Threat Inteliigence / OSINT / NETSEC / NATSEC

Anti-forensic - introduction and timestomping

As I mentioned in the blog, threat intelligence is essentially threat counterintelligence - the process of stopping hostile infiltration of the environment. This time we will deal with a strictly technical issue related to how attackers can try to (anti-forensic) hide traces of their activities and how to detect such activities. The starting point for our considerations [...]

Contract cyber - Iran and its way of conducting cyber operations

When we think of cyber operations conducted on behalf of or under the direction of the government, we usually think of intelligence agencies and military units. NSA, GRU, MSS or PLA are examples of this type of professional government organizations employing officers to implement state policy by cyber means. However, there is a state that is equally active in this space, [...]

The safest conference in Poland on December 3! Oh My H @ ck 2022 - live in Warsaw

Counterintelligence.pl is pleased to invite you to a unique event, the Oh My H @ ck conference, which will take place on December 3 in Warsaw! Cybercrime, reverse engineering, cyber threat intelligence or forensics are just some of the paths in the program of the Oh My H @ ck stationary conference, whose leading theme is cybersecurity. This is a great opportunity [...]

China's intelligence operations under the scrutiny of the Justice Department

The name of the blog obliges us, therefore, this time we deal with the latest events in the field of catching intelligence officers and fighting the operations they conduct. The opportunity for this was provided by the US Department of Justice, publishing indictments against a total of thirteen people accused of espionage, as well as Mandiant who published a report describing the detected Chinese outflow operations. IN […]

Scale and cycle - the role of threat intelligence in the organization

The recent history of breaking into Uber or reappearing reports on Emotet's activity may raise questions about the legitimacy of individual functions in the overall security organization of the organization. After all, why advanced forensics teams to produce threat intelligence or threat hunting when the problem is underlying? This very much […]

France and its doctrine of cyber operations - offensive actions

The state's approach to activities in cyberspace is a river topic and a subject of discussion both on the political and academic level. It is all the more interesting how different countries develop their doctrines and face, for example, the problem of how to react to incidents, how to treat those whose source is criminal activity, and how [...]

I won a case about an undelivered 3060Ti from morele.net! (Update 8/24/2022: Received the money)

[Disclaimer: This post has nothing to do with threat intelligence, osint, opsecs, natsecami and other secs. I post it here only because counterintelligence.pl is my site, the content of which is fully controlled, so it's more convenient for me to describe the matter here than to post on any social networking sites.] TL; DR: I ordered a computer from morele.net (selected [... ]

Kent and Heuer - The roots of CTI in a traditional interview

The holiday season is good for catching up on books, so let's take a look at the subject at counterintelligence.pl, so let's call it a book-historical topic. It will be no secret that CTI is quite a fledgling field. Even if we look at the distance that separates information protection as such from information protection in the context of computer networks, threat intelligence will be an even younger discipline. […]

MPS - Ministry of Public Security of China and cyber policy

We have already dealt with the military and civilian face of Chinese intelligence in the context of cyber operations. This time we will look at a service focused on more internal activities - the Ministry of Public Security. This organization was established in 1949 as a successor to the Central Department of Social Affairs. Functionally, its assumption was to ensure the overall internal security of China - from [...]

en_USEnglish