-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
46 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| { | ||
| "pfp" : "images/statics/gary.jpg", | ||
| "nickname" : "Gary Mckinnon", | ||
| "poster" : "SOLO -zestyomnipotent", | ||
| "posterLink" : "https://twitter.com/zesty0mnipotent", | ||
| "osf" : ["ACC", "Y"], | ||
| "blog" : "Former hairdresser and system admin from Scotland with Asperger Syndrome, Gary McKinnon, was accused in 2002 of perpetrating the 'biggest military computer hack of all time', although he himself states that he was merely looking for evidence of free energy suppression and a cover-up of UFO activity and other technologies potentially useful to the public. On 16 October 2012, after a series of legal proceedings in Britain, then Home Secretary Theresa May blocked his extradition to the United States. US authorities stated he deleted critical files from operating systems, which shut down the United States Army's Military District of Washington network of 2000 computers for 24 hours. He also posted a notice on the military's website: 'Your security is crap'. After the September 11 attacks in 2001, he allegedly deleted weapons logs at the Earle Naval Weapons Station, rendering its network of 300 computers inoperable and paralyzing munitions supply deliveries for the US Navy's Atlantic Fleet. He was also accused of copying data, account files, and passwords onto his own computer. US authorities stated that the cost of tracking and correcting the problems he caused was over $700,000. He was caught after they found him, in part, based on evidence of his IP and his girlfriend's email address in the server logs of Binary Research, the distributor of RemotelyAnywhere, the program he used to access the military computers. Moral of the story: Hide your IP before doing retarded shit.", | ||
| "links" : ["https://en.m.wikipedia.org/wiki/Gary_McKinnon#"] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| { | ||
| "pfp" : "images/statics/pollard.png", | ||
| "nickname" : "Jonathan Pollard", | ||
| "poster" : "bugzorc", | ||
| "posterLink" : "https://x.com/bugzorc", | ||
| "osf" : ["ACC", "Y"], | ||
| "blog" : "It's been a good three years since Jonathan got his freedom pass as of writing this (3/2024). He packed his bags and headed for Israel, where he has been keeping a lower profile than a ninja in a library. He was charged for espionage and got a 30-year sentence. According to Jonathan, all governments are just the same old song and dance, using folks like him and tossing them out like yesterday's leftovers. He claims he was blind as a bat because he had this crazy love for Israel.<br><br>Jonathan's OpSec fails were about as shocking as finding a unicorn in your backyard. Here's a guy who used to be a hotshot intelligence analyst for the good ol' U.S. of A, but somehow, he managed to blow his cover faster than a birthday candle in a hurricane. He was living it up like a high roller, spending cash he didn't have, which is basically like waving a red flag in front of law enforcement's face. And to top it off, he couldn't keep his mouth shut around his co-workers, blabbering on about his secret squirrel plans. Talk about breaking one of the golden rules of espionage: keep it on the down-low and don't make a scene.<br><br>Now, let's talk about Jonathan's sidekick in crime – his then-wife, Anne. She hopped on board the espionage train with him, using classified documents like they were party favours to boost her own business ventures. When the fuzz came knocking, Anne forgot to tidy up, leaving a trail of breadcrumbs right to their doorstep. And just when things couldn't get any worse, she went and asked the neighbour for a hand. Rookie move, Anne. Everyone knows if you're gonna pull off some shady business, you fly solo. Bringing in backup just increases the chances of someone ratting you out or slipping up.<br><br>But wait, there's more! Jonathan thought he was untouchable, strutting around like he had a cloak of invisibility. He figured he could outsmart the big shots in U.S. counterintelligence, but boy, was he wrong. Overconfidence is like a bullseye on your back in the world of espionage. It blinds you to the very real consequences of your actions, like getting caught with your hand in the cookie jar.<br><br>Now, Jonathan's back in Israel, but it's not all sunshine and rainbows. Some folks in the Israeli security intel community aren't exactly rolling out the welcome mat for him. They give him the cold shoulder, but Jonathan insists the people still got love for him. Lesson learned: always stick with your crew, 'cause once you cross them, trust becomes as rare as a good hair day during a thunderstorm.", | ||
| "links" : ["https://www.youtube.com/watch?v=Clk7NIlWBJc"] | ||
| } | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| { | ||
| "pfp" : "images/statics/paula.png", | ||
| "nickname" : "Paula Broadwell", | ||
| "poster" : "bugzorc", | ||
| "posterLink" : "https://x.com/bugzorc", | ||
| "osf" : ["Y","ACC","CC","IPL","UGE","D","PO","POSF", "PNL"], | ||
| "blog" : "Welcome to OpSec Failures, your go-to blog for all things OpSec blunders! Today, we delve into the misadventures of Paula Broadwell, the first female – by the way – a name that has become synonymous with OpSec failures. After her blunder, the internet had a field day. Memes flooded social media platforms, depicting Paula as a modern-day spy-turned-comedian. From images of her manuscript with a 'Classified' stamp replaced by a clown nose to GIFs of her frantically hitting the 'Undo' button, the internet couldn't get enough of Paula's OpSec misstep.<br><br>The Unforgettable Email Mishap: Let's start with the infamous email mishap that catapulted Paula Broadwell into the spotlight. She inadvertently sent incriminating emails to the wrong recipient, igniting a chain of events that would ultimately lead to her downfall. Talk about a classic OpSec failure!<br><br>The Social Media Slip-up: Paula Broadwell's OpSec woes didn't end with the email debacle. Oh no, she was just getting started! Our intrepid subject made the mistake of posting sensitive information on social media platforms, giving adversaries a field day. Tip: When it comes to OpSec, it's best to keep your private life, well, private!<br><br>The Puzzling Password Choice: Now, let's dive into the intriguing world of password security – or lack thereof. Paula Broadwell's choice of passwords left much to be desired. From '123456' to 'password123,' it seemed she was determined to make hackers' lives easier. Remember, folks, a strong password is your first kindergarten course in OpSec.<br><br>The Inadvertent Location Sharing: In a surprising turn of events, Paula Broadwell unintentionally revealed her location through various online platforms. Whether she was unaware or simply didn't care, this OpSec blunder served as a cautionary tale for all of us. Always double-check your privacy settings and be mindful of the information you share!<br><br>As we end our blog, her OpSec failures have provided us with valuable lessons in the importance of safeguarding sensitive information. From email mishaps to questionable password choices, her story is a reminder that no one is immune to the perils of poor OpSec. Remember, a little vigilance and a touch of common sense can go a long way in protecting yourself online. Peace out.", | ||
| "links" : [""] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| { | ||
| "pfp" : "images/statics/roman.png", | ||
| "nickname" : "Track2", | ||
| "poster" : "bugzorc", | ||
| "posterLink" : "https://x.com/bugzorc", | ||
| "osf" : ["UGE","IP","MI"], | ||
| "blog" : "Roman Seleznev, son of Valery Seleznev, a member of Russia's Duma, known online as Track 2, nCuX, Bulba, Zagreb, Shmak, Smaus, is a Russian computer hacker who was arrested on July 5, 2014, and sentenced to 27 years in prison for wire fraud, intentional damage to protected computers, and identity theft. His case has a lot of drama, unlike any other covered on this site. The USSS believes that the FSB tipped Seleznev off after having a discussion with them. During his arrest, Russian officials called his arrest 'kidnapping'.<br><br>Let's dive into his OSF. His first blunder was using a 'glowie' email (emails that have a warrant, and then you're dead) to register domains. One of the email accounts was from Yahoo! and had been used to open a PayPal account. To make matters worse, it had been used to order flowers for a woman identified as Seleznev's wife.<br><br>Roman probably didn't monitor his server logs, as the Yahoo email was used to purchase a server. Of course, the law got its hands on it, which allowed them to monitor network connections to and from the device and told them which IP ports were used, but not the content of any communications. He also used the server for his personal web browsing.<br><br>He booked travel tickets that had his passport details on them, which also led to many of his online aliases being uncovered. To maintain operational security, it is essential to compartmentalize online identities and avoid cross-contamination. Using separate personas for different activities can help minimize the risk of being linked to illegal actions. Also, to cross your real-life alias with your cyber criminal alias, also if you get caught once, learn from your mistakes, or just be an HTML developer. Peace out.", | ||
| "links" : ["https://www.theregister.com/2017/07/27/russian_politicians_son_gets_27yrs_fraud/","https://en.wikipedia.org/wiki/Roman_Seleznev"] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| { | ||
| "pfp" : "images/statics/apts.png", | ||
| "nickname" : "Various APTs", | ||
| "poster" : "smoothingimpact", | ||
| "posterLink" : "https://x.com/smoothingimpact", | ||
| "osf" : ["ACC", "UGE", "PO", "Y", "POSF"], | ||
| "blog" : "This talk which has been modified by the admin is about following the OpSec failures (OSF) of various APTs, also called APT-17 panda or probably a million and one other different names, depending on which kind of vendor's naming convention you subscribe to. Let's talk about their OSF.<br><br>They used some of their victim's infrastructure to access social media profiles, which is a pretty big giveaway, but it might be a result of their own government's policies. Their mistake is probably using the infrastructure of the victim they are extorting instead of hacking into a random or anyone's device outside their operation. Some of the operators had curated their own handles over a really long period of time. This led trails to all activities they were doing.<br><br>They used personal emails to register C2 domains, and some of the operators reused the same passwords, which led to the identification of them over various hacks. They had the consistent use of the 'cpyy handle'. One of the emails was linked to a Picasa account which held a variety of photos of them. Actually, how long does it take to create a dummy email, 1 year? 2 months?<br><br>Before they went live with their Command and control servers, they used them for testing their tools and communicating. They forgot to clear down those logs and also misconfigured the server and left the log directory open to the internet so it was indexed by Google. They also used their corporate server to conduct their hacks. Other threat actors went online posting images of them holding their bundles of cash.<br><br>As time went on, they did sharpen their OpSec, but as I usually have Godlike OpSec since day one, as many OpSec blunders are made in the early life of threat actors, if you find that you made an OSF in your early days, it's better to create a new alias, even though the other has a big reputation, it ain't worth it. You never know how long you're going to stare at a wall. I also advise aspiring threat actors and intelligence analysts not to connect the real-life alias with their work alias. If possible, use another computer to conduct your work even if you have a billion layers of VMs, proxies, etc. Peace out.<br><br>Before I FORGET, for aspiring malware developers, always update your malware signature when scanning it. All the scanners log the scans for research. Because you made it this far, the second link is about OpSec. It's really good, TRUST ME.", | ||
| "links" : ["https://www.youtube.com/watch?v=NFJqD-LcpIg","https://www.youtube.com/watch?v=9XaYdCdwiWU"] | ||
| } |