mirror of
http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/opsec-blogposts.git
synced 2025-06-08 07:29:31 +00:00
add initial file
This commit is contained in:
MulliganSecurity
parent
97abf00898
commit
1c226cddd0
1 changed files with 23 additions and 0 deletions
23
opsecmistakes/index.md
Normal file
23
opsecmistakes/index.md
Normal file
|
|
@ -0,0 +1,23 @@
|
||||||
|
---
|
||||||
|
author: Mulligan Security
|
||||||
|
date: 2025-05-16
|
||||||
|
gitea_url: "http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/312"
|
||||||
|
xmr: 86NCojqYmjwim4NGZzaoLS2ozbLkMaQTnd3VVa9MdW1jVpQbseigSfiCqYGrM1c5rmZ173mrp8RmvPsvspG8jGr99yK3PSs
|
||||||
|
---
|
||||||
|
|
||||||
|
to be explained:
|
||||||
|
|
||||||
|
why do you need a clear threat model (to not lose your mind over stuff that won't likely happen while overlooking simple mistakes)
|
||||||
|
why it's very unlikely that hardware 0-day will get you but it's very likely you'll do some dumb thing and deanonymize yourself (wondering about 0-days is overconfidence in most cases)
|
||||||
|
how bad people got caught in the past (what opsec mistakes they made, the stupider the better), give like 3-5 examples
|
||||||
|
the guy who uploaded tar of his entire home directory is my personal fav (Julius Kivimaki)
|
||||||
|
OSDoD mixing personal and business stuff online
|
||||||
|
Pharoah googling why his servers are down (because FBI was imaging them lol)
|
||||||
|
...
|
||||||
|
threat scenarios (explain each), some examples:
|
||||||
|
physical breach (leaving your laptop unattended at a restaurant or sth)
|
||||||
|
social engineering or phishing
|
||||||
|
reusing the same passwords and using one already breached somewhere
|
||||||
|
...
|
||||||
|
|
||||||
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue