Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Intelligence

ISIS issued a manual for a safe use of Twitter and other media

The ISIS has released a manual for its militants, titled “How to Tweet Safely Without Giving out Your Location to NSA”, that explain how avoid surveillance. Security and media consider the ISIS a group with great cyber capabilities, last news of the IS is related to the diffusion of a Training Guide for its members to prevent the NSA spying. The […]

ISIS issued a manual for a safe use of Twitter and other media

The ISIS has released a manual for its militants, titled “How to Tweet Safely Without Giving out Your Location to NSA”, that explain how avoid surveillance.

Security and media consider the ISIS a group with great cyber capabilities, last news of the IS is related to the diffusion of a Training Guide for its members to prevent the NSA spying. The manual is titled “How to Tweet Safely Without Giving out Your Location to NSA” Manual.

The manual explains how to avoid surveillance of the Intelligence agencies, the document highlights how to prevent exposing location and/or key data using the popular social network Twitter.

A PDF copy of the manual was obtained by The Financial Times, according the analysts the document have been released shortly after the NSA and GCHQ have localized a group of militants from the analysis of metadata related to their posts and tweets containing pictures and messages.

The document is written in Arabic language and has been distributed among ISIS fighters. A translated statement from the guide reports:

“A number of security blinds have appeared that have benefited the enemy and have helped expose the identities of some brothers or identify some sites used by the mujahideen with ease.”

The intent of the author of the manuals is to explain to the militants how to remove metadata from the tweets they post or they share online. The manual issued by members of the ISIS suggests how to disable Geo-location services on mobile devices and recommends the fighters to avoid posting information that could allow the Intelligence to identify and localize them (i.e. name, location).

“Your abstention from posting details and your brothers’ movements during [the] Hit camp blessed battle two days ago was the reason God granted you victory.” states the manual.

ISIS exiftool

 

 

Security experts speculate that also recent airstrikes coordinated by the US-coalition in the area of Kobane, at the Syrian border, where supported by information collected by the intelligence with techniques of analysis of metadata and anyway of web activities of the ISIS fighters.

Twitter is considered a privileged instrument in the media campaign managed by the ISIS militant that use it as propaganda vector and to create a short-circuit between the militant on the battlefield and their followers.

“We know this issue is not only tied to pictures, but to PDF files, word files and video files.” states the manual.

The metadata of a document can reveal the its story, they include precious data like the identity of the author, the creation date and the modification date, and in some cases also location information.

It’s clear that the diffusion of the manual represents a problem for the Intelligence agencies that have a few information to analyze to locate the militants.

The ISIS is also warning its militant about the use of WI-Fi networks that are easy to hack by the Intelligence to locate cell phones and other mobile devices used by the ISI militant.

The intelligence agencies, in collaboration with private companies and law enforcement, are trying to track cell of terrorists analyzing their activities online and the communication channels they use. A few months ago I proposed in a post the results on an interesting analysis conducted by the experts at the Recorded Future that detailed the use of encryption made by jahidist communities.

Another element of great interest for the intelligence is the flow of money that could help the cell to sustain the local activities of propaganda and recruiting.

The principal financial institution is collaborating with governments to track anomalous transfers of money through their systems.

Pierluigi Paganini

Security Affairs –  (ISIS, Intelligence)