DEF CON 31 War Stories – Paz Hameiri’s ‘CON Trolling The Weather’ – Source: securityboulevard.com https://ciso2ciso.com/def-con-31-war-stories-paz-hameiris-con-trolling-the-weather-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #cybersecurityeducation #InfosecurityEducation #SecurityArchitecture #InformationSecurity #SecurityConferences #CyberSecurityNews #SecurityBoulevard #DEFCONConference #Cybersecurity #threathunting #DEFCon31 #OSINT
Some but not all of the #Ukraine GUR teams I was able to speak to had been provided with Lafette tripods for the guns, like the one seen below.
Original tweet: https://twitter.com/historicfirearm/status/1731783059584819646
Over the past three months I've been tracking HK MG5 use since they appeared in #Ukraine. Here is how they have arrived in transport bags with assorted accessories!
Original tweet: https://twitter.com/historicfirearm/status/1731777020936229362
Brute Ratel C4 Detected - 18[.]176[.]27[.]91:80 - https://www.redpacketsecurity.com/brute-ratel-c4-detected-18-176-27-91-port-80/
C2-Search-Netlas - Search For C2 Servers Based On Netlas - https://www.redpacketsecurity.com/c-search-netlas-search-for-c-servers-based-on-netlas/
Ok, I have decided to ditch BlueSky...
Though, it's disappointing that a lot of the #OSINT people and extremism reporting that I followed here on Mastodon fled to BlueSky; it's too much like Twitter/X - with all the toxicity, CryptoBros and half-naked people (especially men?!?!) filling up the feeds.
Too much crap and not worth the time to sift through it.
This, however, has forced me to hone my news and social media workflow with Inoreader, Vivaldi, Nitter, and RSS-Bridge.
With this setup, I have organized all my RSS feeds, news sources, social media feeds and newsletter subscriptions in one place.
I have control over what news I read without having to sift through different social media platforms to get it. Plus, it allows me to focus on just one social platform - and, honestly, the Fediverse is a much nicer place for engagement.
You can see an example below 👇️
@dw_innovation hi! Incidentally I gave two talks at CCC, one about advanced #OSM usage and one about #OSINT, which also features exactly what you're doing with this tool (using an example from one of Julia's quiztime posts ;) I regularly do this kind of research using overpass.
Black Basta Ransomware Victim: nlt[.]com - https://www.redpacketsecurity.com/black-basta-ransomware-victim-nlt-com/
CERTFR-2023-AVI-0993 : Multiples vulnérabilités dans Squid (04 décembre 2023)
CERTFR-2023-ACT-052 : Bulletin d’actualité CERTFR-2023-ACT-052 (04 décembre 2023)
Credit Card Skimming On The Rise For The Holiday Shopping Season - https://www.redpacketsecurity.com/credit-card-skimming-on-the-rise-for-the-holiday-shopping-season/
Atomic Stealer Distributed To Mac Users Via Fake Browser Updates - https://www.redpacketsecurity.com/atomic-stealer-distributed-to-mac-users-via-fake-browser-updates/
Malvertiser Copies Pc News Site To Deliver Infostealer - https://www.redpacketsecurity.com/malvertiser-copies-pc-news-site-to-deliver-infostealer/
Clever Malvertising Attack Uses Punycode To Look Like Legitimate Website - https://www.redpacketsecurity.com/clever-malvertising-attack-uses-punycode-to-look-like-legitimate-website/
Ransomware Review November 2023 - https://www.redpacketsecurity.com/ransomware-review-november/
Associated Press Espn Cbs Among Top Sites Serving Fake Virus Alerts - https://www.redpacketsecurity.com/associated-press-espn-cbs-among-top-sites-serving-fake-virus-alerts/
Linux Distribution for #OSINT
4. CSI Linux
6. Offen Osint
7. Huron Osint
8. Septor Linux
9. Pentoo Linux
10. Tsurugi Linux
11. TraceLabs OSINT VM. : https://www.tracelabs.org/initiatives/osint-vm
Over the past three months I've been tracking HK MG5 use since they appeared in #Ukraine.
Original tweet: https://twitter.com/historicfirearm/status/1731305877028618660
Heute mal etwas nerdiger. Was mache ich wenn ich 800 PDF habe die je 300 Seiten haben und ich darin eine E-Mail-Adresse suche? #OSINT https://bashinho.de/2023/12/03/einfache-datenauswertung-fuer-osint/
MISP playbooks address common use-cases encountered by SOCs, CSIRTs or CTI teams to detect, react and analyse specific intelligence received by MISP: https://misp.github.io/misp-playbooks/
There are some playbooks in the repository such as:
- Malware triage
- Malware triage - dynamic malware analysis
- Malware triage - Query file hash
- Query CVE information
- Query IP reputation
- Query domain reputation
Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks - https://www.redpacketsecurity.com/over-vulnerable-microsoft-exchange-servers-exposed-to-attacks/
How to Build a Phishing Playbook Part 1: Preparation – Source: securityboulevard.com https://ciso2ciso.com/how-to-build-a-phishing-playbook-part-1-preparation-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #Office365Integration #CheckpointFirewall #CyberSecurityNews #SecurityBoulevard #IncidentResponse #ActiveDirectory #phishingattacks #RecordedFuture #Cybersecurity #SOARplatform #CrowdStrike #DevOps #OSINT #soar
The first season of #ThePivot, your #OSINT and infosec podcast, has just wrapped up! We want to thank all our guest speakers who joined us this season: @OSINTtechniques, Liv Rowley, shibasec, Joe Ryan, @mario_rojas, @webbreacher, Julie Jones, @insiderphd, Rae Baker, Vicente Diaz, Léa Ronzaud, Gisela Pérez de Acha, Teresa Walsh, Palenath, Zaid Sabih, @hatr, @dutch_osintguy, Henri Beek, Kevin Limonier, Jane Frankland, Daniel C., and Jezer Ferreira!
Your expertise, stories, and perspectives have truly enriched our podcast and inspired our listeners. We're grateful for the wisdom and energy you brought to each episode!
To our amazing audience out there, we want to thank you for your support and engagement throughout this season. Your feedback, comments, and shares have made this podcast a vibrant community experience.
If you missed an episode or want to revisit your favorite, you can listen to all of them here:
https://www.maltego.com/categories/the-pivot-podcast/ Stay tuned for more updates!
I was wondering why Michael Bazzell's podcast didn't have any new episode, and why they weren't available anymore ...
For those who missed it, here’s the link to Podcast Episode 11-30-23. In this edition, we primarily cover some recent action by U.S. troops, the horrendous fighting happening in Ukraine, a first that has happened against China, some new drone/tech news, and plenty of motivation and wisdom
#mil #podcast #military #ukraine #china #russia #politics #defensenews #OSINT
As we count down to the New Year, we're excited to share with you the first of our top five most popular content pieces of 2023.
With our blog and video versions, accompanied by a cheat sheet with a ready-made workflow, you'll have all you need to replicate the process and enhance your investigative efficiency.
Get your free resources now: https://www.maltego.com/blog/how-to-conduct-person-of-interest-investigations-using-osint-and-maltego/?utm_source=mastodon&utm_medium=social&utm_campaign=GOV&utm_content=maltego.com
Stay tuned for next week's reveal!
Toute l'équipe de Predicta Lab était au CBC - Cybersecurity Business Convention hier pour vous présenter nos services ainsi que notre outil #OSINT www.predictasearch.com.
Merci à tous les personnes qui ont participé à notre jeu concours, le gagnant sera annoncé dans la journée.
FjordPhantom Android malware uses virtualization to evade detection - https://www.redpacketsecurity.com/fjordphantom-android-malware-uses-virtualization-to-evade-detection/
Staples confirms cyberattack behind service outages, delivery issues - https://www.redpacketsecurity.com/staples-confirms-cyberattack-behind-service-outages-delivery-issues/
WhatsApp's new Secret Code feature hides your locked chats - https://www.redpacketsecurity.com/whatsapp-s-new-secret-code-feature-hides-your-locked-chats/
The @Bellingcat team recently hosted another hackathon and asked participants to:
- make public open data more accessible and useful
- visualize climate change and its consequences
- understand the visual culture of disinfo
The outcomes of the event are summarized in this post:
Dollar Tree hit by third-party data breach impacting 2 million people - https://www.redpacketsecurity.com/dollar-tree-hit-by-third-party-data-breach-impacting-million-people/
Demain, c'est le CBC - Cybersecurity Business Convention !
Toute la journée, venez découvrir sur le stand de Predicta Lab | Protect your digital life nos solutions #OSINT qui vous permettront un meilleur contrôle de votre empreinte numérique.
A 11h00, j'aurai la chance de donner une conférence sur la nécessité de maitriser l'empreinte numérique pour les personnes physiques ET morales !
The latest edition of my free newsletter looks at investigating munitions, how to build your own database, and what to do about the decline of Google Search results.
Plus, I recommend a couple of interesting academic articles: https://digitalinvestigations.substack.com/p/tools-and-tips-round-up-the-decline #osint #journalism
A YouTube channel has bought satellite imagery to count tanks in storage in Russia.
On average, Russia is losing about 75 tanks per month, but only about 57 tanks seem to be drawn from storage. This could indicate they are able to build around 18 new tanks per month as well.
However, with a net loss of 57 tanks per month, it is getting harder to keep up. This is why Russia is sending very old tank types to the frontline, as they are easier to renovate.
So there's an #OSINT account on #Twitter inciting violence (murder) against anyone resembling Hamas. Be careful if you're protesting and are Arab as they can't tell the difference. They are armed and they are killing on sight. Vermont is in the United States btw.
Also if you are in the west the news is being censored on #Google. This article is being suppressed despite going viral.
After what seems like a month or two long hiatus, it appears that @Tendar is actively posting on Mastodon again. He’s a great source of information on the war in #Ukraine. Give him a follow. Help encourage him to keep actively posting on Mastodon. Perhaps it will inspire others in the #OSINT and #NAFO community to post on Mastodon as well.
A number of things about this most recent capture is eyebrow raising. First, the vessel owned by Israeli citizen Eyal Ofer was carrying phosphoric acid which is a critical fertilizer component that could also be used to synthesize white phosphorus for bombs.
Second is the location of the capture in the Gulf of Aden, far from Houthi controlled waters.
Or do you think the dozens of operatives of Mossad and ShinBet in Gaza are criminally incompetent?
The location is basically #OSINT and they even released damning evidence, including calls complaining about the resource theft by Hamas from said hospital...
From Ukraine to Gaza, livestreams have proven one of the most effective sources for tracking fast-moving breaking news events. Open source researcher Aram Shabanian has put together a guide to finding livestreams to monitor crises and conflict, with some valuable tips on what not to do.
Ukraine has a lot of balls in the air. Congressional funding is on the line, Zelensky and his commanding General disagree about messaging/stalemate, and you have to wonder if the General might need a pep talk (or worse). I talk about that a lot in the podcast that just dropped.
There is a lot on the line for Ukraine -- and for the world -- and it feels like something big needs to happen. And happen fast.
#ukraine #russia #RussiaUkraineWar #nafo #fellas #osint
When slowed down the lie becomes unmistakable.
Now the question becomes, "who is lying to whom and why?"
I haven't been keep close track but this is at least the second or third time I've noticed Israeli officials attempt to pass off training footage as recent combat wins.
Two hours ago the Israeli Prime Minister's spokesperson posted a video on twitter which he claimed to be from recent IDF combat operations. Ofir states:
"A must watch: IDF attack dogs go after Hamas-ISIS terrorists inside their tunnels in the Gaza Strip and take them down.
Hear the terrorists scream."
Only problem though, is that the "terrorist" is clearly wearing a dog bite suit.
Incredibly important work by @ZekuZelalem documenting an atrocity in Ethiopia I'd never heard of through #OSINT, meticulous, detauled and horrifying.
Footage has been released this morning by the Hamas (Al-Qassam Brigades) showing the defenders of Gaza engaging IDF vehicles both in farm land and in urban spaces.
Here’s the latest podcast. A smart, sophisticated look at foreign policy affecting the United States, Ukraine, and the world, without the hyperventilating, ramping up of fear, or clickbait material.
Includes some motivation and words of encouragement at the end. (Timestamps available in episode notes.)
You can still join the 2-day training class "Practical Social Engineering & Open-source Intelligence for Security Teams" I will be delivering at this year's #DeepSec conference, in which you will...
🌐 Learn how attackers leverage OSINT to identify organizational vulnerabilities.
🎯 Understand the psychology and methodology behind social engineering attacks.
🔍 Acquire necessary skills & knowledge that will help you prevent and better simulate social engineering attack scenarios.
💼 Examine real-life case studies and attack methodologies.
📚 Build better protective measures, inform your security strategy, and learn to provide realistic insights to clients.
Date: 14 & 15 November 2023
Location: Vienna, Austria
⬇️ Course Content & Registration Details: https://deepsec.net/speaker.html#WSLOT626
I look forward to seeing you there!
Ein sehr interessantes Whitepaper zu #VPN hat das Fazit: "Of the 16 VPNs we analyzed, Mullvad, PIA, IVPN, and Mozilla VPN (which runs on Mullvad’s servers)—in that order—were among the highest ranked in both privacy and security. However, PIA has never had a public third-party security audit. #OPSEC #OSINT 1/x
Interesting bit of OSINT. Some numpty used my phone number on their Temu orders. I presume this is accidental. She orders quite a bit of stuff and the text messages as orders are dispatched and delivered are starting to get quite annoying.
However these SMS have links to track the order. Here comes the OSINT bit.
If I follow the tracking link in the SMS it takes me to a partially redacted version of her address. Counting characters I can figure out the county is Lincolnshire.
Google a list of towns in Lincolnshire and there are two starting with "sp". One has 7 characters, the other has 8. There are 8 characters in the partially redacted town name.
I then have the number and first 4 letters of the street address. Going into Google Maps I type in the town name and the partial street address. This gives me four possible hits including postcodes.
Now back to the Temu site, there is a link to the Evri parcel tracker. I have the tracking number but Evri just needs the postcode. Trying one post code after another I get it on the third try. Evri then gives me the full name and address. Bingo!
Typing the person's name and town in to Google, the first hit is her Facebook profile. Facebook gives me her photo, her husband's photo and photos of her two young kids. It also tells me where she works, her job title, which schools she went to, when she graduated and a list of nearly 20 family members. I wouldn't be surprised if the name of her first pet is in there too.
There is more about you on the internet than you might be aware of! Don't make all your personal information public folks.
(There might be some editing to this post as time comes along.)
Hi, I'm V'ger. If you want to know my real name, just ask. You might also be successful doing some #OSINT 😉
First things first: I have been suffering from #depression for more than a decade. This dark thing comes and goes as it sees fit. So I might be posting stuff regarding my personal monster.
Now the fun stuff; I am an #InfoSec professional from Germany and run this account on my own Mastodon instance.
I’ve asked KIU a few times to create an active account on Mastodon. Unfortunately every response has been “no”. I’m really not sure what KIU has against Mastodon. #OSINT
Just hear me out: if you're doing #OSINT and don't know what Finite Element Methods are, maybe you shouldn't be trusted by journalists to brainworm your way to conclusions about bombings. If you're a reader, perhaps you should even be concerned about why journalists are eager to outsource investigations to those with no accountability.
Where 20 people died. The footage was available nearly instantly. Photos everywhere.
So far, I have not seen images or video of a hospital destroyed with such power that 500 civilians died in #Gaza, as is being constantly circulated online today. I’ve seen a parking lot and burned cars. No smoking craters where the hospital was. #osint folks help?