Forwarded from BlackBox (Security) Archiv
Project DREAD: White House veterans helped Gulf monarchy build secret surveillance unit
In the years after 9/11, former U.S. counterterrorism czar Richard Clarke warned Congress that the country needed more expansive spying powers to prevent another catastrophe. Five years after leaving government, he shopped the same idea to an enthusiastic partner: an Arab monarchy with deep pockets.
In 2008, Clarke went to work as a consultant guiding the United Arab Emirates as it created a cyber surveillance capability that would utilize top American intelligence contractors to help monitor threats against the tiny nation.
The secret unit Clarke helped create had an ominous acronym: #DREAD, short for #Development #Research #Exploitation and #Analysis #Department. In the years that followed, the #UAE unit expanded its hunt far beyond suspected extremists to include a #Saudi womenβs rights activist, diplomats at the United Nations and personnel at #FIFA, the world soccer body. By 2012, the program would be known among its #American operatives by a codename: #Project #Raven.
Reuters reports this year revealed how a group of former National Security Agency operatives and other elite American intelligence veterans helped the UAE spy on a wide range of targets through the previously undisclosed program β from terrorists to human rights activists, journalists and dissidents.
Now, an examination of the origins of DREAD, reported here for the first time, shows how a pair of former senior White House leaders, working with ex-#NSA #spies and #Beltway contractors, played pivotal roles in building a program whose actions are now under scrutiny by federal authorities.
To chart the UAE spying missionβs evolution, #Reuters examined more than 10,000 DREAD program documents and interviewed more than a dozen contractors, intelligence operatives and former government insiders with direct knowledge of the program. The documents Reuters reviewed span nearly a decade of the DREAD program, starting in 2008, and include internal memos describing the projectβs logistics, operational plans and targets.
Clarke was the first in a string of former White House and U.S. defense executives who arrived in the UAE after 9/11 to build the spying unit. Utilizing his close relationship to the countryβs rulers, forged through decades of experience as a senior U.S. decision-maker, Clarke won numerous security consulting contracts in the UAE. One of them was to help build the secret spying unit in an unused airport facility in Abu Dhabi.
ππΌ Read more:
https://www.reuters.com/investigates/special-report/usa-raven-whitehouse/
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
In the years after 9/11, former U.S. counterterrorism czar Richard Clarke warned Congress that the country needed more expansive spying powers to prevent another catastrophe. Five years after leaving government, he shopped the same idea to an enthusiastic partner: an Arab monarchy with deep pockets.
In 2008, Clarke went to work as a consultant guiding the United Arab Emirates as it created a cyber surveillance capability that would utilize top American intelligence contractors to help monitor threats against the tiny nation.
The secret unit Clarke helped create had an ominous acronym: #DREAD, short for #Development #Research #Exploitation and #Analysis #Department. In the years that followed, the #UAE unit expanded its hunt far beyond suspected extremists to include a #Saudi womenβs rights activist, diplomats at the United Nations and personnel at #FIFA, the world soccer body. By 2012, the program would be known among its #American operatives by a codename: #Project #Raven.
Reuters reports this year revealed how a group of former National Security Agency operatives and other elite American intelligence veterans helped the UAE spy on a wide range of targets through the previously undisclosed program β from terrorists to human rights activists, journalists and dissidents.
Now, an examination of the origins of DREAD, reported here for the first time, shows how a pair of former senior White House leaders, working with ex-#NSA #spies and #Beltway contractors, played pivotal roles in building a program whose actions are now under scrutiny by federal authorities.
To chart the UAE spying missionβs evolution, #Reuters examined more than 10,000 DREAD program documents and interviewed more than a dozen contractors, intelligence operatives and former government insiders with direct knowledge of the program. The documents Reuters reviewed span nearly a decade of the DREAD program, starting in 2008, and include internal memos describing the projectβs logistics, operational plans and targets.
Clarke was the first in a string of former White House and U.S. defense executives who arrived in the UAE after 9/11 to build the spying unit. Utilizing his close relationship to the countryβs rulers, forged through decades of experience as a senior U.S. decision-maker, Clarke won numerous security consulting contracts in the UAE. One of them was to help build the secret spying unit in an unused airport facility in Abu Dhabi.
ππΌ Read more:
https://www.reuters.com/investigates/special-report/usa-raven-whitehouse/
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
Forwarded from BlackBox (Security) Archiv
CCC analyses Munich's state trojan FinSpy
The technical #analysis of copies of the #FinSpy #malware substantiates the reasons for the criminal complaint against the Munich manufacturer of the #StateTrojan. The #CCC publishes its report as well as several variants of FinSpy and a complete documentation of the analysis.
#Security researchers of the Chaos Computer Club (CCC) have analyzed a total of 28 copies of the #spy-#software FinSpy for #Android from 2012 to 2019. The main focus of the investigation was the origin of the malware and the date of its production. The reason for the investigation is the criminal complaint of the Gesellschaft fΓΌr Freiheitsrechte (GFF) and other organizations against the German group of companies #FinFisher because of the deliberate violation of licensing requirements for dual-use software according to Β§ 18 para. 2 No. 1 and Β§ 18 para. 5 No. 1 Foreign Trade Act (AWG).
The CCC today publishes its comprehensive report: Evolution of a private sector malware for governmental players
π‘ The result of the analysis is that a copy of malware, which according to the GFF was used against the Turkish opposition movement in 2016, was clearly created after the EU export control regulations for surveillance software came into force.
π‘ By comparing it with over twenty other copies from a seven-year period, the CCC shows continuity in the further development into which this copy fits. This is seen as a strong indication that it is a variant of the state Trojan "FinSpy". FinSpy is a product of the FinFisher group of companies, which has branches in Munich and elsewhere.
π‘ In its report, the CCC also documents references to German-speaking developers that can be found in the source code.
"Our analysis shows that surveillance software originally from Germany was apparently used against democratic dissidents," said Linus Neumann, one of the authors of the analysis. "How this could have come about, the public prosecutor's office and the customs criminal office must now clarify."
https://github.com/linuzifer/FinSpy-Dokumentation
https://github.com/devio/FinSpy-Tools
ππΌ Read more:
https://www.ccc.de/de/updates/2019/finspy
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
The technical #analysis of copies of the #FinSpy #malware substantiates the reasons for the criminal complaint against the Munich manufacturer of the #StateTrojan. The #CCC publishes its report as well as several variants of FinSpy and a complete documentation of the analysis.
#Security researchers of the Chaos Computer Club (CCC) have analyzed a total of 28 copies of the #spy-#software FinSpy for #Android from 2012 to 2019. The main focus of the investigation was the origin of the malware and the date of its production. The reason for the investigation is the criminal complaint of the Gesellschaft fΓΌr Freiheitsrechte (GFF) and other organizations against the German group of companies #FinFisher because of the deliberate violation of licensing requirements for dual-use software according to Β§ 18 para. 2 No. 1 and Β§ 18 para. 5 No. 1 Foreign Trade Act (AWG).
The CCC today publishes its comprehensive report: Evolution of a private sector malware for governmental players
π‘ The result of the analysis is that a copy of malware, which according to the GFF was used against the Turkish opposition movement in 2016, was clearly created after the EU export control regulations for surveillance software came into force.
π‘ By comparing it with over twenty other copies from a seven-year period, the CCC shows continuity in the further development into which this copy fits. This is seen as a strong indication that it is a variant of the state Trojan "FinSpy". FinSpy is a product of the FinFisher group of companies, which has branches in Munich and elsewhere.
π‘ In its report, the CCC also documents references to German-speaking developers that can be found in the source code.
"Our analysis shows that surveillance software originally from Germany was apparently used against democratic dissidents," said Linus Neumann, one of the authors of the analysis. "How this could have come about, the public prosecutor's office and the customs criminal office must now clarify."
https://github.com/linuzifer/FinSpy-Dokumentation
https://github.com/devio/FinSpy-Tools
ππΌ Read more:
https://www.ccc.de/de/updates/2019/finspy
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
Forwarded from BlackBox (Security) Archiv
Analyzing Analytics (Featuring: The FBI)
Recently while conducting some research, I found myself down the path of Google Analytics IDβs as well as other analytics services. I was investigating ways to not only identify varying analytics code in sites, but to correlate them with other sites that may be linked to the same owner. Please note before further reading: I make some guesses about what I find, though thatβs contrary to the concept of analysis, and I am not presuming to know definitively why I am seeing what I am seeing in this specific case study. Itβs all just very curious to me. Dive in and take a look for yourself!
ππΌ Read more:
https://exploits.run/analytics-analysis-fbi/
#FBI #analytics #analysis
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
Recently while conducting some research, I found myself down the path of Google Analytics IDβs as well as other analytics services. I was investigating ways to not only identify varying analytics code in sites, but to correlate them with other sites that may be linked to the same owner. Please note before further reading: I make some guesses about what I find, though thatβs contrary to the concept of analysis, and I am not presuming to know definitively why I am seeing what I am seeing in this specific case study. Itβs all just very curious to me. Dive in and take a look for yourself!
ππΌ Read more:
https://exploits.run/analytics-analysis-fbi/
#FBI #analytics #analysis
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
Forwarded from BlackBox (Security) Archiv
PWDB - New generation of Password Mass-Analysis
One out of every 142 passwords is '123456'
The '123456' password was spotted 7 million times across a data trove of one billion leaked credentials, on one of the biggest password re-use studies of its kind.
ππΌ PWDB - New generation of Password Mass-Analysis
https://github.com/FlameOfIgnis/Pwdb-Public
ππΌ Read more:
https://www.zdnet.com/article/one-out-of-every-142-passwords-is-123456/
#passwords #study #analysis
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
One out of every 142 passwords is '123456'
The '123456' password was spotted 7 million times across a data trove of one billion leaked credentials, on one of the biggest password re-use studies of its kind.
ππΌ PWDB - New generation of Password Mass-Analysis
https://github.com/FlameOfIgnis/Pwdb-Public
ππΌ Read more:
https://www.zdnet.com/article/one-out-of-every-142-passwords-is-123456/
#passwords #study #analysis
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
GitHub
GitHub - ignis-sec/Pwdb-Public: A collection of all the data i could extract from 1 billion leaked credentials from internet.
A collection of all the data i could extract from 1 billion leaked credentials from internet. - ignis-sec/Pwdb-Public
Forwarded from BlackBox (Security) Archiv
A Five-Year Analysis of the Darknet
The last five years have seen the evolution and adaptation of dark web marketplaces to usher in a new era of cybercrime.
The dark web has played host to a large community of users selling illegal goods and cybercriminal services for years.
The past five years has seen the paradigm shift in the manner in which darknet markets operate, with the evolution of these sites to adapt to changing buyer need, supply chain factors and emerging technologies.
An Overview:
Looking back, Silk Road was launched in the year 2011 at the first dark web marketplace. The years that followed were marked with steady growth that has since expanded. Tor, which happens to be one of the most popular anonymity tools used by darknet market users, was found to host roughly 80,000 platforms, according to a 2015 report.
Experts estimate that the dark web economy garners more than $1 trillion in annual revenues, a staggering figure that surpasses the Gross Domestic Product of several countries of the world.
Indeed, this success can be attributed to the fact that dark web marketplaces have continued to evolve and shift according to metamorphoses of the global threat landscape. The past five years have been marked by significant shifts to emergent platforms, communication channels and products, as darknet user paranoia continues to grow across the board.
In 2019 alone, analysts noted that the emergence of radical changes in the public sphere had a profound effect in the dark web underworld where fake news and propaganda services grew tremendously.
In addition, the channels of darknet communication were subjected to significant changes, along with shift in the manner in which dark web markets and forums were managed.
π ππΌ (Tor-Browser)
http://tapeucwutvne7l5o.onion/a-five-year-analysis-of-the-darknet
#analysis #darknet
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
The last five years have seen the evolution and adaptation of dark web marketplaces to usher in a new era of cybercrime.
The dark web has played host to a large community of users selling illegal goods and cybercriminal services for years.
The past five years has seen the paradigm shift in the manner in which darknet markets operate, with the evolution of these sites to adapt to changing buyer need, supply chain factors and emerging technologies.
An Overview:
Looking back, Silk Road was launched in the year 2011 at the first dark web marketplace. The years that followed were marked with steady growth that has since expanded. Tor, which happens to be one of the most popular anonymity tools used by darknet market users, was found to host roughly 80,000 platforms, according to a 2015 report.
Experts estimate that the dark web economy garners more than $1 trillion in annual revenues, a staggering figure that surpasses the Gross Domestic Product of several countries of the world.
Indeed, this success can be attributed to the fact that dark web marketplaces have continued to evolve and shift according to metamorphoses of the global threat landscape. The past five years have been marked by significant shifts to emergent platforms, communication channels and products, as darknet user paranoia continues to grow across the board.
In 2019 alone, analysts noted that the emergence of radical changes in the public sphere had a profound effect in the dark web underworld where fake news and propaganda services grew tremendously.
In addition, the channels of darknet communication were subjected to significant changes, along with shift in the manner in which dark web markets and forums were managed.
π ππΌ (Tor-Browser)
http://tapeucwutvne7l5o.onion/a-five-year-analysis-of-the-darknet
#analysis #darknet
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Forwarded from BlackBox (Security) Archiv
What they do in the shadows - examining the far-right networks on Telegram
The present paper contributes to the research on the activities of far-right actors on social media by examining the interconnections between far-right actors and groups on Telegram platform using network analysis. The far-right network observed on Telegram is highly decentralized, similarly to the far-right networks found on other social media platforms. The network is divided mostly along the ideological and national lines, with the communities related to 4chan imageboard and Donald Trumpβs supporters being the most influential.
The analysis of the network evolution shows that the start of its explosive growth coincides in time with the mass bans of the far-right actors on mainstream social media platforms. The observed patterns of network evolution suggest that the simultaneous migration of these actors to Telegram has allowed them to swiftly recreate their connections and gain prominence in the network thus casting doubt on the effectiveness of deplatforming for curbing the influence of far-right and other extremist actors.
π ππΌ https://www.tandfonline.com/doi/full/10.1080/1369118X.2020.1803946
#telegram #tg #shadow #interconnections #research #analysis #extremist #4chan
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
The present paper contributes to the research on the activities of far-right actors on social media by examining the interconnections between far-right actors and groups on Telegram platform using network analysis. The far-right network observed on Telegram is highly decentralized, similarly to the far-right networks found on other social media platforms. The network is divided mostly along the ideological and national lines, with the communities related to 4chan imageboard and Donald Trumpβs supporters being the most influential.
The analysis of the network evolution shows that the start of its explosive growth coincides in time with the mass bans of the far-right actors on mainstream social media platforms. The observed patterns of network evolution suggest that the simultaneous migration of these actors to Telegram has allowed them to swiftly recreate their connections and gain prominence in the network thus casting doubt on the effectiveness of deplatforming for curbing the influence of far-right and other extremist actors.
π ππΌ https://www.tandfonline.com/doi/full/10.1080/1369118X.2020.1803946
#telegram #tg #shadow #interconnections #research #analysis #extremist #4chan
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Taylor & Francis
What they do in the shadows: examining the far-right networks on Telegram
The present paper contributes to the research on the activities of far-right actors on social media by examining the interconnections between far-right actors and groups on Telegram platform using ...
Forwarded from BlackBox (Security) Archiv
So, these asses have been scraping telegram searching for users and groups and building a whole goddamn database containing thousands of records of people talking/connecting/being in groups (which goes against telegram's main premise).
They even admit that governments use them... Which is also something Durov doesn't approve of.
And they cannot even sanitize their input.
π ππΌ https://t.me/BlackBox_Archiv/1166
#telegram #tg #durov #shadow #interconnections #research #analysis #gov #extremist #4chan #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
They even admit that governments use them... Which is also something Durov doesn't approve of.
And they cannot even sanitize their input.
π ππΌ https://t.me/BlackBox_Archiv/1166
#telegram #tg #durov #shadow #interconnections #research #analysis #gov #extremist #4chan #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Media is too big
VIEW IN TELEGRAM
Media is too big
VIEW IN TELEGRAM
It is a human right, and global law governed under the Nuremberg Code, that vaccine specific ingredient information is disclosed. It is critical, required and necessary information so anyone, from any country in the world, can make an informed decision whether or not to consent to medical intervention. Because the full list of ingredients of the Covid βvaccinesβ have not been made available, Dr. Robert Young and his team conducted research to identify the specific ingredients in the Pfizer, Moderna, AstraZeneca and Johnson & Johnson Covid injections. On 20 August, they published their findings.
https://dailyexpose.co.uk/2021/08/30/american-scientists-confirm-toxic-graphene-oxide-and-more-in-covid-injections/
#dr #robert #young #analysis
https://dailyexpose.co.uk/2021/08/30/american-scientists-confirm-toxic-graphene-oxide-and-more-in-covid-injections/
#dr #robert #young #analysis
The Expose
American Scientists Confirm Toxic Graphene Oxide, and More, in Covid Injections
It is a human right, and global law governed under the Nuremberg Code, that vaccine specific ingredient information is disclosed. It is critical, required and necessary information so anyone,β¦