Just a few of the sites/blogs that have recently featured my posts exposing the low lifes :
- Linuxsecurity.com - "Analysis of the Technical Mujahid - Issue One" ; "Current State of Internet Jihad"
- Informit.com - "How do terrorists spell rootkit in Farsi?"
- Defensetech.org - "Rapid fire 1" ; "Rapid fire 2"
- Net-security.org - "Analysis of the Technical Mujahid - Issue One"
- Cyberia.org.il
Interested in knowing how was Al Qaeda using the Internet before 9/11 with all the multimedia released back then? Moreover, have you ever wanted to take a peek at some of the most recent tools-of-the-trade malware authors use on a daily basis? Stay tuned for the Christmas Full Disclosure Series summarizing some of my recent findings, and beyond!
Share your knowledge. It's a way to achieve immortality. Dalai Lama
Tuesday, December 12, 2006
BuzZzZ Generation
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Google Translate Hack
Google seems to have fixed this one already, but trying it the other way around you can still feel what BETA is all about. My guess is that translations of unknown words or combinations better return a clustered result from the Web, than no result at all, which is exactly what is happening in this case.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Monday, December 11, 2006
Analysis of the Technical Mujahid - Issue One
An OSINT conducted, a tax payer's buck saved somewhere.
Last week, the mainstream media was abuzz
with the release of the first jihadist e-zine discussing hacking,
information hiding, of course in between the lines of radical
propaganda, whereas no one was providing more information on the exact
nature of the articles, but the SITE institute. So I decided to take a peek at the Technical Mujahid for myself, in order to break through the FUD, or not see the "threat sliced on pieces" by different news sources.
According to the official release, the magazine's download locations seem to be slowly becoming useless, besides the Rapidshare link which seems to be still fully working -- the Internet Haganah reasonably points out that owning a copy of it might get you in trouble in some countries, so don't.
According to the official release, the magazine's download locations seem to be slowly becoming useless, besides the Rapidshare link which seems to be still fully working -- the Internet Haganah reasonably points out that owning a copy of it might get you in trouble in some countries, so don't.
Despite
that I don't speak any Arabic languages, and I pressume neither do you,
the e-zine is rich on visual materials and you can pretty much grasp
the big picture. Namely, that it's practical compared to theoretical
source of information, it's targeting mixed audiences, and it's keeping
it very simple. So I've decided to compile a summary of the key sections
and topics in the articles covered for future references. In one
sentence - its simplicity is not to be feared, but its practicality.
The
release of the magazine is an indication of the ongoing use of the
Internet for mass-education -- economies of scale -- through videos and
visual howto's, but much more advanced information related to
information security could be obtained from public sources. The cellphone triangulation in Iraq, and the demonstration of Hacker Defender are worth mentioning, but overall, concepts such as information warfare or online PSYOPS remain unstructured and abstract ideas to the average jihadist
- for now. Notice the multimedia file used as an example for the
alternate data stream as well and draw up the conclusions on your own.
Don't
exclude the logical possibility of on purposely disinforming the
general public and various intel folks across the world on a relatively
primitive inforwar practices such as using PGP and alternate data
streams.
Here are the articles themselves :
01. Article One - Alternate Data Streams - steganography example given, rootkits - hacker defender covered, examples provided, abomosab.jpg used as an example
02. Article Two - Satellite Communications and the importance of GPS, handheld GPS,
explains triangulation, mentions satellite imagery's power, and
satellite transfer speeds, mentions 1575 and 1227 as carrier frequencies
and Digital Sequence Spread Specturm - DSSS, mentions handheld GPS
receiver, includes photos of 3G data card, laptop. It then discusses a
locked device with a "WARNING" sign on it
03. Article Three - Visual HOWTO on Install VMware
04. Article Four - Article on digital media players, the different formats, subtitles, and the NTSC and PAL systems, recording basics as it looks like
05. Article Five - Introduction to PGP
- Zimmerman is quoted, explanation of the RSA algorithm, recommending
the use of PGP Whole Disk, features warning message that trial versions
of PGP Whole Disk will self-decrypt
And SITE Institute's comments on the propaganda side in the introduction and conclusion :
"For
future issues, the editors urge members of the jihadist Internet
community to submit articles in the field of technology for publishing.
They write: “My kind, technical Mujahid brother, the magnitude of
responsibility which is placed upon you is equal to what you know in the
regard of information. Do not underestimate anything that you know;
perhaps a small article that you write and publish can benefit one
Mujahid in the Cause of Allah or can protect a brother of yours in
Allah. This way you will gain the great reward with the permission of
Allah."
If you perceive the Technical Mujahid magazine as a threat to the national security of any country, old issues of Phrack magazine must be giving you the nightmares.
Have a productive week everyone, and stay informed!
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Analysis of the Technical Mujahid - Issue One
Last week, the mainstream media was abuzz with the release of the first jihadist e-zine discussing hacking, information hiding, of course in between the lines of radical propaganda, whereas no one was providing more information on the exact nature of the articles, but the SITE institute. So I decided to take a peek at the Technical Mujahid for myself, in order to break through the FUD, or not see the "threat sliced on pieces" by different news sources.
According to the official release, the magazine's download locations seem to be slowly becoming useless, besides the Rapidshare link which seems to be still fully working -- the Internet Haganah reasonably points out that owning a copy of it might get you in trouble in some countries, so don't.
According to the official release, the magazine's download locations seem to be slowly becoming useless, besides the Rapidshare link which seems to be still fully working -- the Internet Haganah reasonably points out that owning a copy of it might get you in trouble in some countries, so don't.
Despite that I don't speak any Arabic languages, and I pressume neither do you, the e-zine is rich on visual materials and you can pretty much grasp the big picture. Namely, that it's practical compared to theoretical source of information, it's targeting mixed audiences, and it's keeping it very simple. So I've decided to compile a summary of the key sections and topics in the articles covered for future references. In one sentence - its simplicity is not to be feared, but its practicality.
The release of the magazine is an indication of the ongoing use of the Internet for mass-education -- economies of scale -- through videos and visual howto's, but much more advanced information related to information security could be obtained from public sources. The cellphone triangulation in Iraq, and the demonstration of Hacker Defender are worth mentioning, but overall, concepts such as information warfare or online PSYOPS remain unstructured and abstract ideas to the average jihadist - for now. Notice the multimedia file used as an example for the alternate data stream as well and draw up the conclusions on your own.Don't exclude the logical possibility of on purposely disinforming the general public and various intel folks across the world on a relatively primitive inforwar practices such as using PGP and alternate data streams.
Here are the articles themselves :
01. Article One - Alternate Data Streams - steganography example given, rootkits - hacker defender covered, examples provided, abomosab.jpg used as an example02. Article Two - Satellite Communications and the importance of GPS, handheld GPS, explains triangulation, mentions satellite imagery's power, and satellite transfer speeds, mentions 1575 and 1227 as carrier frequencies and Digital Sequence Spread Specturm - DSSS, mentions handheld GPS receiver, includes photos of 3G data card, laptop. It then discusses a locked device with a "WARNING" sign on it
03. Article Three - Visual HOWTO on Install VMware
04. Article Four - Article on digital media players, the different formats, subtitles, and the NTSC and PAL systems, recording basics as it looks like
05. Article Five - Introduction to PGP - Zimmerman is quoted, explanation of the RSA algorithm, recommending the use of PGP Whole Disk, features warning message that trial versions of PGP Whole Disk will self-decrypt
And SITE Institute's comments on the propaganda side in the introduction and conclusion :
"For future issues, the editors urge members of the jihadist Internet community to submit articles in the field of technology for publishing. They write: “My kind, technical Mujahid brother, the magnitude of responsibility which is placed upon you is equal to what you know in the regard of information. Do not underestimate anything that you know; perhaps a small article that you write and publish can benefit one Mujahid in the Cause of Allah or can protect a brother of yours in Allah. This way you will gain the great reward with the permission of Allah."
If you perceive the Technical Mujahid magazine as a threat to the national security of any country, old issues of Phrack magazine must be giving you the nightmares.
Have a productive week everyone, and stay informed!
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Posts (Atom)