In this post, I will provide a timeline of original appearances of videos and photos of the Douma chemical incident. There were two locations for these videos: (1) the emergency ward of the Douma hospital; (2) a small apartment building about 10 blocks from the hospital, where dead bodies were found on two floors and […]
In two influential articles in June 2016, immediately following the Crowdstrike announcement, SecureWorks (June 16 here and June 26 here) purported to connect the DNC hack to a 2015-6 phishing campaign which they attributed to APT28. SecureWorks identified two malicious domains in their article. In today’s article, I’ll show that infrastructure from one domain are connected […]
In two influential articles in June 2016 (June 16 here and June 26 here), SecureWorks purported to link the then recently revealed DNC hack to Russia via a gmail phishing campaign which they had been monitoring since 2015 and which they attributed to APT28 (Fancy Bear). They had observed multiple phishing targets at hillaryclinton.com, dnc.org […]
On June 2, 2016, in a major police operation in Russia, 50 hackers from the Lurk banking trojan gang were arrested following 86 raids (Security Week here). Their malware was used for bank fraud (especially in Russia) and ransomware all over the world. The full extent of their activities became clear only after their arrest. In […]
Stenni et al (2017), Antarctic climate variability on regional and continental scales over the last 2000 years, was published pdf this week by Climate of the Past. It includes (multiple variations) of a new Antarctic temperature reconstruction, in which 112 d18O and dD isotope series are combined into regional and continental reconstructions. Its abstract warns that […]
Two very different representations of consistency between models and observations are popularly circulated. On the one hand, John Christy and Roy Spencer have frequently shown a graphic which purports to show a marked discrepancy between models and observations in tropical mid-troposphere, while, on the other hand, Zeke Hausfather, among others, have shown graphics which purport […]
In his attribution of the DNC hack, Dmitri Alperovitch, of Crowdstrike and the Atlantic Council, linked APT28 (Fancy Bear) to previous hacks at TV5 Monde in France and of the Bundestag in Germany: FANCY BEAR (also known as Sofacy or APT 28) is a separate Russian-based threat actor, which has been active since mid 2000s […]
In Crowdstrike’s original announcement that “Russia” had hacked the DNC, Dmitri Alperovitch said, on the one hand, that the “tradecraft” of the hackers was “superb” and their “operational security second none” and, on the other hand, that Crowdstrike had “immediately identified” the “sophisticated adversaries”. In contrast, after three years of investigation of Climategate, UK counter-intelligence had […]
Within the small community conducting technical analysis of the DNC hack, there has been ongoing controversy over whether Guccifer 2 (G2) was a false flag for the Russians, whether G2 was located in the US rather than Russia, whether the G2 files were copied locally rather than hacked, whether G2 was a false flag for […]
The DHS-FBI intel assessment of the DNC hack concluded with “high confidence” that Guccifer 2 was a Russian operations, but provided (literally) zero evidence in support of their attribution. Ever since Guccifer 2’s surprise appearance on June 15, 2016 (one day after Crowdstrike’s announcement of the DNC hack by “Russia”), there has been a widespread […]
Climate Audit 