Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Hackers have compromised over 100 CCTV cameras across multiple locations in Israel, obtaining sensitive footage in the latest CCTV breach.
@TheGhostITM
@TheGhostITM
South Korean Buddhist monks performed full prostrations as they marched toward the U.S. embassy in Seoul in a protest against the war on Iran.
Photos | Palestinian barbers continue their work inside tents after losing their shops in Israei airstrikes, in Khan Younis, central Gaza Strip.
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
The Economist reports US & Israeli forces are scaling software-driven targeting systems to accelerate strike decisions.
Automation speeds the kill chain—but introduces risk: flawed data, bias, and misclassification can turn bugs into casualties.
When targeting becomes code, errors aren’t just technical—they’re lethal.
@TheGhostITM
Automation speeds the kill chain—but introduces risk: flawed data, bias, and misclassification can turn bugs into casualties.
When targeting becomes code, errors aren’t just technical—they’re lethal.
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
The Trump administration’s latest cybersecurity strategy signals an ambitious posture, but a closer examination reveals notable gaps between rhetoric and operational readiness.
While the increasing complexity of global cyber threats demands urgent attention, the strategy document itself is strikingly brief, offering limited detail on execution or prioritization. Critical threat actors—most notably China—are not explicitly mentioned, even though U.S. intelligence assessments consistently identify Beijing as the most persistent and capable cyber adversary. Campaigns such as “Salty Typhoon” have demonstrated the scale and depth of Chinese intrusion into U.S. infrastructure, yet the strategy leans heavily on vague assertions of American superiority rather than outlining concrete countermeasures.
The document also downplays the cyber implications of geopolitical tensions. Escalations involving Iran, for instance, have historically translated into increased cyber activity targeting U.S. assets and regional interests. Yet the strategy offers little indication of a coordinated plan to mitigate these risks or integrate cyber diplomacy into broader conflict management efforts.
Domestically, structural weaknesses further complicate the picture. Key cybersecurity leadership positions remain vacant, while agencies such as the Cybersecurity and Infrastructure Security Agency (CISA) have experienced staffing constraints. The dissolution of the State Department’s cyber-focused diplomatic functions has also reduced the United States’ ability to shape international cyber norms. Meanwhile, U.S. Cyber Command continues to grapple with personnel and experience gaps, constraining its ability to scale operations effectively.
Taken together, these issues highlight a disconnect between strategic ambition and institutional capacity. While the strategy signals intent, its lack of specificity, combined with organizational shortfalls, raises concerns about the United States’ preparedness to address rapidly evolving cyber threats in a contested global environment.
@TheGhostITM
While the increasing complexity of global cyber threats demands urgent attention, the strategy document itself is strikingly brief, offering limited detail on execution or prioritization. Critical threat actors—most notably China—are not explicitly mentioned, even though U.S. intelligence assessments consistently identify Beijing as the most persistent and capable cyber adversary. Campaigns such as “Salty Typhoon” have demonstrated the scale and depth of Chinese intrusion into U.S. infrastructure, yet the strategy leans heavily on vague assertions of American superiority rather than outlining concrete countermeasures.
The document also downplays the cyber implications of geopolitical tensions. Escalations involving Iran, for instance, have historically translated into increased cyber activity targeting U.S. assets and regional interests. Yet the strategy offers little indication of a coordinated plan to mitigate these risks or integrate cyber diplomacy into broader conflict management efforts.
Domestically, structural weaknesses further complicate the picture. Key cybersecurity leadership positions remain vacant, while agencies such as the Cybersecurity and Infrastructure Security Agency (CISA) have experienced staffing constraints. The dissolution of the State Department’s cyber-focused diplomatic functions has also reduced the United States’ ability to shape international cyber norms. Meanwhile, U.S. Cyber Command continues to grapple with personnel and experience gaps, constraining its ability to scale operations effectively.
Taken together, these issues highlight a disconnect between strategic ambition and institutional capacity. While the strategy signals intent, its lack of specificity, combined with organizational shortfalls, raises concerns about the United States’ preparedness to address rapidly evolving cyber threats in a contested global environment.
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Hackers have compromised over 100 CCTV cameras across multiple locations in Israel, obtaining sensitive footage in the latest CCTV breach.
@TheGhostITM
@TheGhostITM
1❤1
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Cyber Attacks During "Operation Israel" (Feb 23 – Mar 17)
The trend continues into the 18th day of the operation, with a significant increase in the number of attacks.
Most of the attacks are DDoS attacks and significant data leaks.
@TheGhostITM
The trend continues into the 18th day of the operation, with a significant increase in the number of attacks.
Most of the attacks are DDoS attacks and significant data leaks.
@TheGhostITM
1❤1
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
מתקפות סייבר במהלך "מבצע ישראל" (23 בפברואר – 17 במרץ)
המגמה נמשכת גם ביום ה-18 למבצע, עם עלייה משמעותית במספר המתקפות.
רוב המתקפות הן מתקפות DDoS ודליפות מידע משמעותיות.
@TheGhostITM
המגמה נמשכת גם ביום ה-18 למבצע, עם עלייה משמעותית במספר המתקפות.
רוב המתקפות הן מתקפות DDoS ודליפות מידע משמעותיות.
@TheGhostITM
⚡1
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
More than 150 different hacker groups and lone-wolf operatives are active in the cyber space against Israel. The main and most significant attacks are carried out by pro-Palestinian hacktivist groups and their affiliates, as well as pro-Iranian groups.
The government and financial sectors are the most targeted sectors, primarily through DDoS attacks and similar methods.
@TheGhostITM
The government and financial sectors are the most targeted sectors, primarily through DDoS attacks and similar methods.
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
יותר מ-150 קבוצות האקרים שונות ופועלים בודדים פועלים במרחב הסייבר נגד ישראל. המתקפות המרכזיות והמשמעותיות ביותר מבוצעות על ידי קבוצות האקטיביסטיות פרו-פלסטיניות ושותפיהן, וכן קבוצות פרו-איראניות.
המגזר הממשלתי והמגזר הפיננסי הם המגזרים המותקפים ביותר, בעיקר באמצעות מתקפות DDoS ושיטות דומות.
@TheGhostITM
המגזר הממשלתי והמגזר הפיננסי הם המגזרים המותקפים ביותר, בעיקר באמצעות מתקפות DDoS ושיטות דומות.
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Satellites as Cyberattack Vectors: Entry Points, Targets, and Disruption Tools
Can satellites enable cyberattacks on companies? Short answer: Not as kinetic weapons—but as hacked systems, digital gateways, and service disruptors.
Satellites themselves can be hacked via uplink command injection, software vulnerabilities in onboard systems, or ground station compromise. Once inside, attackers can alter orbits, disable payloads, or exfiltrate data. More commonly, they target ground segments—terminals, gateways, Network Control Centers—as entry points into corporate IT/OT networks.
Distinguish jamming/spoofing (signal denial/interception) from network intrusion:
- Jamming: Overwhelm satellite frequencies to blackout comms (seen in maritime GPS disruptions).
- Spoofing: Fake signals (e.g., GPS position falsification) to mislead navigation/autonomous systems.
- Intrusion: Pivot from satellite links into enterprise networks via unsegmented hybrid architectures.
Hybrid satellite networks (LEO/MEO/GEO + terrestrial 5G/fiber) amplify risks. Industries like shipping (Inmarsat/Iridium), aviation (SATCOM), oil/gas (remote SCADA), and energy (grid timing) treat satellites as "invisible pipes"—rarely segmented, often unmonitored. A single VSAT terminal breach cascades to HQ systems.
Real attacks confirm this: 2024 Viasat hack crippled Ukrainian military comms; merchant vessels report spoofed AIS positions in high-risk zones. Dependency = attack surface.
Fix now: Encrypt uplinks/downlinks, segment satellite traffic, monitor ground stations as critical assets. Satellite security isn't optional—it's mission-critical.
#Cybersecurity #SatelliteSecurity #SpaceCyber #OTSecurity #HybridNetworks
@TheGhostITM
Can satellites enable cyberattacks on companies? Short answer: Not as kinetic weapons—but as hacked systems, digital gateways, and service disruptors.
Satellites themselves can be hacked via uplink command injection, software vulnerabilities in onboard systems, or ground station compromise. Once inside, attackers can alter orbits, disable payloads, or exfiltrate data. More commonly, they target ground segments—terminals, gateways, Network Control Centers—as entry points into corporate IT/OT networks.
Distinguish jamming/spoofing (signal denial/interception) from network intrusion:
- Jamming: Overwhelm satellite frequencies to blackout comms (seen in maritime GPS disruptions).
- Spoofing: Fake signals (e.g., GPS position falsification) to mislead navigation/autonomous systems.
- Intrusion: Pivot from satellite links into enterprise networks via unsegmented hybrid architectures.
Hybrid satellite networks (LEO/MEO/GEO + terrestrial 5G/fiber) amplify risks. Industries like shipping (Inmarsat/Iridium), aviation (SATCOM), oil/gas (remote SCADA), and energy (grid timing) treat satellites as "invisible pipes"—rarely segmented, often unmonitored. A single VSAT terminal breach cascades to HQ systems.
Real attacks confirm this: 2024 Viasat hack crippled Ukrainian military comms; merchant vessels report spoofed AIS positions in high-risk zones. Dependency = attack surface.
Fix now: Encrypt uplinks/downlinks, segment satellite traffic, monitor ground stations as critical assets. Satellite security isn't optional—it's mission-critical.
#Cybersecurity #SatelliteSecurity #SpaceCyber #OTSecurity #HybridNetworks
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
The Fragmented Landscape of Hacktivism in the Israel–Hamas Cyber Conflict
By TGITM
The landscape of hacktivism surrounding the Israel–Hamas conflict (Al-Aqsa Flood Electronic Campaign) has undergone significant fragmentation and realignment since October 7, 2023.
Contrary to many threat intelligence narratives, a substantial portion of actors labeled as pro-Iranian or Iranian "hacktivist groups" they lebel this because lack organic ties to established hacktivist ecosystems, often the misrepresentation of hacktivism, because no affiliations, and has explained operational realities or closely relationships and no activism background. within activism background you can't know the depth or deeper understanding of hacktivism and stat le sponsored hackers. labeling all as Iranian is very deculalas and their followers are sheeps. Contrary to a lot of threat intel narratives, a big chunk of so‑called “pro-Iranian” or “Iranian hacktivist groups” are mislabeled. Slapping that tag on them ignores the fact that threat intel analysis have zero organic ties to real hacktivist ecosystems. No roots, no history, no actual activism.
This isn’t just misclassification—it’s a misunderstanding of what hacktivism actually is. Without knowing the culture, the networks, or the operational realities, you can’t just group everything under “Iranian” and call it analysis.
Real hacktivism comes from ideology, community, and experience—not random branding or state-linked assumptions. Lumping everything together like that isn’t just lazy, it’s misleading. And yeah, people who blindly follow those labels without questioning them aren’t helping either.
This isn’t analysis—it’s assumption dressed up as attribution.
Current estimates indicate that between 590 and 620 pro-Palestine hacktivist entities and aligned lone actors have emerged or been active since October 2023. However, approximately 60 percent of these are now inactive, dormant, or have rebranded under different identities—reflecting a common pattern in decentralized cyber movements where attribution and continuity remain fluid.
Within this broader ecosystem, a smaller subset—estimated between 100 and 115 groups—has explicitly aligned with Iran or expressed support for Iranian geopolitical positioning. This alignment is often overstated in external reporting. The majority of pro-Palestine hacktivists remain operationally independent, driven primarily by anti-Israel objectives rather than formal alliances with state actors.
The Anonymous collective remains one of the most misunderstood elements in this space. It is not a unified entity but a fragmented ideological banner. Factions identifying with Anonymous are split along geopolitical lines, with some aligning with Ukraine, NATO, or broader Western narratives, while others maintain traditional anti-state and anti-oppression positions. Notably, any faction claiming to operate under Anonymous while explicitly advancing pro-state agendas—particularly in alignment with U.S. or Israeli interests—contradicts the collective's foundational ethos and is widely regarded within the scene as inauthentic.
In the context of Israel, Anonymous-linked operations do not require triggering events such as Iranian involvement. Campaigns like OpIsrael have been consistently active, rooted in long-standing opposition to Israeli policies. Attempts to frame these operations as Iranian-influenced lack credibility within the hacktivist community itself.
On the opposing side, pro-Israel cyber activity from hacktivist-style actors remains limited. A small number of groups—fewer than six—primarily originating from India or pro-Ukraine circles, have conducted operations aligned with U.S. and Israeli interests against Iran. However, their scale, impact, and persistence remain marginal and do not represent a significant force within the broader cyber conflict.
By TGITM
The landscape of hacktivism surrounding the Israel–Hamas conflict (Al-Aqsa Flood Electronic Campaign) has undergone significant fragmentation and realignment since October 7, 2023.
Contrary to many threat intelligence narratives, a substantial portion of actors labeled as pro-Iranian or Iranian "hacktivist groups" they lebel this because lack organic ties to established hacktivist ecosystems, often the misrepresentation of hacktivism, because no affiliations, and has explained operational realities or closely relationships and no activism background. within activism background you can't know the depth or deeper understanding of hacktivism and stat le sponsored hackers. labeling all as Iranian is very deculalas and their followers are sheeps. Contrary to a lot of threat intel narratives, a big chunk of so‑called “pro-Iranian” or “Iranian hacktivist groups” are mislabeled. Slapping that tag on them ignores the fact that threat intel analysis have zero organic ties to real hacktivist ecosystems. No roots, no history, no actual activism.
This isn’t just misclassification—it’s a misunderstanding of what hacktivism actually is. Without knowing the culture, the networks, or the operational realities, you can’t just group everything under “Iranian” and call it analysis.
Real hacktivism comes from ideology, community, and experience—not random branding or state-linked assumptions. Lumping everything together like that isn’t just lazy, it’s misleading. And yeah, people who blindly follow those labels without questioning them aren’t helping either.
This isn’t analysis—it’s assumption dressed up as attribution.
Current estimates indicate that between 590 and 620 pro-Palestine hacktivist entities and aligned lone actors have emerged or been active since October 2023. However, approximately 60 percent of these are now inactive, dormant, or have rebranded under different identities—reflecting a common pattern in decentralized cyber movements where attribution and continuity remain fluid.
Within this broader ecosystem, a smaller subset—estimated between 100 and 115 groups—has explicitly aligned with Iran or expressed support for Iranian geopolitical positioning. This alignment is often overstated in external reporting. The majority of pro-Palestine hacktivists remain operationally independent, driven primarily by anti-Israel objectives rather than formal alliances with state actors.
The Anonymous collective remains one of the most misunderstood elements in this space. It is not a unified entity but a fragmented ideological banner. Factions identifying with Anonymous are split along geopolitical lines, with some aligning with Ukraine, NATO, or broader Western narratives, while others maintain traditional anti-state and anti-oppression positions. Notably, any faction claiming to operate under Anonymous while explicitly advancing pro-state agendas—particularly in alignment with U.S. or Israeli interests—contradicts the collective's foundational ethos and is widely regarded within the scene as inauthentic.
In the context of Israel, Anonymous-linked operations do not require triggering events such as Iranian involvement. Campaigns like OpIsrael have been consistently active, rooted in long-standing opposition to Israeli policies. Attempts to frame these operations as Iranian-influenced lack credibility within the hacktivist community itself.
On the opposing side, pro-Israel cyber activity from hacktivist-style actors remains limited. A small number of groups—fewer than six—primarily originating from India or pro-Ukraine circles, have conducted operations aligned with U.S. and Israeli interests against Iran. However, their scale, impact, and persistence remain marginal and do not represent a significant force within the broader cyber conflict.
1👍1
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Pro-Palestine hacktivist operations continue at a steady pace, with at least 36 active campaigns targeting Israeli infrastructure, data, and digital assets. While most of these groups do not oppose Iran, internal diversity exists, with some hacktivists expressing criticism of the Iranian government. However, at this time they will not vocalize such criticism, as they do not want momentum against Israeli infrastructure attacks to wane while still aligning on shared anti-Israel objectives.
Additionally, between 10 and 20 pro-Russian hacktivist groups have demonstrated support for Iran in the context of its tensions with Israel. These groups operate within a broader geopolitical framework, often positioning themselves against Western-aligned entities.
Purely Iranian hacktivist groups—those operating with clear national alignment—are estimated to number between 9 and 15. Their activities are typically more structured and strategic, occasionally overlapping with state interests, though not always directly attributable.
Overall, the hacktivist domain in this conflict is defined less by rigid alliances and more by overlapping motivations, temporary alignments, and decentralized action. Simplistic narratives that attempt to categorize these actors into fixed geopolitical blocs fail to capture the operational and ideological complexity on the ground.
@TheGhostITM
Additionally, between 10 and 20 pro-Russian hacktivist groups have demonstrated support for Iran in the context of its tensions with Israel. These groups operate within a broader geopolitical framework, often positioning themselves against Western-aligned entities.
Purely Iranian hacktivist groups—those operating with clear national alignment—are estimated to number between 9 and 15. Their activities are typically more structured and strategic, occasionally overlapping with state interests, though not always directly attributable.
Overall, the hacktivist domain in this conflict is defined less by rigid alliances and more by overlapping motivations, temporary alignments, and decentralized action. Simplistic narratives that attempt to categorize these actors into fixed geopolitical blocs fail to capture the operational and ideological complexity on the ground.
@TheGhostITM
1👍1
Forwarded from 𓂆 Palestine
اغتيال الإعلامي في قناة المنار الحج محمد شري وزوجته في غارات بيروت فجرا ..