The infections were the result of legitimate developers writing apps using a counterfeit copy of Xcode, Apple’s iOS and OS X app development tool. The repackaged tool, dubbed XcodeGhost, surreptitiously inserted malicious code alongside normal app functions.

Comments

You must log in or register to comment.

（　ﾟДﾟ）

There's nothing here…

2 points (+2, −0)

Short URL:

https://ramble.pw/3408

Operations Security

What is OPSEC?

Operations Security, or OPSEC, OPSEC is about minimizing attack surfaces and single points of failure through proper habits and policies. It's a systematic and proven process that we can use to deny adversaries information they need to do us harm or interrupt our plans. It's also a mindset that can be applied to any mission or plan.

Although the term originated in the military, OPSEC is now used for so much more. This includes law enforcement, computer and network security, home safety, travel, and so much more.

OPSEC isn't a list of rules, and it's not as simple as using a VPN and keeping your mouth shut. It includes elements of INFOSEC, APPSEC, NETSEC, COMSEC[TRANSEC/SIGSEC/EMSEC], PHYSEC[PERSEC], and (CO)INTEL.

THE OPSEC PROCESS

Identify the information you need to protect
Analyze the threats
Analyze your vulnerabilities
Assess the risk
Apply countermeasures

Understand your own risk/threat model: Who is your adversary? What needs protecting?

The OPSEC Two-Step: Know what to protect and know how to protect it.

Created December 10, 2020
Subscribe via RSS

Moderators

santorihelix

See full list