operational security – WindowsTechs.com

Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code

Posted on December 8, 2023 by Bruce Schneier

Another rare security + squid story:

The woman—who has only been identified by her surname, Wang—was having a meal with friends at a hotpot restaurant in Kunming, a city in southwest China. When everyone’s selections arrived at the table, she posted a photo of the spread on the Chinese social media platform WeChat. What she didn’t notice was that she’d included the QR code on her table, which the restaurant’s customers use to place their orders.

Even though the photo was only shared with her WeChat friends list and not the entire social network, someone—or a lot of someones—used that QR code to add a ridiculous amount of food to her order. Wang was absolutely shocked to learn that “her” meal soon included 1,850 orders of duck blood, 2,580 orders of squid, and an absolutely bonkers 9,990 orders of shrimp paste…

Continue reading Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code→

Using Hacked LastPass Keys to Steal Cryptocurrency

Posted on September 18, 2023 by Bruce Schneier

Remember last November, when hackers broke into the network for LastPass—a password database—and stole password vaults with both encrypted and plaintext data for over 25 million users?

Well, they’re now using that data break into crypto wallets and drain them: $35 million and counting, all going into a single wallet.

That’s a really profitable hack. (It’s also bad opsec. The hackers need to move and launder all that money quickly.)

Look, I know that online password databases are more convenient. But they’re also risky. This is why my Password Safe…

Continue reading Using Hacked LastPass Keys to Steal Cryptocurrency→

NSA on Supply Chain Security

Posted on November 4, 2022 by Bruce Schneier

The NSA (together with CISA) has published a long report on supply-chain security: “Securing the Software Supply Chain: Recommended Practices Guide for Suppliers.“:

Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code, verify third party components, and harden the build environment. But the supplier also holds a critical responsibility in ensuring the security and integrity of our software. After all, the software vendor is responsible for liaising between the customer and software developer. It is through this relationship that additional security features can be applied via contractual agreements, software releases and updates, notifications and mitigations of vulnerabilities…

Continue reading NSA on Supply Chain Security→

Security Vulnerabilities in Covert CIA Websites

Posted on September 30, 2022 by Bruce Schneier

Back in 2018, we learned that covert system of websites that the CIA used for communications was compromised by—at least—China and Iran, and that the blunder caused a bunch of arrests, imprisonments, and executions. We’re now learning that the CIA is still “using an irresponsibly secured system for asset communication.”

Citizen Lab did the research:

Using only a single website, as well as publicly available material such as historical internet scanning results and the Internet Archive’s Wayback Machine, we identified a network of 885 websites and have high confidence that the United States (US) Central Intelligence Agency (CIA) used these sites for covert communication…

Continue reading Security Vulnerabilities in Covert CIA Websites→

Leaking Military Secrets on Gaming Discussion Boards

Posted on June 8, 2022 by Bruce Schneier

People are leaking classified military information on discussion boards for the video game War Thunder to win arguments—repeatedly.
Continue reading Leaking Military Secrets on Gaming Discussion Boards→

Where Everything Old is New Again: Operational Technology and Ghost of Malware Past

Posted on April 13, 2022 by Camille Singleton

This post was written with contributions from IBM Security’s Sameer Koranne and Elias Andre Carabaguiaz Gonzalez. Operational technology (OT) — the networks that control industrial control system processes — face a more complex challenge than their IT counterparts when it comes to updating operating systems and software to avoid known vulnerabilities. In some cases, implementation […]

The post Where Everything Old is New Again: Operational Technology and Ghost of Malware Past appeared first on Security Intelligence.

Continue reading Where Everything Old is New Again: Operational Technology and Ghost of Malware Past→

IoT Security: Protecting Food and Agriculture Organizations

Posted on December 10, 2021 by David Bisson

Ransomware actors are targeting food and agriculture organizations, potentially disrupting business. Luckily, there are already formal structures in place to boost the IoT security defenses they need. Knowing them keeps the lifeblood of industrial farms and food delivery going. Businesses in the sector could “suffer significant financial loss,” the FBI said. That loss is “resulting […]

The post IoT Security: Protecting Food and Agriculture Organizations appeared first on Security Intelligence.

Continue reading IoT Security: Protecting Food and Agriculture Organizations→

ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group

Posted on August 4, 2021 by Allison Wikoff

This blog supplements a Black Hat USA 2021 talk given August 2021. IBM Security X-Force threat intelligence researchers continue to track the infrastructure and activity of a suspected Iranian threat group ITG18. This group’s tactics, techniques and procedures(TTPs) overlap with groups known as Charming Kitten, Phosphorus and TA453. Since our initial report on the group’s training […]

The post ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group appeared first on Security Intelligence.

Continue reading ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group→

Fugitive Identified on YouTube By His Distinctive Tattoos

Posted on April 1, 2021 by Bruce Schneier

A mafia fugitive hiding out in the Dominican Republic was arrested when investigators found his YouTube cooking channel and identified him by his distinctive arm tattoos.
Continue reading Fugitive Identified on YouTube By His Distinctive Tattoos→

OSINT OPSEC: Not just for government anymore

Posted on January 26, 2021 by Abel Vandegrift

OSINT OPSEC is critical for any type of investigator to protect their mission, organization and themselves from cyber adversaries
The post OSINT OPSEC: Not just for government anymore appeared first on Security Boulevard.
Continue reading OSINT OPSEC: Not just for government anymore→