Deterrence doesn’t work in any domain that isn’t existential in my opinion. The US kept bombing groups in Syria and Iraq to deter Iran from launching attacks at US troops. It singularly failed to stop the attacks. (The threat of war with the US is existential and so they didn’t escalate…

LockBit leaked logs of the negotiations with the Royal Mail These make for interesting reading. There are a bunch of techniques used by spies handling agents that show up here…

Recently I was skimming the European Data Protection Supervisor’s 24/2022 Opinion on the Proposal for a Regulation establishing a common framework for media services in the internal market (European Media Freedom Act) and amending Directive 2010/13/EU…

This case of a woman who slacked off, got fired, and then sued for wrongful dismissal is pretty interesting. She lost because the audit software monitoring her work on her laptop revealed that She billed for files she didn’t work on, billed for 50 hours of work she didn’t do, And…

There’s been a lot of commentary by security nerds about how ChatGPT et alia ( GPT chat services ) are cause for concern and raising the threat level for everyone. I disagree and believe this reactionary pattern of assuming that any new technological capabilities should raise defense conditions is rooted in ignorance, arrogance, or predation. Same old I…

Apps that can edit video streams and change a face to be unrecognisable already exist. What are the use cases for privacy, security, and maliciousness? A few years ago, in 2019, there was a huge uproar in China when a young woman vlogger glitched out and was revealed as a much older woman…

Sending holiday greetz to all! I just wanted to shoot out a quick post on an observation I made while doing research. I’ve been looking a little bit at a Ukrainian newspaper that serves transcarpathia — the region of Ukraine that borders Hungary and Romania…

Recently, Danny Moore asked a question about cyber terrorism. His post, and the discussion, is on Mastodon here: https://infosec.exchange/@danny/109422030713833568 The question is: has anyone seen an actual successful attack that could unequivocally be called “cyber terrorism…

Last month a Russian exploit company increased their price offer for Signal RCE exploits to three times the Zerodium rate. What, if anything, does this mean? Read on to find out. Attempts to read the tea leaves of public 0day pricing are mostly speculation. That said, I hope I can provide some informed speculation. The change in pricing is an indicator of something, but what…

https://www.c4isrnet.com/battlefield-tech/2022/10/17/how-ukraine-learned-to-cloak-its-drones-from-russian-surveillance/ This article is misleading. It paints a picture of China and Russia colluding to make drones vulnerable to tracking technology. DJI’s AeroScope tool…

I’ve a couple items I want to expand on a bit, but not necessarily develop at length. Hopefully these short expanded thoughts will be interesting…

Case Study: Bad Cops Expose The BBC has an interesting OSINT operation. There are two related investigations. The first involves a group of women doing old-fashioned gumshoe work, running down every clue using leaked databases and the internet. The second has the BBC applying a combination of traditional public records OSINT and modern face recognition software…

For all the disappointment over the lack of spectacular cyber warfare in Ukraine, there's very little interest in the "textbook cyberwar" scenarios unfolding around Iran. Albania has just severed diplomatic ties with Iran over the cyber attacks of July 15th. The Prime Minister announced this in a dramatic fashion with strong language. Iran is embroiled …

I recently learned about organisational psychology, and from there about deviant organisational behavior. It is quite cool. As I was reading it I immediately saw the links to a Perun video on corruption in the Russian army. The Russian army has suffered significantly from corruption. The corruption they face is something covered by organizational psychology as organization deviance. Organization deviance includes “counterproductive work behavior” (CWB), outlined in this white paper. Of the four listed causes for CWB, the Russian army has at least three of them…

Data Driven Intelligence When planning regime change it is useful to know a bit about the target country’s population. How will they feel about the invasion force? What do they think about their leaders? Are they highly motivated extremists? To uncover the answers to these questions requires intelligence collection and analysis…

Many people may not know this, but fifteen…twenty years ago I knew a thing or two about rootkit development. I wrote detection software for a few years as well. Back then modifying the shared libraries on the disk was also vector for userland rootkits…

Ukraine Survives and Thrives Russia’s first wave of destructive cyber effects operations against Ukraine were effective. They targeted and disabled Ukrainian air defense systems, government ministries, and the national command and control infrastructure built over VIASAT. These successful operations were accomplished even though Russia’s military intell…

A common question about the lacklustre Russian cyberwar so far is, why hasn’t Putin unleashed the ransomware gangs? Why isn’t there a massive wave of ransomware across Europe and America? There are two related issues here that need to be addressed on Putin and ransomware: (1) why would he? (2) why hasn’t he? This post will address the second “why he has…