behalf of a particular group. According to this screenshot, released by one of the members of the Kosovo Hackers Group, a group that's been defacement beneath the radar as of recently, the mass deface included 300 sites, and on the 13th of April, Quebec's Common Ground Alliance site...

Tags: defacement, greatly improve, greatly, defacement beneath, psyops, greatly showcases, psyops motives, web application vulnerabilities, capabilities development process

Summarizing July's Threatscape

2008-08-01 16:08:24 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...OPSEC for Increasing the Probability of Malware Infection No better way to expose your affiliations and several unknown bad netblocks so far, by adding the netblocks and the malicious domains as trusted sites upon infecting a PC with the malware. Of course, the usual suspects lead the "trusted netblocks 13. Monetizing Compromised Web Sites...

Tags: malware, profitable malware operations, malware authors, malware tools, malware coder, malware kit, malware infection, neosploit malware kit, spam

Summarizing August's Threatscape

2008-09-10 06:57:32 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...OPSEC is slowly emerging as a concept among malicious parties, whenever some of the "calls for action" in the DDoS attacks were posted at mainstream forums, they were immediately removed so that they don't show up in such academic initiatives 08. 76Service - Cybercrime as a Service Going Mainstream The reappearance of the 76Service allowing...

Tags: malware, facebook malware campaigns, usefulness pinch malware, banker malware kits, malware campaigns, botnet, diy botnet kit, distribute malware, banker malware

Two Copycat Web Malware Exploitation Kits in the Wild

2008-09-24 14:28:37 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...OPSEC (operational security), and dedicated cybercrime campaign optimizing staff, are all in the works Related posts Web Based Botnet Command and Control Kit 2.0 DIY Botnet Kit Promising Eternal Updates Pinch Vulnerable to Remotely Exploitable Flaw The Zeus Crimeware Kit Vulnerable to Remotely Exploitable Flaw The Small Pack Web Malware...

Tags: diy botnet kit, kit, nuclear malware kit, icepack exploitation kit, nuclear grabber kit, apophis kit, malware exploitation kit, kits, control kit

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo