traffic analysis – WindowsTechs.com

Surveillance of the Internet Backbone

Posted on August 25, 2021 by Bruce Schneier

Vice has an article about how data brokers sell access to the Internet backbone. This is netflow data. It’s useful for cybersecurity forensics, but can also be used for things like tracing VPN activity.

At a high level, netflow data creates a picture of traffic flow and volume across a network. It can show which server communicated with another, information that may ordinarily only be available to the server owner or the ISP carrying the traffic. Crucially, this data can be used for, among other things, tracking traffic through virtual private networks, which are used to mask where someone is connecting to a server from, and by extension, their approximate physical location…

Continue reading Surveillance of the Internet Backbone→

Investigating the Navalny Poisoning

Posted on December 23, 2020 by Bruce Schneier

Bellingcat has investigated the near-fatal poisoning of Alexey Navalny by the Russian FSB back in August. The details display some impressive traffic analysis. Navalny got a confession out of one of the poisoners, displaying some masterful social engin… Continue reading Investigating the Navalny Poisoning→

ThreatList: Human-Mimicking Bots Spike, Targeting e-Commerce and Travel

Posted on April 29, 2020 by Tara Seals

Overall bot activity on the web has soared, with a 26 percent growth rate — attacks on applications, APIs and mobile sites are all on the rise. Continue reading ThreatList: Human-Mimicking Bots Spike, Targeting e-Commerce and Travel→

TLS Fingerprinting: Rethinking Encrypted Traffic Analysis Strategies

Posted on July 24, 2019 by Troy Kent

There seems to be some confusion about the appropriate way to use TLS fingerprinting in an environment. Anytime an SSL library, a library that uses any of those libraries, an OS or the application itself is updated or changed, there’s a good possibil… Continue reading TLS Fingerprinting: Rethinking Encrypted Traffic Analysis Strategies→

Bluetooth Flaws Could Allow Global Tracking of Apple, Windows 10 Devices

Posted on July 17, 2019 by Tara Seals

Identifying tokens and random addresses, meant to create anonymity, do not change in sync on some devices — opening an attack vector. Continue reading Bluetooth Flaws Could Allow Global Tracking of Apple, Windows 10 Devices→

What your encrypted data says about you

Posted on March 18, 2016 by Paul Ducklin

Your encrypted traffic could tell the government (or the crooks) more than you think, no decryption required. Continue reading What your encrypted data says about you→