Skip to content
SSL and internet security news

Informations about SSL certificates and networks security

Category: operationalsecurity

Auto Added by WPeMatico

Bart Gellman on Snowden

Posted on May 20, 2020 By infossl
books, edwardsnowden, nsa, operationalsecurity, privacy, Security technology, surveillance

Bart Gellman’s long-awaited (at least by me) book on Edward Snowden, Dark Mirror: Edward Snowden and the American Surveillance State, will finally be published in a couple of weeks. There is an adapted excerpt in the Atlantic. It’s an interesting read, mostly about the government surveillance of him and other journalists. He speaks about an … Read More “Bart Gellman on Snowden” »

Mailbox Master Keys

Posted on January 6, 2020 By infossl
keys, mail, operationalsecurity, Security technology, usps

Here’s a physical-world example of why master keys are a bad idea. It’s a video of two postal thieves using a master key to open apartment building mailboxes. Changing the master key for physical mailboxes is a logistical nightmare, which is why this problem won’t be fixed anytime soon. Powered by WPeMatico

Identifying and Arresting Ransomware Criminals

Posted on November 12, 2019 By infossl
attribution, hacking, operationalsecurity, ransomware, Security technology

The Wall Street Journal has a story about how two people were identified as the perpetrators of a ransomware scheme. They were found because — as generally happens — they made mistakes covering their tracks. They were investigated because they had the bad luck of locking up Washington, DC’s video surveillance cameras a week before … Read More “Identifying and Arresting Ransomware Criminals” »

Details on Uzbekistan Government Malware: SandCat

Posted on October 11, 2019 By infossl
hacking, kaspersky, malware, operationalsecurity, Security technology, uzbekistan

Kaspersky has uncovered an Uzbeki hacking operation, mostly due to incompetence on the part of the government hackers. The group’s lax operational security includes using the name of a military group with ties to the SSS to register a domain used in its attack infrastructure; installing Kaspersky’s antivirus software on machines it uses to write … Read More “Details on Uzbekistan Government Malware: SandCat” »

New Research into Russian Malware

Posted on October 2, 2019 By infossl
cyberespionage, malware, operationalsecurity, russia, Security technology

There’s some interesting new research about Russian APT malware: The Russian government has fostered competition among the three agencies, which operate independently from one another, and compete for funds. This, in turn, has resulted in each group developing and hoarding its tools, rather than sharing toolkits with their counterparts, a common sight among Chinese and … Read More “New Research into Russian Malware” »

Security Vulnerabilities in US Weapons Systems

Posted on October 10, 2018 By infossl
control, cybersecurity, departmentofdefense, encryption, nationalsecuritypolicy, operationalsecurity, passwords, reports, Security technology, vulnerabilities, weapons

The US Government Accounting Office just published a new report: “Weapons Systems Cyber Security: DOD Just Beginning to Grapple with Scale of Vulnerabilities” (summary here). The upshot won’t be a surprise to any of my regular readers: they’re vulnerable. From the summary: Automation and connectivity are fundamental enablers of DOD’s modern military capabilities. However, they … Read More “Security Vulnerabilities in US Weapons Systems” »

E-Mail Leaves an Evidence Trail

Posted on February 26, 2018 By infossl
courts, crime, fbi, forensics, operationalsecurity, privacy, Security technology, surveillance

If you’re going to commit an illegal act, it’s best not to discuss it in e-mail. It’s also best to Google tech instructions rather than asking someone else to do it: One new detail from the indictment, however, points to just how unsophisticated Manafort seems to have been. Here’s the relevant passage from the indictment. … Read More “E-Mail Leaves an Evidence Trail” »

The grugq on Reality Winner, the Intercept, and OPSEC

Posted on June 14, 2017 By infossl
leaks, operationalsecurity, Security technology, whistleblowers

Good commentary. Powered by WPeMatico

Interesting Internet-Based Investigative Techniques

Posted on August 24, 2016 By infossl
anonymity, children, deanonymization, metadata, operationalsecurity, police, pornography, Security technology

In this article, detailing the Australian and then worldwide investigation of a particularly heinous child-abuse ring, there are a lot of details of the pedophile security practices and the police investigative techniques. The abusers had a detailed manual on how to scrub metadata and avoid detection, but not everyone was perfect. The police used information … Read More “Interesting Internet-Based Investigative Techniques” »

fr_FR

Recent Posts

  • Chinese AI Submersible
  • Fake Student Fraud in Community Colleges
  • Another Move in the Deepfake Creation/Detection Arms Race
  • Friday Squid Blogging: Pyjama Squid
  • Privacy for Agentic AI

Tags

academicpapers airgaps android anonymity authentication borders cars cellphones censorship control courts crime cryptanalysis cryptography cryptowars deanonymization edwardsnowden encryption fbi fear geolocation guardian hacking intelligence ios jamming keyescrow lies malware medicine nationalsecuritypolicy nsa pointofsale printers privacy rc4 retail secrecy sidechannelattacks socialmedia squid surveillance tracking tradecraft whistleblowers

Categories

  • 3dprinters
  • 911
  • A Hacker's Mind
  • academic
  • academic papers
  • academicpapers
  • accountability
  • aclu
  • activism
  • adobe
  • advanced persistent threats
  • advancedpersistentthreats
  • adware
  • aes
  • AI
  • air travel
  • airgaps
  • airtravel
  • al Qaeda
  • alarms
  • algorithms
  • alqaeda
  • amazon
  • android
  • anonymity
  • Anonymous
  • antivirus
  • apache
  • apple
  • Applied Cryptography
  • appliedcryptography
  • artificial intelligence
  • artificialintelligence
  • assassinations
  • atms
  • att
  • attribution
  • audio
  • auditing
  • australia
  • authentication
  • authorization
  • automation
  • backdoors
  • backups
  • banking
  • baserate
  • behavioraldetection
  • Beyond Fear
  • beyondfear
  • bgp
  • biological warfare
  • biologicalwarfare
  • biometrics
  • bios
  • bitcoin
  • BitLocker
  • blackberry
  • blackmail
  • blockchain
  • bluetooth
  • bombs
  • books
  • borders
  • botnets
  • brazil
  • breaches
  • bribes
  • browsers
  • business of security
  • businessofsecurity
  • CALEA
  • cameras
  • camouflage
  • canada
  • captchas
  • cars
  • casinos
  • cell phones
  • cellphones
  • censorship
  • certificates
  • certifications
  • ch2ke
  • chatbots
  • ChatGPT
  • cheating
  • chelseamanning
  • chess
  • child pornography
  • childpornography
  • children
  • china
  • chipandpin
  • chrome
  • Chrome OS
  • cia
  • cisco
  • Citizen Lab
  • citizenlab
  • cloning
  • cloud computing
  • cloudcomputing
  • co3systems
  • coastguard
  • colombia
  • complexity
  • compliance
  • computer security
  • computersecurity
  • concealment
  • conferences
  • cons
  • consumerization
  • contests
  • control
  • cookies
  • cooperation
  • copyright
  • costbenefitanalysis
  • courts
  • cover-ups
  • coverups
  • COVID-19
  • covid19
  • cracking
  • credentials
  • credit cards
  • creditcards
  • crime
  • cross-site scripting
  • crowdsourcing
  • cryptanalysis
  • crypto wars
  • cryptocurrency
  • cryptography
  • cryptome
  • cryptowars
  • cuba
  • cyberattack
  • cybercrime
  • cyberespionage
  • cybersecurity
  • cyberterrorism
  • cyberwar
  • cyberweapons
  • dark web
  • darkweb
  • darpa
  • Data and Goliath
  • data breaches
  • data collection
  • data destruction
  • data loss
  • data mining
  • data privacy
  • data protection
  • dataandgoliath
  • databases
  • databreaches
  • datacollection
  • datadestruction
  • dataloss
  • datamining
  • dataprotection
  • dataretention
  • de-anonymization
  • dea
  • deaddrops
  • deanonymization
  • debates
  • deception
  • deep fake
  • deepfake
  • defense
  • democracy
  • deniability
  • denial of service
  • denialofservice
  • Department of Defense
  • departmentofdefense
  • dhs
  • disclosure
  • disguise
  • disinformation
  • dmca
  • dna
  • dns
  • doghouse
  • domain names
  • doxing
  • drm
  • drones
  • drug trade
  • drugtrade
  • e-mail
  • eavesdropping
  • ebay
  • ebooks
  • economics of security
  • economicsofsecurity
  • Edward Snowden
  • edwardsnowden
  • eff
  • egypt
  • email
  • embedded systems
  • embeddedsystems
  • employment
  • encryption
  • enigma
  • EPIC
  • epidemiology
  • espionage
  • essays
  • estonia
  • ethics
  • eu
  • EULA
  • exploits
  • externalities
  • extortion
  • face recognition
  • facebook
  • facerecognition
  • fake news
  • fakenews
  • false positives
  • falsenegatives
  • falsepositives
  • fbi
  • fear
  • feudalsecurity
  • filesharing
  • filtering
  • finance
  • fingerprints
  • firefox
  • firewall
  • firmware
  • fisa
  • foia
  • forensics
  • forgery
  • Fortuna
  • france
  • fraud
  • fsecure
  • ftc
  • g7
  • gambling
  • game theory
  • games
  • gametheory
  • gaming consoles
  • gchq
  • gdpr
  • generations
  • geolocation
  • Georgia
  • germany
  • gmail
  • google
  • googleglass
  • gps
  • Greece
  • Guardian
  • guns
  • hackback
  • hacking
  • hardware
  • hashes
  • healthcare
  • Hezbollah
  • history of computing
  • history of cryptography
  • history of security
  • historyofcomputing
  • historyofcryptography
  • historyofsecurity
  • hoaxes
  • homelandsecurity
  • homomorphic encryption
  • hotels
  • hp
  • https
  • human rights
  • humor
  • ibm
  • ics
  • idcards
  • identification
  • identity theft
  • identitytheft
  • impersonation
  • implants
  • incentives
  • incident response
  • incidentresponse
  • india
  • infrastructure
  • inrupt
  • insiders
  • insurance
  • intel
  • intelligence
  • internet
  • Internet and society
  • Internet of Things
  • internetandsociety
  • internetexplorer
  • internetofthings
  • interviews
  • intrusion detection
  • ios
  • iphone
  • iran
  • iraq
  • ireland
  • irs
  • isis
  • isps
  • israel
  • italy
  • jamming
  • japan
  • Juniper
  • kaspersky
  • kazakhstan
  • key logging
  • keyescrow
  • keylogging
  • keys
  • kidnapping
  • killswitch
  • law enforcement
  • lawenforcement
  • laws
  • leaks
  • lebanon
  • lenovo
  • Liars and Outliers
  • liarsandoutliers
  • lies
  • linkedin
  • linux
  • LLM
  • locks
  • loopholes
  • lotteries
  • machine learning
  • machinelearning
  • mail
  • malware
  • man-in-the-middle attacks
  • maninthemiddleattacks
  • marketing
  • mcafee
  • md5
  • medicine
  • Meta
  • metadata
  • microsoft
  • military
  • mitigation
  • monoculture
  • movieplotthreats
  • mozilla
  • music
  • national security policy
  • nationalism
  • nationalsecurityletters
  • nationalsecuritypolicy
  • natural security
  • naturalsecurity
  • networksecurity
  • New York Times
  • Nigeria
  • nist
  • no-fly list
  • Non classé
  • noncomputer hacks
  • North Korea
  • northkorea
  • norway
  • nsa
  • obscurity
  • onetimepads
  • open source
  • opensource
  • operating systems
  • operatingsystems
  • operational security
  • operationalsecurity
  • overreactions
  • pakistan
  • Password Safe
  • passwords
  • passwordsafe
  • patching
  • patents
  • patriotact
  • paypal
  • penetration testing
  • penetrationtesting
  • pgp
  • phishing
  • phones
  • photos
  • physical security
  • physicalsecurity
  • pins
  • plagiarism
  • point of sale
  • pointofsale
  • police
  • policy
  • pornography
  • power
  • press
  • printers
  • prison escapes
  • prisons
  • privacy
  • privilege escalation
  • programming
  • propaganda
  • protocols
  • proxies
  • pseudonymity
  • psychology of security
  • psychologyofsecurity
  • public interest
  • public transit
  • publicinterest
  • publictransit
  • qatar
  • QR codes
  • quantum computing
  • quantum cryptography
  • quantumcomputing
  • quantumcryptography
  • radio
  • random numbers
  • randomnumbers
  • ransomware
  • redaction
  • regulation
  • replayattacks
  • reports
  • reputation
  • resilience
  • Resilient Systems
  • resilientsystems
  • restaurants
  • retail
  • reverse engineering
  • reverseengineering
  • rfid
  • risk assessment
  • riskassessment
  • risks
  • robbery
  • robotics
  • rootkits
  • rsa
  • russia
  • sabotage
  • Safari
  • safes
  • samsung
  • saudiarabia
  • scada
  • scams
  • scanners
  • Schneier news
  • Schneier on Security (book)
  • schneiernews
  • schneierslaw
  • schools
  • sciencefiction
  • search engines
  • searches
  • secrecy
  • secretsharing
  • security analysis
  • security conferences
  • security education
  • security engineering
  • security standards
  • Security technology
  • security theater
  • security tokens
  • securityanalysis
  • securityawareness
  • securityconferences
  • securityeducation
  • securityengineering
  • securitymindset
  • securitymonitoring
  • securitypolicies
  • securityquestions
  • securitystandards
  • securitytheater
  • securitytokens
  • sensors
  • sha1
  • side-channel attacks
  • sidechannelattacks
  • signal
  • signatures
  • SIM cards
  • simcards
  • skimmers
  • skype
  • smart cards
  • smartcards
  • smartphones
  • sms
  • smuggling
  • snake oil
  • snakeoil
  • social engineering
  • social media
  • socialengineering
  • socialmedia
  • societalsecurity
  • software
  • software liability
  • softwareliability
  • sony
  • southkorea
  • spain
  • spam
  • spoofing
  • sports
  • spyware
  • SQL injection
  • sqlinjection
  • squid
  • ss7
  • ssh
  • ssl
  • stalking
  • steganography
  • stuxnet
  • supply chain
  • supplychain
  • surveillance
  • sweden
  • switzerland
  • symantec
  • syria
  • T-Mobile
  • Taiwan
  • tamper detection
  • tamperdetection
  • taxonomies
  • TED
  • telecom
  • telegram
  • television
  • tempest
  • terms of service
  • termsofservice
  • terrorism
  • Thailand
  • theft
  • threat models
  • threatalerts
  • threatmodels
  • tls
  • tor
  • torrents
  • torture
  • tpm
  • tracing
  • tracking
  • tradecraft
  • traffic analysis
  • trafficanalysis
  • transparency
  • transportation
  • treaties
  • trust
  • tsa
  • turkey
  • twitter
  • two-factor authentication
  • twofactorauthentication
  • twofish
  • uae
  • uber
  • uk
  • ukraine
  • un
  • Uncategorized
  • undercover
  • unitedarabemirates
  • usability
  • usb
  • usps
  • utilities
  • uzbekistan
  • verisign
  • verizon
  • video
  • videoconferencing
  • videos
  • violence
  • voice recognition
  • voicerecognition
  • voip
  • voting
  • vpn
  • vulnerabilities
  • war
  • war on the unexpected
  • warontheunexpected
  • watchlists
  • weapons
  • web
  • web privacy
  • webprivacy
  • whatsapp
  • whistleblowers
  • Wi-Fi
  • wifi
  • wikileaks
  • windows
  • wireless
  • yahoo
  • zero-day
  • zeroday

Archives

  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014

Copyright © 2025 SSL and internet security news.

Theme: Oceanly by ScriptsTown