Articles

The Info Op
Deterrence in Space
Deterrence doesn’t work in any domain that isn’t existential in my opinion. The US kept bombing groups in Syria and Iraq to deter Iran from launching attacks at US troops. It singularly failed to stop the attacks. (The threat of war with the US is existential and so they didn’t escalate…
Read more
The Info Op
Learn from LockBit’s Leaked Logs
LockBit leaked logs of the negotiations with the Royal Mail These make for interesting reading. There are a bunch of techniques used by spies handling agents that show up here…
Read more
The Info Op
Nations without borders
Recently I was skimming the European Data Protection Supervisor’s 24/2022 Opinion on the Proposal for a Regulation establishing a common framework for media services in the internal market (European Media Freedom Act) and amending Directive 2010/13/EU…
Read more
The Info Op
Spying through gaming
Read more
The Info Op
Will hackers defeat time trackers?
This case of a woman who slacked off, got fired, and then sued for wrongful dismissal is pretty interesting. She lost because the audit software monitoring her work on her laptop revealed that She billed for files she didn’t work on, billed for 50 hours of work she didn’t do, And…
Read more
The Info Op
I refuse to bow to our AI overlords
There’s been a lot of commentary by security nerds about how ChatGPT et alia ( GPT chat services ) are cause for concern and raising the threat level for everyone. I disagree and believe this reactionary pattern of assuming that any new technological capabilities should raise defense conditions is rooted in ignorance, arrogance, or predation. Same old I…
Read more
The Info Op
AI masks for online criminals?
Apps that can edit video streams and change a face to be unrecognisable already exist. What are the use cases for privacy, security, and maliciousness? A few years ago, in 2019, there was a huge uproar in China when a young woman vlogger glitched out and was revealed as a much older woman…
Read more
The Info Op
Local news to big picture
Sending holiday greetz to all! I just wanted to shoot out a quick post on an observation I made while doing research. I’ve been looking a little bit at a Ukrainian newspaper that serves transcarpathia — the region of Ukraine that borders Hungary and Romania…
Read more
The Info Op
Cyber. Terrorism. Cyber terrorism.
Recently, Danny Moore asked a question about cyber terrorism. His post, and the discussion, is on Mastodon here: https://infosec.exchange/@danny/109422030713833568 The question is: has anyone seen an actual successful attack that could unequivocally be called “cyber terrorism…
Read more
The Info Op
Russian 0day thirst traps
Last month a Russian exploit company increased their price offer for Signal RCE exploits to three times the Zerodium rate. What, if anything, does this mean? Read on to find out. Attempts to read the tea leaves of public 0day pricing are mostly speculation. That said, I hope I can provide some informed speculation. The change in pricing is an indicator of something, but what…
Read more
The Info Op
A cool story, buried beneath bollocks
https://www.c4isrnet.com/battlefield-tech/2022/10/17/how-ukraine-learned-to-cloak-its-drones-from-russian-surveillance/ This article is misleading. It paints a picture of China and Russia colluding to make drones vulnerable to tracking technology. DJI’s AeroScope tool…
Read more
The Info Op
Various Vignettes
I’ve a couple items I want to expand on a bit, but not necessarily develop at length. Hopefully these short expanded thoughts will be interesting…
Read more
The Info Op
The Danger of Dashboards
Read more
The Info Op
OSINT natives vs ACAB
Case Study: Bad Cops Expose The BBC has an interesting OSINT operation. There are two related investigations. The first involves a group of women doing old-fashioned gumshoe work, running down every clue using leaked databases and the internet. The second has the BBC applying a combination of traditional public records OSINT and modern face recognition software…
Read more
The Info Op
Albanian cyber war
For all the disappointment over the lack of spectacular cyber warfare in Ukraine, there's very little interest in the "textbook cyberwar" scenarios unfolding around Iran. Albania has just severed diplomatic ties with Iran over the cyber attacks of July 15th. The Prime Minister announced this in a dramatic fashion with strong language. Iran is embroiled …
Read more
The Info Op
Deviant Organisational Psychology
I recently learned about organisational psychology, and from there about deviant organisational behavior. It is quite cool. As I was reading it I immediately saw the links to a Perun video on corruption in the Russian army. The Russian army has suffered significantly from corruption. The corruption they face is something covered by organizational psychology as organization deviance. Organization deviance includes “counterproductive work behavior” (CWB), outlined in this white paper. Of the four listed causes for CWB, the Russian army has at least three of them…
Read more
The Info Op
Quantified Failure
Data Driven Intelligence When planning regime change it is useful to know a bit about the target country’s population. How will they feel about the invasion force? What do they think about their leaders? Are they highly motivated extremists? To uncover the answers to these questions requires intelligence collection and analysis…
Read more
The Info Op
Userland Rootkits are Lame
Many people may not know this, but fifteen…twenty years ago I knew a thing or two about rootkit development. I wrote detection software for a few years as well. Back then modifying the shared libraries on the disk was also vector for userland rootkits…
Read more
The Info Op
Foghorn: Signals Through the Fog of War
Ukraine Survives and Thrives Russia’s first wave of destructive cyber effects operations against Ukraine were effective. They targeted and disabled Ukrainian air defense systems, government ministries, and the national command and control infrastructure built over VIASAT. These successful operations were accomplished even though Russia’s military intell…
Read more
The Info Op
Putin’s cyber blind spot
A common question about the lacklustre Russian cyberwar so far is, why hasn’t Putin unleashed the ransomware gangs? Why isn’t there a massive wave of ransomware across Europe and America? There are two related issues here that need to be addressed on Putin and ransomware: (1) why would he? (2) why hasn’t he? This post will address the second “why he has…
Read more