home.social

#opsecfail — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #opsecfail, aggregated by home.social.

  1. An undercover cop who infiltrated leftist and anti-capitalist activist groups blew his cover in 2004 when he accidentally dialed one of the activists during a secret police meeting and recorded himself answering questions about the activists.

    When the cops realized his mistake, they debated if they should "mount a destructive operation" against the activist groups

    theguardian.com/uk-news/2026/m

    @copscampaign

    #spycops #ACAB #opsecfail #police #activism #surveillance #UCPI #undercoverpolicinginquiry

  2. Strikes continue to rain down on Jordan throughout the night which large volleys of Iranian missiles being shotdown by air defense systems.

    Despire very active air defense several direct strikes on US bases are circulating on social media.

    Tel Aviv appears to have suffered several direct hits. I've seen increasing unconfirmed chatter of Naval vessels and oil rigs north of Israel reportedly being struck as well.

    Iran's volleys continue to hit each country every hour or so.

    #Jordan #OPSECFail

  3. Bullerei und Handschellenindustrie: Hilfe, man kann die Schlüssel für die Handschellen im Internet kaufen. Wie konnte das nur passieren?

    Ebenfalls Bullerei und Handschellenindustrie: Last uns hochauflösende Bilder von dem Schlüssel online stellen um anzugeben!!!

    #OpSecFail #Polizei

  4. Can't help thinking that putting the entire leadership of the US military in one place at one time, and announcing to the whole world the time and the place beforehand, is a pretty huge security risk.

    The Rapist must be very confident of his friendship with Putin.

    theatlantic.com/newsletters/ar

    #USPol #OPSECFail

  5. 📦 Step 1: Download Kali Linux
    🕵️‍♂️ Step 2: Open Firefox → Amazon, Groupon, Google
    🧠 Step 3: Search “how to hack wifi with metasploit”
    🎯 Step 4: You’re now in a training simulation… by the CIA 😆
    Welcome to Project Wannabe.

    #KaliLinux #ConspiracyMode #OPSECfail #PrivacyTheatre #LOLcry

  6. 📦 Step 1: Download Kali Linux
    🕵️‍♂️ Step 2: Open Firefox → Amazon, Groupon, Google
    🧠 Step 3: Search “how to hack wifi with metasploit”
    🎯 Step 4: You’re now in a training simulation… by the CIA 😆
    Welcome to Project Wannabe.

    #KaliLinux #ConspiracyMode #OPSECfail #PrivacyTheatre #LOLcry

  7. 📦 Step 1: Download Kali Linux
    🕵️‍♂️ Step 2: Open Firefox → Amazon, Groupon, Google
    🧠 Step 3: Search “how to hack wifi with metasploit”
    🎯 Step 4: You’re now in a training simulation… by the CIA 😆
    Welcome to Project Wannabe.

    #KaliLinux #ConspiracyMode #OPSECfail #PrivacyTheatre #LOLcry

  8. 📦 Step 1: Download Kali Linux
    🕵️‍♂️ Step 2: Open Firefox → Amazon, Groupon, Google
    🧠 Step 3: Search “how to hack wifi with metasploit”
    🎯 Step 4: You’re now in a training simulation… by the CIA 😆
    Welcome to Project Wannabe.

    #KaliLinux #ConspiracyMode #OPSECfail #PrivacyTheatre #LOLcry

  9. 📦 Step 1: Download Kali Linux
    🕵️‍♂️ Step 2: Open Firefox → Amazon, Groupon, Google
    🧠 Step 3: Search “how to hack wifi with metasploit”
    🎯 Step 4: You’re now in a training simulation… by the CIA 😆
    Welcome to Project Wannabe.

    #KaliLinux #ConspiracyMode #OPSECfail #PrivacyTheatre #LOLcry

  10. PS: Oh, and Google Search is right there too, in case the lawnmower needs a tutorial. 🔍🛠️😆

    #SurveillanceStarterPack #KaliLinux #OPSECfail

  11. Finally had some more free time. Ran the data we have so far through leaked databases and the results confirm our previous OSINT.

    -GameSprite
    Email: [email protected]
    Password: 14389e232e2da8a35e45a34dae245407
    Registration: 2017-05-29 19:09:11
    Salt: 78d2c0
    IP: 191.102.75.226
    Nick: ShadowGRT

    -SoarGames
    Email: [email protected]
    Password: a00080f376b0e18de43185e4a66259d2
    Registration: 2018-05-19 19:49:16
    Salt: c97dcf
    IP: 152.231.29.35
    Nick: Shadowgrt

    -Canva
    Email: [email protected]
    Registration: 2017-11-27 20:13:29
    Language: es-CO
    Nick: shadowgamer5628

    -Wattpad
    Email: [email protected]
    Registration: 2017-10-23 02:52:20
    Full name: Shadow GRT
    Nick: ShadowGRT
    Country: CO

    (8/???)

    #OSINT #OPSECFAIL #CTI #ThreatIntel

  12. Looking back at the Youtube account (archived here: archive.is/n9xEA#selection-358) we see additional social account details in the description of a recent video:

    Mis redes:
    Twitter: twitter.com/GermanRaul10

    Instagram: instagram.com/german_t01/

    Correo: [email protected]
    Skype: ShaDow Grt
    Discord: ShaDowGRT #4582

    This also confirms the gmail account originally seen in the git commit is indeed related to this person.

    (6/???)

    #OSINT #OPSECFAIL #CTI #ThreatIntel

  13. Pivoting to the Twitter account (Archived here: archive.is/50Q3U#selection-735) we see more location details of Putumayo, Colombia. This is within a short distance of the Google Maps reviews in Meta, Columbia . Helping us correlate the geolocation of this person.

    We also get a hint to what be their real name of pseudonym "German Raul"

    (5/???)

    #OSINT #OPSECFAIL #CTI #ThreatIntel

  14. Taking a look at their Maps data: google.com/maps/contrib/112604 we can confirm they spent time in Columbia within the past 3-6 years. We also see the username mentioned in the Censys report "Shadow GRT"

    Let's pivot off of ShadowGRT and find those other accounts mentioned by Censys.

    (3/???)

    #OSINT #OPSECFAIL #CTI #ThreatIntel

  15. The Ghunt output provides us with a few good leads. First it confirms that it's a valid gmail account. Second it provides links to the TA's Google Maps reviews.

    grey@thruntmachine:~$ ghunt email [email protected]

    By: mxrch (🐦 @mxrchreborn)
    Support my work on GitHub Sponsors ! 💖

    > GHunt 2.3.3 (🕷 Spider Edition) <

    🎉 You are up to date !

    [+] Stored session loaded !
    [+] Authenticated !

    🙋 Google Account data

    [+] Custom profile picture !
    => lh3.googleusercontent.com/a-/A

    [-] Default cover picture

    Last profile edit : 2025/05/05 09:34:18 (UTC)

    Email : [email protected]
    Gaia ID : 112604768676644210605

    User types :
    - GOOGLE_USER (The user is a Google user.)

    📞 Google Chat Extended Data

    Entity Type : PERSON
    Customer ID : Not found.

    🌐 Google Plus Extended Data

    Entreprise User : False

    🎮 Play Games data

    [+] New token for playgames has been generated

    [-] No player profile found.

    🗺 Maps data

    Profile page : google.com/maps/contrib/112604

    [Statistics]
    Ratings : 6

    [-] Reviews are private.

    🗓 Calendar data

    [-] No public Google Calendar.

    (2/???)

    #OSINT #OPSECFAIL #CTI #ThreatIntel

  16. One of the best indicators Censys found for attribution is the email address accidentally left in a git commit:

    % git log
    commit fa480e80bc5b9e154fad138ef47191032e7ba4dd (HEAD -> main, origin/main, origin/HEAD)
    Author: Shadow GRT <[email protected]>
    Date: Wed May 7 15:51:15 2025 +0000

    Given this is a gmail the first tool we should immediately use is GHunt (github.com/mxrch/GHunt)

    (1/???)

    #OSINT #OPSECFAIL #CTI #ThreatIntel

  17. Secure browser?
    Randomized MAC?
    New VPN?
    Great.
    Yet you visit the same sites,
    at the same time,
    with the same user.

    Patterns are maps.
    You bleed data.

    Silence is your last defense.

    #OPSECFail #PrivacyIsDead #DeadSwitch #Wisdom #DontShare #BleedInfo

  18. Secure browser?
    Randomized MAC?
    New VPN?
    Great.
    Yet you visit the same sites,
    at the same time,
    with the same user.

    Patterns are maps.
    You bleed data.

    Silence is your last defense.

    #OPSECFail #PrivacyIsDead #DeadSwitch #Wisdom #DontShare #BleedInfo

  19. Secure browser?
    Randomized MAC?
    New VPN?
    Great.
    Yet you visit the same sites,
    at the same time,
    with the same user.

    Patterns are maps.
    You bleed data.

    Silence is your last defense.

    #OPSECFail #PrivacyIsDead #DeadSwitch #Wisdom #DontShare #BleedInfo

  20. After recovering from a disruption by pro-Palestinian protests, a Microsoft speaker accidentally screen shared the wrong window - that being, internal Microsoft Teams chats.

    https://www.theverge.com/news/671373/microsoft-ai-security-chief-walmart-conversation-build-protest-disruption

    This could only have been worse if it had turned out Microsoft was actually using Slack for internal messaging.

    #Microsoft #OpsecFail #IsraelPalestine #MicrosoftFail

  21. "Hacker hebeln erweiterten Schutz der elektronischen Patientenakte aus

    »Die ePA bringen wir erst dann, wenn alle Hackerangriffe technisch unmöglich gemacht worden sind«, hat Karl Lauterbach im Januar verkündet. CCC-Experten haben nun bewiesen: Er hat zu viel versprochen."

    #tja #epa #opsecfail #kritis #failarmy #karllauterbach #gesundheitssystem #elektronischepatientenakte #patientenakte

    spiegel.de/netzwelt/web/elektronische-patientenakte-hacker-umgehen-auch-die-neuen-schutzmassnahmen-a-f3528e86-0c56-4567-8a23-8aa139c5edb7

  22. Quite weird and very weak "security seal" on currently sold #Lenovo #ThinkPad packaging. I could easily lift and reapply the "seal" without breaking it. Do you find this concerning? 🤔

    I like the mostly non-plastic packaging material, though. 👍

    #itsecurity #opsecfail #laptops

  23. My mum trolling me by getting calendars printed & distributed so I find my birthday like this in our kitchen #opsecfail

  24. #OpSecFail What a moron 😂 🤣
    "Donald Trump’s former personal attorney Rudy Giuliani texted a total stranger about his plans to overturn the results of the 2020 election in Michigan"
    themindshield.com/giuliani-tex