Discover and read the best of Twitter Threads about #opsec

Most recents (24)

GM!

I decided to write a rather unusual article in which I want to get away from the accepted concept and talk about various devices and gadgets for #OpSec, but with a bias towards the real application and ease of use...

officercia.mirror.xyz/fsRT9NC29GzeQA…
We could go to extremes even…

klmoney.wordpress.com/bitcoin-dissec…
Read 5 tweets
That is why utilizing Tails OS (and Whonix OS) in a combination with automated data self-destruction is always worthwhile… twitter.com/i/web/status/1…
Two police officers may be seen "working" behind the suspect's computer in this footage. One of the officers takes out a flash card and destroys everything as the data begins to self-destruct...
I'm not sure how genuine it is, but you should definitely read my #OpSec guide - I've compiled a lot of information like that there!

github.com/OffcierCia/Cry…
Read 14 tweets
Follow my @viamirror blog!

officercia.mirror.xyz

New articles 🔜
Join my channel 🫡 Will follow up with @eulerfinance related news there:

t.me/s/officer_cia
Read 4 tweets
1/ #OPSEC STOP ALL CONTRACTS w/ #Palantir (Boldend) - Peter Thiel, FB #Fascism #DarkMoney

THIEL - Musk, Koch #KochNetwork Milo, Ton-That, Giesea, Thiel protégé, Cernovich, Breitbart & T. $ startup “White Nationalist Hate Group” & Palantir pushed by Flynn huffpost.com/entry/clearvie…
2/ “Pence again spoke at #HF DC of #KochNetwork

#Koch & White Nationalist Hate Groups Bankrolled by #DonorsTrust prominent conservative #DarkMoney fund favored by #GOP - #Koch Mercer & Devos biggest known backer of 2 #WNHG #Fascism $ #Jan6 #DISCLOSEAct exposedbycmd.org/2022/06/07/buf…
3/ Koch advocacy group courts far-right Republicans it vowed to thwart
Americans for Prosperity Action (AFP - Koch family political network - #KochNetwork)
recently invited two politicians who tried vigorously to overturn the 2020 presidential election theguardian.com/us-news/2023/f…
Read 4 tweets
internet security has always been important, but never so much as in the #web3 space. in this short 🧵 we will take a look at some of the (free) tools to keep you, your digital identity and your funds safe, let's dive in 👇
1. browsers; what a majority of people are familiar with and probably use, @googlechrome it is a great browser that is compatible with most computer OS, but on it's own needs help in the security department- luckily we have plugins, which we will get to shortly
if you prefer a Web3 browser with preset, but customizable security features @brave is the best choice. this browser is not only compatible with Chrome extensions, it comes baked in with anti-phishing and ad block- though they reward users who wish to view ads with (that do not
Read 20 tweets
#Extremism #Terrorism #Radicalization #OSINT #OPSEC Thread- National Socialist (NAZI) 3rd Party Directory has an entire section dedicated to OSINT and OPSEC. Following is a thread/commentary on the listed suggested resources by this Stormfront and Daily Stormer advocate source
#Extremism #Terrorism #Radicalization #OSINT #OPSEC
1. No domain touch research used for data pull w/ @internetarchive and @acfou Page XRay
2. NEO NAZI directory suggests primarily non-affiliated w/ some affiliated resource suggestions
3. Some suggested tools are Russia Based
#Extremism #Terrorism #Radicalization #OSINT #OPSEC
4. Following are resources promoted by the 3rd Position Neo NAZI Directory utilizing @acfou PageXray
5. An Example of a suggested non-affiliated mainstream OSINT resource that is promoted by this source is @IntelTechniques
Read 11 tweets
Let’s talk about the software developed by #Ukrainian engineers to assist UA against #Russian aggression (Delta, MilChat, etc)
I have been researching this topic, their development cycles, and use in combat; and I want to share with you some findings.
Large🧵(1/20) Image
I would like to make it clear that this reflection comes from #OSINT, and that this thread will not compromise #Ukrainian #OPSEC
There could be interpretation errors (most sources were in Ukrainian, a language I do not speak), so corrections are welcome
(2/20) Image
First, it should be noted that none of these tools could be considered a #Wunderwaffe
They will undoubtedly help #Ukraine in its war effort, but having them will not win the war. This software will be an element to be taken into account in combination with others factors
(3/20) Image
Read 20 tweets
Spy-level OpSec tips. A 10-part-thread! ⬇️
1/10

Store files as videos, mix them with all Santa Barbara or Supernatural episodes and upload them somewhere in private folder.

github.com/dzhang314/YouT…
2/10

Right after that, erase data from the computer, then again download 200+ GBs of webjunk, then repeat the procedure.

quora.com/Can-forensic-s…

Better, destroy hard drive and PC.
Read 12 tweets
[#OSINT|#OPSEC|#DATALEAK] When you don’t renew a domain name that you use for email it creates the opportunity for a bad actor to take over accounts registered with email addresses at that domain.

1/
Dataleaks allow a bad actor to use this attack vector at scale. Exporting unique domains from the email addresses, filtering by occurrence then running a whois service over the top of them is low effort.

2/
A couple of years ago i spotted this with a senior developers Github account who was working at a well known tech company.

Generally speaking if you found a popular repo a bad actor could in theory introduce malicious code exploiting the dependency chain.

3/
Read 6 tweets
People ask me about my relationship to Mr. @Snowden, well, I have endless respect for this man, he is a true expert in #OpSec, I have made several references to his advices in my articles, for example - here: officercia.mirror.xyz/B9hBom4jGhkV0C…
And that was it - we never saw each other or communicated even online. Maybe someday we will, I don't know. He doesn’t know either.

Check out my blog officercia.mirror.xyz/Uc1sf64yUCb0uo…
It is important to add that I consider it my goal to exist legally and I do not accept breaking the law (any UN country). I am apolitical and do not represent any governmental or affiliated entity. My nickname is an attempt to play with archaisms, I am a simulacrum. Peace! ❤️
Read 3 tweets
Surprisingly, few people know that anyone can effectively defend against sim swapping…

And yes, it works both in the US and worldwide on almost all mobile operators!

Check out my thread below ⬇️
1/5

To freeze your SIM, contact your mobile phone carrier and ask them to never make changes to your phone number or SIM unless you physically show up to a specific store with at least two forms of identification!
2/5

That is a standard that has been tested by telecommunications operators in the US, the UK, Poland, and China. You just need to insist on it or visit the head office, and I’m sure that the support manager on the phone mayn’t know about it!
Read 6 tweets
Follow my Blog 🫡

officercia.mirror.xyz
I'll have more articles shortly! I also publish them here:

officercia.medium.com

More OpSec content on my TG channel: t.me/s/officer_cia

Please consider donating ❤️ Thank you!
Read 3 tweets
As the HMS Bonky weighs anchor and sets sail towards Sevastopol, something is occurring in an undisclosed safe house...#NAFOfleet #NAFOdrone #RaccoonsRevenge

@U24_gov_ua @Official_NAFO
Fellas, are you ready to test yourself? The Major is putting together a paw-picked squad for a mission we can't disclose. #OPSEC Image
Fellas, are you ready to train for action? Image
Read 50 tweets
#CaveatEmptor not always reliable tabloid Mail on Sunday citing anonymous "intelligence" sources -
Yet Another Tory Cabinet Minister phone #COMSEC #fail if true:

Liz Truss' mobile phone hacked during leadership campaign whilst still Foreign Secretary.

mailplus.co.uk/edition/news/p… Liz Truss' mobile phone hacked during leadership campaign whsolves the mystery of why Ms Truss was forced to change the Numbers for former Chancellor Kwarteng, Defence Secretary Be
#COMSEC "Liz Truss’s *personal phone* was hacked by agents suspected of working for Russian President Vladimir Putin. They gained access to top-secret details of negotiations with key international allies"
Should have been on her *official phone" rather than her *personal* one !
After the multiple Tory Prime Minister and Cabinet Minster mobile phone security scandals, can @ncsc @gchq @CabinetOffice now assure the public that no Cabinet Ministers are using their private mobile phones for official government work ?
Read 5 tweets
Many of us travel by airplane and many of us have to deal with carrying luggage. That's a pretty serious threat to your #OpSec unless of course your computer or phone has potentially valuable information on it.

Read my thread ⬇️
1/5

And if you don't fly, you probably travel from point A to point B in some other way - by car, train, and so on.

First of all, try checking out slnt.com/products/ally-… or any custom-made Faraday bag.
2/5

Transfer all important information to physical form. Steganography and cryptography work better when used together!

hackernoon.com/a-cia-agents-g…
Read 8 tweets
Surprisingly few people know that anyone can effectively defend against sim swapping. It works both in the US and worldwide in almost all mobile operators!

But how? Check out my thread 👇
1/5

To lock down your SIM, contact your mobile phone carrier. Ask them to NEVER make changes to your phone number/SIM unless you physically show up to a specific store with at minimum two forms of identification.
2/5

This (should) prevent hackers from calling up AT&T or T-Mobile or Vodafone, claiming to be you, and asking them to port your phone number to a new phone.
Read 7 tweets
What an awesome tactic been used to catch a bad actor in @Tesla!

There are also amazing tools for it, for example: github.com/utkusen/wholea…

And ofc myy fav canary trap service - canarytokens.org
Follow my #OpSec Guide github.com/OffcierCia/Cry… & tips from my officercia.mirror.xyz blog!

Stay Safe!
But how can whistleblowers protect themselves from this?

officercia.mirror.xyz/8ecJG-s_5E6J1t…

Cryptography + Steganography would be a good solution IMO
Read 4 tweets
#howtogetstarted 🧵
Getting started with a new #OSINT investigation?

Prepare a browser with bookmarks + extensions.

Some fabulous StartMe's: start.me/p/Pwy0X4/osint… by @OSINT_Tactical

I also use @osintcombine 's OSINT Stack: osintcombine.com/osint-bookmarks
Simply import & go.

1/n
Also add @IntelTechniques Tools page: inteltechniques.com/tools/

Don't forget to add a couple of those StartMe's.

I made a separate Startme-page with just #OSINT extensions/add-ons.
Add & pin the ones you like.

start.me/p/p1qj2E/osint…

2/n
As a @brave user, I use a one-time sync between my standard #OSINT browser (not 4 investigations) and a new browser(profile), syncing only bookmarks and extensions. Timesaver!

Once done, I remove the sync-chain from the new browser.

3/n
Read 4 tweets
ONE has tried to stop #Koch since 1930s. US allowed Fred Koch to come back AFTER working for Stalin & Hitler. Steralization of #LGBT+ w/ ADF & SCOTUS #Barrett

#KochNetwork funded #Jan6 #Insurrection of #Fascism #DarkMoney

#USandTheHolocaustPBS
👉unkochmycampus.org/los-ch3-part-1…
1929-31 Fred Koch #KochNetwork Soviet Union building oil refineries for Stalin & Hitler Nazi Germany prior to WWII. Russia 1956 & Iraq 1958 just prior to Iraq Coup/Revolution. Prior to Soviet Union, worked in England. FBI Docs 👉 america.aljazeera.com/articles/2014/… 👉 assets.documentcloud.org/documents/1237…
Iran-Contra Koch & Hayek Mont Pelerin Society member since 1970 - Pinochet & CLOSE ties to Milton Friedman direct help & Hayek several visits to Chilea late 70s & early 80s - specifically defended Pinochet’s regime & Peter Thiel
MISES #KochNetwork

unkochmycampus.org/los-ch2-part-4…
Read 15 tweets
If you meet someone, for example at a random conference, who says he is me, you can safely call him a liar.

I am generally against public mass meetings of those who, for some reason, consider themselves to be part of the crypto community…

A thread 👇
1/5

That’s why I never attend meet-ups, conferences and other mass meetings and suggest you doing the same! Or ask to proof it via my Twitter.

Why do I think so? Let me just leave a link to this wonderful repository and you will understand my concerns

github.com/jlopp/physical…
2/5

If you still have to go, check out this awesome tool, related to our topic github.com/skickar/CreepD…
Read 8 tweets
1/ Mika Mäenpää (@MMaenpaa1, go follow him!) has posted an excellent assessment of the situation near Kharkiv from a military professional's perspective. It deserves to be read widely, so I hope he'll forgive me for doing a quick translation of it into English.
2/ From @MMaenpaa1:
I was going to write this when the attack on Kharkiv started, but then I said let's wait and see. The Ukrainian counter-attack seems to be a prime example of brilliant use of intelligence, deception and information warfare: operational intelligence.
3/ Military action: since the summer, Ukraine has concentrated its fire and (visible) troop operations on the southern part of the front. In particular, HIMARS, which gave the impression of preparing the battlefield, ...
Read 13 tweets
Aioin kirjoittaa tämän kun hyökkäys Harkovan suuntaan alkoi, mutta sitten totesin, että katsotaan vielä hetki. Ukrainan vastahyökkäys näyttää olevan huippuluokan esimerkki loistavan tiedustelun, harhautuksen ja informaatiosodankäynnin hyödyntämisestä: Operativisesta älystä. 1/x
Sotilaallinen toiminta: Ukraina on keskittänyt tulekäytön ja joukkojen (näkyvän) operoinnin kesästä alkaen eteläiselle rintaman osalle. Erityisesti HIMARS:t, jolla annettiin kuva taistelukentän valmistelusta, mutta joka osoittautui pikemminkin EBO:a tyyppseksi vaikuttamiseksi 2/x
Ukraina on antanut koko kesän kuvaa julkisuudessa, että se hyökkää Herssonin suunnassa ja että se on sille tärkein suunta. Tätä narratiivia on tukenut jopa presidentti. Hyökkäyksen alettua Herssonin suunnassa asiaa korostetiin vetoamalla #OPSEC:n, ja kuitenkin kuvaa "vuosi"🤔 3/x
Read 10 tweets
Wi-Fi Security for life & work. Special thread! ⬇️

1. Read this article:

ledger.com/academy/securi…

2. Go through this awesome list:

github.com/edelahozuah/aw…

3. Test.

github.com/techge/wifi-ar…

4. If you are an IoT device owner, then carefully read:

github.com/nebgnahz/aweso…
5. Which OS to choose?

t.me/officer_cia/344

6. BGP Hacking.

theverge.com/2018/4/24/1727…
stolen-ethereum

7. Microtik security: itdave.nl/mikrotik-route…

8. Check out: github.com/decalage2/awes…
Read 12 tweets
Learn to Hack

Over 27 Hours of Free Hacking Material

@TCMSecurity #websecurity #Pentesting
#Linux #OSINT #Python #bufferoverflow
#opsec #Hacking

Thread 👇🧵
Practical Ethical Hacking

This course is a 12-hour introduction to the practical side of ethical hacking.The course is hands-on and will cover many foundational topics.
🖇
OSINT Fundamentals

This is a 4.5 hour course on open source intelligence (OSINT) tactics and techniques. It is designed to help students improve their investigative skills, research methodology, and personal OPSEC.
🖇
Read 6 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!