APT Tracker

There’s a lot of different campaign and actor names and it’s tough to keep them all straight — just see here.

The Council on Foreign Relations released a new tool, the Cyber Operations Tracker.  The tool is a database of the publicly known state-sponsored cyber incidents that have occurred since 2005.  The database contains almost two hundred entries of state-sponsored cyber incidents or threat actors for which data is publicly available. Want to know who is spying on whom? Looking for the number of times North Korea has been publicly denounced for its cyber operations? Heard of Equation Group but would like to know more about it? The tracker can help answer all of these questions.

I should also mention Google and Arbor Networks partnered up a while ago to create the Digital Attack Map however its focus is on DDOS attacks.

 

pandaflux’s list o’ recommended browser plugins

Firefox

  • googlesharing: encrypts your google traffic and routes it through a proxy where it is combined with many other people.
  • https-everywhere: Automatically enables a secure connection for websites that supports it.
  • better privacy: Among other things, Better Privacy will delete “flash cookies” that are difficult to manage otherwise.

Chrome

  • disconnect: Stop third parties and search engines from tracking the webpages you go to and searches you do.
  • click & clean: Deletes your browsing history, typed URLs, Flash cookies, all traces of your online activity to protect your privacy.
  • KB SSL Enforcer: Automatic security, browse encrypted.
  • NOREF: Suppress Referrer (referer) for Hyperlinks

Google beta’s SSL for web searches

According to this H article, Google is beginning to beta a new feature of providing SSL for their standard web search service. As one commenter noted, Google is still collecting the same information from your searches but this will limit 3rd parties from eavesdropping on your search queries. Remember SSL doesn’t guarantee absolute privacy as there’s Moxie Marlinspike’s work, chance of CA intermediaries, and your employer loading their own trusted CA’s into your corporate devices.