Security News

Meta reckons China's troll farms could learn proper OpSec from Russia's fake news crews

2023-08-30 00:58

Claims to have taken down two colossal networks, with 'Secondary Infektion' schooling 'Spamouflage' Russia appears to be "better" at running online trolling campaigns aimed at pushing its...

#china #opsec #russia #troll

North Korean Nation-State Actors Exposed in JumpCloud Hack After OPSEC Blunder

2023-07-25 14:46

North Korean nation-state actors affiliated with the Reconnaissance General Bureau have been attributed to the JumpCloud hack following an operational security blunder that exposed their actual IP address. The intrusion directed against JumpCloud took place on June 22, 2023, as part of a sophisticated spear-phishing campaign that leveraged the unauthorized access to breach fewer than five customers and less than 10 systems in what's called a software supply chain attack.

#hack #jumpcloud #northkorean #opsec

JumpCloud hack linked to North Korea after OPSEC mistake

2023-07-24 17:12

A hacking unit of North Korea's Reconnaissance General Bureau was linked to the JumpCloud breach after the attackers made an operational security mistake, inadvertently exposing their real-world IP addresses. While North Korean state hackers are known for using commercial VPN services to mask their IP addresses and actual locations, during the JumpCloud attack, the VPNs they were using failed and exposed their location in Pyongyang while connecting to a victim's network.

#hack #jumpcloud #korea #northkorea #opsec

Combatting OpSec threats to our COVID-19 vaccination efforts: What can we do?

2021-06-24 05:30

In this one, we'll dive into operations security threats to the supply chain. How are people threatening the vaccine supply chain?

#covid19 #opsec #threat

Microsoft Details OPSEC, Anti-Forensic Techniques Used by SolarWinds Hackers

2021-01-21 15:25

Microsoft on Wednesday released another report detailing the activities and the methods of the threat actor behind the attack on IT management solutions firm SolarWinds, including their malware delivery methods, anti-forensic behavior, and operational security. In its latest report on the SolarWinds attack, which it tracks as Solorigate, Microsoft explains how the attackers got from the Sunburst malware to the Cobalt Strike loaders, and how they kept the components separated as much as possible to avoid being detected.

#forensic #hacker #microsoft #opsec #solarwinds

Baldr malware unpicked with a little help from crooks’ bad opsec

2019-08-06 13:00

New research from Sophos takes an exhaustive look at the Baldr password stealer.

#malware #opsec

Opsec Mistakes Allowed U.S. to Link North Korean Man to Hacks

2018-09-07 09:00

A 34-year-old North Korean national has been charged by U.S. authorities over his alleged involvement in the cyberattacks carried out by the Lazarus Group. An affidavit filed by an FBI special...

#hack #northkorean #opsec

Security Compass expands support for OpSec, adding Microsoft Azure to its knowledge library

2018-09-06 18:29

Security Compass announced it has expanded on operational security (OpSec) requirements available in the SD Elements’ knowledge library, with support for Microsoft Azure and other application...

#azure #microsoft #opsec #security

Actor Targeting Middle East Shows Excellent OPSEC

2018-02-08 20:26

An actor making extensive use of scripting languages in attacks on targets in the Middle East demonstrates excellent operational security (OPSEC), researchers from Talos say. read more

#opsec

The grugq on Reality Winner, the Intercept, and OPSEC (Schneier on Security)

2017-06-14 13:15

Good commentary....

#opsec #security

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News