Hiding the small movement inside the big movement Today saw a massive outbreak of not-really ransomware that has caused significant damage to both Ukrainian targets and strategic global logistics companies. The worm uses three different infection vectors: ETERNALBLUE Harvested password hashes psexec The code is well written, obfuscated to protect against AV detection using at least […]
Archives for June 2017
Operational Security and the Real World
An important part of the OPSEC approach to security is implementing compartmentation to limit the damage of any one penetration or compromise. This is sometimes referred to as impact containment. By compartmenting your operations, the control center over your accounts, and the information available from any single persona source, you are limiting the impact of […]
Real Talk on Reality
Leaking is high risk On June 5th The Intercept released an article based on an anonymously leaked Top Secret NSA document. The article was about one aspect of the Russian cyber campaign against the 2016 US election — the targeting of election device manufacturers. The relevance of this aspect of the Russian operation is not exactly clear, but […]