Pay attention to opsec.
Welcome newbie.
If you wanna be here, obey our rules:
1. NO RACISM
2. NO ASSHOLES
3. NO POLITICS
4. RESPECT ADMINS
5. STFU WHILE THE CLASS IS TAUGHT
6. DO NOT GIVE AWAY YOUR LOCATION AND PERSONAL INFO, OPSEC RULES
--- OPSEC CHECK ---
--General Settings
Never use real name.
Never use real display pictures.
Leave username blank; having a username makes you easier to identify and find.
Nothing revealing in your bio.
--Privacy Settings
Phone number -> Nobody
Last Seen & Online -> Nobody
Profile Photo -> Everybody (you'll look suss without it)
Forwarded Messages -> Nobody
Calls -> Nobody
Add to Groups -> Contacts
--Security
Set passcode.
Set two factor authentication password.
--Additional Phone
Who can see it -> Nobody
Who can find me via it -> Contacts (not the best but it's the best telegram will allow)
--Additional Call
Who can call -> Nobody
Peer to Peer -> Nobody
Welcome newbie.
If you wanna be here, obey our rules:
1. NO RACISM
2. NO ASSHOLES
3. NO POLITICS
4. RESPECT ADMINS
5. STFU WHILE THE CLASS IS TAUGHT
6. DO NOT GIVE AWAY YOUR LOCATION AND PERSONAL INFO, OPSEC RULES
--- OPSEC CHECK ---
--General Settings
Never use real name.
Never use real display pictures.
Leave username blank; having a username makes you easier to identify and find.
Nothing revealing in your bio.
--Privacy Settings
Phone number -> Nobody
Last Seen & Online -> Nobody
Profile Photo -> Everybody (you'll look suss without it)
Forwarded Messages -> Nobody
Calls -> Nobody
Add to Groups -> Contacts
--Security
Set passcode.
Set two factor authentication password.
--Additional Phone
Who can see it -> Nobody
Who can find me via it -> Contacts (not the best but it's the best telegram will allow)
--Additional Call
Who can call -> Nobody
Peer to Peer -> Nobody
❤1
This media is not supported in your browser
VIEW IN TELEGRAM
Loose Lips 👄
Sink Ships 🚢
Sink Ships 🚢
This media is not supported in your browser
VIEW IN TELEGRAM
These are the 5 steps involved in OPSEC
1- Identify critical information
2- Analyze threats
3- Analyze vulnerabilities
4- Assess risks
5- Apply countermeasures
1- Identify critical information
2- Analyze threats
3- Analyze vulnerabilities
4- Assess risks
5- Apply countermeasures
Step 1: Identify critical information: Understand what information is sensitive
The first step is to determine what data would be particularly harmful to the organization if an adversary obtained it.
This includes intellectual property, employees' or customers' personally identifiable information, financial statements, credit card data and product research.
Critical information is any information you have in your device that could be used against you, given you are toughened enough to keep those inside your head a secret even under torture or similar circumstances.
The first step is to determine what data would be particularly harmful to the organization if an adversary obtained it.
This includes intellectual property, employees' or customers' personally identifiable information, financial statements, credit card data and product research.
Critical information is any information you have in your device that could be used against you, given you are toughened enough to keep those inside your head a secret even under torture or similar circumstances.
Step 2: Threat assessment: Identify potential cybersecurity threats.
The next step is to identify who is a threat to the organization's critical information.
There may be numerous adversaries who target different information, and companies must consider any competitors or hackers who might target the data.
The goal of threat analysis is to understand how adversaries could target an organization and use information to their advantage.
The threat analysis includes identifying potential adversaries and their associated capabilities and intentions to collect, analyze, and exploit critical information and indicators.
Organizations should seek support from their security, intelligence, and counterintelligence experts
The next step is to identify who is a threat to the organization's critical information.
There may be numerous adversaries who target different information, and companies must consider any competitors or hackers who might target the data.
The goal of threat analysis is to understand how adversaries could target an organization and use information to their advantage.
The threat analysis includes identifying potential adversaries and their associated capabilities and intentions to collect, analyze, and exploit critical information and indicators.
Organizations should seek support from their security, intelligence, and counterintelligence experts
Step 3: Vulnerability analysis: Identify weaknesses in security
In this stage, the organization examines potential weaknesses among the safeguards in place to protect critical information and identifies which ones leave it vulnerable.
This step includes finding any potential lapses in physical and electronic processes designed to protect against the predetermined threats or areas where a lack of security awareness training leaves information open to attack.
To perform vulnerability analysis, an OPSEC analyst must consider the adversary's perspective and try to identify any susceptibilities that could be exploited.
This includes:
• The types of activities an adversary could observe
•The types of information an adversary could collect
•Organizational weaknesses that an adversary could exploit
•Potential gaps in physical or electronic processes
•Areas where a lack of security awareness training could leave information vulnerable
In this stage, the organization examines potential weaknesses among the safeguards in place to protect critical information and identifies which ones leave it vulnerable.
This step includes finding any potential lapses in physical and electronic processes designed to protect against the predetermined threats or areas where a lack of security awareness training leaves information open to attack.
To perform vulnerability analysis, an OPSEC analyst must consider the adversary's perspective and try to identify any susceptibilities that could be exploited.
This includes:
• The types of activities an adversary could observe
•The types of information an adversary could collect
•Organizational weaknesses that an adversary could exploit
•Potential gaps in physical or electronic processes
•Areas where a lack of security awareness training could leave information vulnerable
Step 4: Assess risks
Risk assessment is a key step in the Operations Security (OPSEC) process, which is a strategy and process for managing risk and security. The goal of OPSEC is to protect sensitive information and prevent it from falling into the wrong hands
In a risk assessment, you compare threats and vulnerabilities to determine the potential risk of adversary intelligence collection activities.
This includes assessing How likely it is that you will be targeted, information exploited and the consequences of exploiting your information
The level of risk you determine will help you decide if you need to assign a countermeasure to a vulnerability.
For example, if the vulnerability is high and the adversary threat is clear, you might expect adversary exploitation and assess the risk as high. In this case, you would need to implement countermeasures to mitigate the risk or reduce it to an acceptable level.
However, if the vulnerability is low and the adversary's collection ability is moderate or low, you might determine the risk as low and not require any protective measures
Risk assessment is a key step in the Operations Security (OPSEC) process, which is a strategy and process for managing risk and security. The goal of OPSEC is to protect sensitive information and prevent it from falling into the wrong hands
In a risk assessment, you compare threats and vulnerabilities to determine the potential risk of adversary intelligence collection activities.
This includes assessing How likely it is that you will be targeted, information exploited and the consequences of exploiting your information
The level of risk you determine will help you decide if you need to assign a countermeasure to a vulnerability.
For example, if the vulnerability is high and the adversary threat is clear, you might expect adversary exploitation and assess the risk as high. In this case, you would need to implement countermeasures to mitigate the risk or reduce it to an acceptable level.
However, if the vulnerability is low and the adversary's collection ability is moderate or low, you might determine the risk as low and not require any protective measures
Step 5: Apply Countermeasures
Countermeasures are intended to prevent an adversary from successfully obtaining critical information.
Countermeasures should be applied when the level of risk is determined to be unacceptable and are implemented to mitigate risk or to reduce risk to a more acceptable level.
Countermeasures can include:
•Educating yourself: Learn about threats and vulnerabilities
•Using security precautions: Use physical, personal, and cyber security measures
•Enforcing policies: Create new policies around sensitive data
•Manipulating an adversary's perception: Hide or control indicators, vary routes, or modify schedules
•Using technological solutions: Encrypt files, use multi-factor authentication, or segment networks
Countermeasures are intended to prevent an adversary from successfully obtaining critical information.
Countermeasures should be applied when the level of risk is determined to be unacceptable and are implemented to mitigate risk or to reduce risk to a more acceptable level.
Countermeasures can include:
•Educating yourself: Learn about threats and vulnerabilities
•Using security precautions: Use physical, personal, and cyber security measures
•Enforcing policies: Create new policies around sensitive data
•Manipulating an adversary's perception: Hide or control indicators, vary routes, or modify schedules
•Using technological solutions: Encrypt files, use multi-factor authentication, or segment networks
Now that we have a full understanding of what Operational Security is and how it works, let’s see how it affects us.
You see.. Anyone can use the principles of OPSEC to protect themselves and their privacy.
It’s up to you if you want to follow OPSEC, all we can do is show you the way
You see.. Anyone can use the principles of OPSEC to protect themselves and their privacy.
It’s up to you if you want to follow OPSEC, all we can do is show you the way
Rule no.6
Do not give away your location and personal info.
In creating those rules, we were mainly focused on your telegram presence and how to protect yourself.
https://t.me/AzazelMain/1244027
Do not give away your location and personal info.
In creating those rules, we were mainly focused on your telegram presence and how to protect yourself.
https://t.me/AzazelMain/1244027
Telegram
Azazel News in Doomsday Preppers and Survivalist.
Welcome newbie.
If you wanna be here, obey our rules:
1. NO RACISM
2. NO ASSHOLES
3. NO POLITICS
4. RESPECT ADMINS
5. STFU WHILE THE CLASS IS TAUGHT
6. DO NOT GIVE AWAY YOUR LOCATION AND PERSONAL INFO, OPSEC RULES
--- OPSEC CHECK ---
--General Settings…
If you wanna be here, obey our rules:
1. NO RACISM
2. NO ASSHOLES
3. NO POLITICS
4. RESPECT ADMINS
5. STFU WHILE THE CLASS IS TAUGHT
6. DO NOT GIVE AWAY YOUR LOCATION AND PERSONAL INFO, OPSEC RULES
--- OPSEC CHECK ---
--General Settings…
Let’s focus on step 1:
Identifying critical information (CI)
(CI) is the first step in the Operations Security (OPSEC) cycle.
CI is information that an organization determines is important and could be harmful to the organization if exposed to an adversary.
CI can be classified or unclassified and may be part of a larger puzzle.
Identifying critical information (CI)
(CI) is the first step in the Operations Security (OPSEC) cycle.
CI is information that an organization determines is important and could be harmful to the organization if exposed to an adversary.
CI can be classified or unclassified and may be part of a larger puzzle.
1. Patterns and predictive behavior.
From reading group comments it’s easy to predict who will comment on which type of content.
While this itself isn’t necessarily an issue, it can give others an idea of your patterns and behaviors online & IRL as well.
The fix?
Observe & be aware of your patterns and behaviors so you have an understanding of your vulnerabilities, its risks and have the ability to implement countermeasures if necessary.
Some patterns are harmless and can stay put-others need to be reconsidered.
Don’t follow the same patterns: Be unpredictable!
Don’t let your “playbook” be transparent online or IRL.
If you have to use same routes and places...be aware of people and cars you might often see. Can anyone be tracking you? Is anything feeling off?
From reading group comments it’s easy to predict who will comment on which type of content.
While this itself isn’t necessarily an issue, it can give others an idea of your patterns and behaviors online & IRL as well.
The fix?
Observe & be aware of your patterns and behaviors so you have an understanding of your vulnerabilities, its risks and have the ability to implement countermeasures if necessary.
Some patterns are harmless and can stay put-others need to be reconsidered.
Don’t follow the same patterns: Be unpredictable!
Don’t let your “playbook” be transparent online or IRL.
If you have to use same routes and places...be aware of people and cars you might often see. Can anyone be tracking you? Is anything feeling off?
2. Collecting data from social media sites.
This is where some of you fail.
Using the same username for telegram, instagram and X?!
How hard do you think it would be to connect your dots?? No bueno😬
Another big one:
NEVER post pics or videos of yourself or your children on social media.
Additionally, do not post current locations or your plans especially while you are there.
It is not too difficult to map out a persons patterns and behaviors using a simple glance thru social media.
This is where some of you fail.
Using the same username for telegram, instagram and X?!
How hard do you think it would be to connect your dots?? No bueno😬
Another big one:
NEVER post pics or videos of yourself or your children on social media.
Additionally, do not post current locations or your plans especially while you are there.
It is not too difficult to map out a persons patterns and behaviors using a simple glance thru social media.
Media is too big
VIEW IN TELEGRAM
There have been multiple instances where woman or kids were tracked and kidnapped through social media accounts using location pattern tracking or other critical information.
In 2020, the National Center for Missing and Exploited Children reported 3,000 cases of social media-related kidnapping."
https://wifitalents.com/statistic/social-media-kidnapping/
https://wifitalents.com/statistic/social-media-kidnapping/
3. Interception of communications.
Be a digital ghost:
• Have several email accounts for different purposes.
• Have several phone / phone #’s.
•Turn cookies off
•use Brave browser or VPN.
•Trim tracking links after “?”
•Don’t mention sensitive information over phone conversations or in front of Alexa or smartwatch lol
For starters, this means you'll have several digital me's, every single one is different, incomplete, and can’t be easily connected to real you.
Signs of phone being listened to:
•sudden low battery life,
•antivirus stopped working,
•weird noise while talking,
•overheating,
•data upload suddenly huge
(More on this later)
Be a digital ghost:
• Have several email accounts for different purposes.
• Have several phone / phone #’s.
•Turn cookies off
•use Brave browser or VPN.
•Trim tracking links after “?”
•Don’t mention sensitive information over phone conversations or in front of Alexa or smartwatch lol
For starters, this means you'll have several digital me's, every single one is different, incomplete, and can’t be easily connected to real you.
Signs of phone being listened to:
•sudden low battery life,
•antivirus stopped working,
•weird noise while talking,
•overheating,
•data upload suddenly huge