Browsing tag
North Korean nation-state actors affiliated with the Reconnaissance General Bureau (RGB) have been attributed to the JumpCloud hack following an operational security (OPSEC) blunder that exposed their actual IP address. Google-owned threat intelligence firm Mandiant attributed the activity to a threat actor it tracks under the name UNC4899, which likely shares overlaps with clusters already […]
A financially motivated threat actor has been observed deploying a previously unknown rootkit targeting Oracle Solaris systems with the goal of compromising Automatic Teller Machine (ATM) switching networks and carrying out unauthorized cash withdrawals at different banks using fraudulent cards. Threat intelligence and incident response firm Mandiant is tracking the cluster under the moniker UNC2891, […]
procedural security is what we call operational security (OPSEC), it is kind of risk management process that encourages admin to monitor operations from the perspective of an adversary, and draw conclusions to protect sensitive information from falling into the wrong hands. OPSEC is becoming popular in the private sector though it was used by the […]
ISIS hijacks Kuwait security firm’s OPSEC manual.Yesterday, various Twitter accounts were tweeting about an ISIS OPSEC manual describing the terrorist group’s cyber-security practices. The document, embedded below in a translated form, details various techniques recommended by the group to its new recruits. While initially we thought the ISIS OPSEC manual was uncovered by the recent […]