#osint
Abyss Ransomware Victim: aurobindousa[.]com - https://www.redpacketsecurity.com/abyss-ransomware-victim-aurobindousa-com/
US govt sanctions North Korea’s Kimsuky hacking group - https://www.redpacketsecurity.com/us-govt-sanctions-north-koreas-kimsuky-hacking-group/
Cactus ransomware exploiting Qlik Sense flaws to breach networks - https://www.redpacketsecurity.com/cactus-ransomware-exploiting-qlik-sense-flaws-to-breach-networks/
Capital Health Hospitals hit by cyberattack causing IT outages - https://www.redpacketsecurity.com/capital-health-hospitals-hit-by-cyberattack-causing-it-outages/
Get 20% off Emsisoft's Enterprise Security EDR solution for the holidays - https://www.redpacketsecurity.com/get-off-emsisoft-s-enterprise-security-edr-solution-for-the-holidays/
Zyxel warns of multiple critical vulnerabilities in NAS devices - https://www.redpacketsecurity.com/zyxel-warns-of-multiple-critical-vulnerabilities-in-nas-devices/
LogoFAIL bugs in UEFI code allow planting bootkits via images - https://www.redpacketsecurity.com/logofail-bugs-in-uefi-code-allow-planting-bootkits-via-images/
Staples confirms cyberattack behind service outages, delivery issues - https://www.redpacketsecurity.com/staples-confirms-cyberattack-behind-service-outages-delivery-issues/
FjordPhantom Android malware uses virtualization to evade detection - https://www.redpacketsecurity.com/fjordphantom-android-malware-uses-virtualization-to-evade-detection/
WhatsApp's new Secret Code feature hides your locked chats - https://www.redpacketsecurity.com/whatsapp-s-new-secret-code-feature-hides-your-locked-chats/
Go Ninja - 4,999,001 breached accounts - https://www.redpacketsecurity.com/go-ninja-4-999-001-breached-accounts/
#databreach #HaveIBeenPwnedLatestBreaches #HIBP #OSINT #Security #threatintel #TroyHunt
Video del Webinar Gratuito: "Imágenes Forenses". #cybersecurity #hacking #readteam #bugbounty #forensics #osint 🆓 https://www.reydes.com/d/?q=videos_2019#wgif 🌐 https://www.youtube.com/watch?v=UojmKLx2kAQ
US-CERT Vulnerability Summary for the Week of November 20, 2023 - https://www.redpacketsecurity.com/cisa-vulnerability-summary-for-the-week-of-november-20-2023-4/
Windiff - Web-based Tool That Allows Comparing Symbol, Type And Syscall Information Of Microsoft Windows Binaries Across Different Versions Of The OS - https://www.redpacketsecurity.com/windiff-web-based-tool-that-allows-comparing-symbol-type-and-syscall-information-of-microsoft-windows-binaries-across-different-versions-of-the-os/
Oh discovered tonight that #osintcurious stopped in march this year ...
North Korea's Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks - https://www.redpacketsecurity.com/north-korea-s-lazarus-group-rakes-in-billion-from-cryptocurrency-hacks-2/
Google Unveils RETVec - Gmail's New Defense Against Spam and Malicious Emails - https://www.redpacketsecurity.com/google-unveils-retvec-gmail-s-new-defense-against-spam-and-malicious-emails-2/
CERTFR-2023-AVI-0985 : Multiples vulnérabilités dans Microsoft Edge (30 novembre 2023)
CERTFR-2023-AVI-0986 : Multiples vulnérabilités dans Tenable Nessus Network Monitor (30 novembre 2023)
Listening to Hannah Storm talk about it in a #Bellingcat stage talk about "Moral Injury" and "Vicarious Trauma". Very interesting talk that helps to put to words some of the impact I'm seeing from things in the #OSINT world along with just society and social media.
If you're curious check out the #Bellingcat podcast about it, or start here:
Medusa Locker Ransomware Victim: Chetu - https://www.redpacketsecurity.com/medusalocker-ransomware-victim-chetu/
Black Basta Ransomware Victim: jacobsfarmdelcabo[.]com - https://www.redpacketsecurity.com/black-basta-ransomware-victim-jacobsfarmdelcabo-com/
Black Basta Ransomware Victim: andersonandjones[.]com - https://www.redpacketsecurity.com/black-basta-ransomware-victim-andersonandjones-com/
Podcast Episode 11-30-23. In this edition, we primarily cover some recent action by U.S. troops, the horrendous fighting happening in Ukraine, a first that has happened against China, some new drone/tech news, and plenty of motivation and wisdom.
https://www.youtube.com/watch?v=EjAiQeZb6cA
#mil #podcast #military #ukraine #china #russia #politics #defensenews #OSINT
Video del Webinar Gratuito: "Guía de Pruebas de OWASP". #cybersecurity #hacking #readteam #bugbounty #forensics #osint 🆓 https://www.reydes.com/d/?q=videos_2019#wggpo 🌐 https://www.youtube.com/watch?v=kXfZqQY0rcg
CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks - https://www.redpacketsecurity.com/cactus-ransomware-exploits-qlik-sense-vulnerabilities-in-targeted-attacks-2/
This Free Solution Provides Essential Third-Party Risk Management for SaaS - https://www.redpacketsecurity.com/this-free-solution-provides-essential-third-party-risk-management-for-saas-2/
7 Uses for Generative AI to Enhance Security Operations - https://www.redpacketsecurity.com/uses-for-generative-ai-to-enhance-security-operations-2/
Ich glaube ich muß mich mit https://www.perplexity.ai/ näher befassen. Dort kann man Fragen stellen und sich z.B: auch Google Dorks bauen lassen. #OSINT
I really admire #google Japan's advertisment. Because #spyfamily and #osint both have some relations (gathering intelligence) to it. It makes me have a feeling of familiar 😉
The @Bellingcat team recently hosted another hackathon and asked participants to:
- make public open data more accessible and useful
- visualize climate change and its consequences
- understand the visual culture of disinfo
The outcomes of the event are summarized in this post:
VMware Tanzu Spring Boot denial of service | CVE-2023-34055 - https://www.redpacketsecurity.com/vmware-tanzu-spring-boot-denial-of-service-cve-2023-34055/
Trellix Enterprise Security Manager (ESM) server-side request forgery | CVE-2023-6070 - https://www.redpacketsecurity.com/trellix-enterprise-security-manager-esm-server-side-request-forgery-cve-2023-6070/
Jenkins MATLAB Plugin cross-site request forgery | CVE-2023-49655 - https://www.redpacketsecurity.com/jenkins-matlab-plugin-cross-site-request-forgery-cve-2023-49655/
Mattermost open redirect | CVE-2023-47168 - https://www.redpacketsecurity.com/mattermost-open-redirect-cve-2023-47168/
Meta Incubator Katran information disclosure | CVE-2023-49062 - https://www.redpacketsecurity.com/meta-incubator-katran-information-disclosure-cve-2023-49062/
Alumne LMS cross-site scripting | CVE-2023-6359 - https://www.redpacketsecurity.com/alumne-lms-cross-site-scripting-cve-2023-6359/
VMware Tanzu Reactor Netty denial of service | CVE-2023-34054 - https://www.redpacketsecurity.com/vmware-tanzu-reactor-netty-denial-of-service-cve-2023-34054/
M-Files Server security bypass | CVE-2023-6239 - https://www.redpacketsecurity.com/m-files-server-security-bypass-cve-2023-6239/
Jenkins MATLAB Plugin information disclosure | CVE-2023-49656 - https://www.redpacketsecurity.com/jenkins-matlab-plugin-information-disclosure-cve-2023-49656/
Jenkins MATLAB Plugin security bypass | CVE-2023-49654 - https://www.redpacketsecurity.com/jenkins-matlab-plugin-security-bypass-cve-2023-49654/
QOS.ch Sarl Logback denial of service | CVE-2023-6378 - https://www.redpacketsecurity.com/qos-ch-sarl-logback-denial-of-service-cve-2023-6378/
VMware Tanzu Spring Framework denial of service | CVE-2023-34053 - https://www.redpacketsecurity.com/vmware-tanzu-spring-framework-denial-of-service-cve-2023-34053/
Mit Hilfe der Webseite https://www.browserling.com/ kann man eine Webseite ansurfen ohne sie direkt aufzurufen. Dargestellt werden die Seiten in Android und Windows Versionen und unterschiedlichen Browsern von Chrome bis TOR #OSINT
The only OSINT tool you will ever need (ALL in one OSINT Tool)
https://www.youtube.com/watch?v=Aj0sWUvGbEY
Join @osintambition for more.
Mosint: Open-source automated email OSINT tool https://www.helpnetsecurity.com/2023/11/30/mosint-automated-email-osint-tool/ #opensource #Don'tmiss #Hotstuff #GitHub #email #OSINT #News
OSINT Tools for Analyzing Suspicious Emails
#osint #phishing #investigations #osinttools #cybersec #infosec
https://www.thunderbird.net/en-US/
https://www.virustotal.com/gui/
https://www.talosintelligence.com/
https://www.hybrid-analysis.com/
Follow @osintambition for more.
Dollar Tree hit by third-party data breach impacting 2 million people - https://www.redpacketsecurity.com/dollar-tree-hit-by-third-party-data-breach-impacting-million-people/
Video del Webinar Gratuito: "Hacking Ético". #cybersecurity #hacking #readteam #bugbounty #forensics #osint 🆓 https://www.reydes.com/d/?q=videos_2019#wghe 🌐 https://www.youtube.com/watch?v=kHd-0QKGIpw
HiddenDesktop - HVNC For Cobalt Strike - https://www.redpacketsecurity.com/hiddendesktop-hvnc-for-cobalt-strike/
MaccaroniC2 - A PoC Command And Control Framework That Utilizes The Powerful AsyncSSH - https://www.redpacketsecurity.com/maccaronic-a-poc-command-and-control-framework-that-utilizes-the-powerful-asyncssh/
Demain, c'est le CBC - Cybersecurity Business Convention !
Toute la journée, venez découvrir sur le stand de Predicta Lab | Protect your digital life nos solutions #OSINT qui vous permettront un meilleur contrôle de votre empreinte numérique.
A 11h00, j'aurai la chance de donner une conférence sur la nécessité de maitriser l'empreinte numérique pour les personnes physiques ET morales !
Das Verification Handbook gibt es in der Version 3 auch auf Deutsch. Hatte es nicht mitbekommen. Danke @twone2 für den Hinweis. #OSINT
https://datajournalism.com/read/handbook/verification-3
https://datajournalismcom.s3.eu-central-1.amazonaws.com/handbooks/Verification-Handbook-3-DE.pdf
Nachdem eine Bekannte meinte dass sie Probleme beim Installieren von Ghunt2 hat, hab ich dazu ein kleines Video gedreht. Die Anleitung auf der Ghunt Seite hat bei mir auch nicht funktioniert. #OSINT https://youtu.be/4VkAregT580
Video del Webinar Gratuito: "Shell Bash para Pentesting". #cybersecurity #hacking #readteam #bugbounty #forensics #osint 🆓 https://www.reydes.com/d/?q=videos_2018#wgsbpt 🌐 https://www.youtube.com/watch?v=UhV-tBtuaug
Video del Webinar Gratuito: "Capturar Tráfico de Red". #cybersecurity #hacking #readteam #bugbounty #forensics #osint 🆓 https://www.reydes.com/d/?q=videos_2018#wgctr 🌐 https://www.youtube.com/watch?v=ZVwwYwIiKrE
Überflüssiger Tröt, weil jeder, der dem Hashtag #osint folgt, ohnehin den Newsletter von @craigsilverman folgt - aber diese Ausgabe lohnt sich allein schon wegen des Tipps mit dem Google-Recherche-GPT-Bot von @henkvaness. https://digitalinvestigations.substack.com/p/tools-and-tips-round-up-the-decline
En replay dans #Abonnezvous, l'émission Twitch de @Mediapart un échange de 2h avec Sebastien Bourdon sur les enquêtes en sources ouvertes #OSINT notamment sur l’extreme droite et les néonazis dans l'armée française https://youtu.be/5BLBGvwbWTE?si=vdJmlJytMVXjv98T
The latest edition of my free newsletter looks at investigating munitions, how to build your own database, and what to do about the decline of Google Search results.
Plus, I recommend a couple of interesting academic articles: https://digitalinvestigations.substack.com/p/tools-and-tips-round-up-the-decline #osint #journalism
Video del Webinar Gratuito: "Burp Suite". #cybersecurity #hacking #readteam #bugbounty #forensics #osint 🆓 https://www.reydes.com/d/?q=videos_2018#wgbs 🌐 https://www.youtube.com/watch?v=S2f4KNnzbEY
Calling all China-OSINT enthusiasts to check out our blog - all things Chinese OSINT methods, tools, techniques, and strategies. #blog #osint #hacking #china #research #investigation #epcyber http://epcyber.com/blog
A YouTube channel has bought satellite imagery to count tanks in storage in Russia.
On average, Russia is losing about 75 tanks per month, but only about 57 tanks seem to be drawn from storage. This could indicate they are able to build around 18 new tanks per month as well.
However, with a net loss of 57 tanks per month, it is getting harder to keep up. This is why Russia is sending very old tank types to the frontline, as they are easier to renovate.
Web Path Finder is a #Python program that provides information about a website. It retrieves various details such as page title, last updated date, DNS information, subdomains, firewall names, technologies used, certificate information, and more
So there's an #OSINT account on #Twitter inciting violence (murder) against anyone resembling Hamas. Be careful if you're protesting and are Arab as they can't tell the difference. They are armed and they are killing on sight. Vermont is in the United States btw.
Also if you are in the west the news is being censored on #Google. This article is being suppressed despite going viral.
After what seems like a month or two long hiatus, it appears that @Tendar is actively posting on Mastodon again. He’s a great source of information on the war in #Ukraine. Give him a follow. Help encourage him to keep actively posting on Mastodon. Perhaps it will inspire others in the #OSINT and #NAFO community to post on Mastodon as well.
A number of things about this most recent capture is eyebrow raising. First, the vessel owned by Israeli citizen Eyal Ofer was carrying phosphoric acid which is a critical fertilizer component that could also be used to synthesize white phosphorus for bombs.
Second is the location of the capture in the Gulf of Aden, far from Houthi controlled waters.
Just sharing to bookmark.
Airwars has created a large database of munitions for use in Open Source Intelligence #OSINT gathering and analysis
The Open Source Munitions Portal
https://osmp.airwars.org/
Microsoft .NET, .NET Framework and Visual Studio privilege escalation | CVE-2023-36049 - https://www.redpacketsecurity.com/microsoft-net-net-framework-and-visual-studio-privilege-escalation-cve-2023-36049-5/
So everyone in #HackerSecretSanta: you have your pairings.
Go forth and #OSINT!
An #OSINT Geolocalization tool for #Telegram that find nearby users and groups 📡🌍🔍 https://github.com/Alb-310/Geogramint
Avito - 2,721,835 breached accounts - https://www.redpacketsecurity.com/avito-2-721-835-breached-accounts/
#databreach #HaveIBeenPwnedLatestBreaches #HIBP #OSINT #Security #threatintel #TroyHunt
@chargrille and yes, #Hamas does what is alleged...
Or do you think the dozens of operatives of Mossad and ShinBet in Gaza are criminally incompetent?
The location is basically #OSINT and they even released damning evidence, including calls complaining about the resource theft by Hamas from said hospital...
Chocolate Time! 🍫❤️
🕵️ #OSINT Exercise #021 is now out!
🌡️Level: Beginners: Easy; Experts: Easy.
⏰Solution with full walkthrough will be uploaded to YouTube at some point 😅
🙊Have fun and no spoilers!
From Ukraine to Gaza, livestreams have proven one of the most effective sources for tracking fast-moving breaking news events. Open source researcher Aram Shabanian has put together a guide to finding livestreams to monitor crises and conflict, with some valuable tips on what not to do.
Ukraine has a lot of balls in the air. Congressional funding is on the line, Zelensky and his commanding General disagree about messaging/stalemate, and you have to wonder if the General might need a pep talk (or worse). I talk about that a lot in the podcast that just dropped.
There is a lot on the line for Ukraine -- and for the world -- and it feels like something big needs to happen. And happen fast.
https://podcasts.apple.com/gb/podcast/podcast-episode-11-9-23/id1635012649?i=1000634245690
#ukraine #russia #RussiaUkraineWar #nafo #fellas #osint
Posting to #bookmark this resource for #OSINT incident investigation.
"Airwars is a not-for-profit transparency watchdog which tracks, assesses, archives and investigates civilian harm claims in conflict-affected nations."
It takes a little time, but for incidents where civilian casualties in a conflict zone are claimed, they research the incident and try to quantify and identify the victims.
If a real #journalist was ever interested in investigating claims by countries that said airstrike "killed [x] terrorists" this would be a good place to start.
...but uploading pictures from the interior areas was permitted? 🥲
Another reason why checking Google Reviews when conducting OSINT on a facility provides you with something almost every time.
#socialengineering #osint
@sandofsky Upper West Side, New York City near the Belnord Apartments ? #OSINT
About that boat tracking system and port schedule page that seemed to have lost track of the ship 🤔
It's clear from on the ground reporting that the ship was in port this morning.
📸 @GuyOron@twitter.com
Video has recently emerged of an Israeli air defense missile failure.
I'm starting to see why Israel keeps publishing training footage and claiming its recent 🤔
When slowed down the lie becomes unmistakable.
Now the question becomes, "who is lying to whom and why?"
I haven't been keep close track but this is at least the second or third time I've noticed Israeli officials attempt to pass off training footage as recent combat wins.
Two hours ago the Israeli Prime Minister's spokesperson posted a video on twitter which he claimed to be from recent IDF combat operations. Ofir states:
"A must watch: IDF attack dogs go after Hamas-ISIS terrorists inside their tunnels in the Gaza Strip and take them down.
Hear the terrorists scream."
Only problem though, is that the "terrorist" is clearly wearing a dog bite suit.
Incredibly important work by @ZekuZelalem documenting an atrocity in Ethiopia I'd never heard of through #OSINT, meticulous, detauled and horrifying.
https://dair-community.social/@ZekuZelalem/111349933061276063
Footage has been released this morning by the Hamas (Al-Qassam Brigades) showing the defenders of Gaza engaging IDF vehicles both in farm land and in urban spaces.
Don't listen the US politicians, they gonna waste a ton of tax payer money only to loose a war to a handful of guys in some tunnels.
Here’s the latest podcast. A smart, sophisticated look at foreign policy affecting the United States, Ukraine, and the world, without the hyperventilating, ramping up of fear, or clickbait material.
Includes some motivation and words of encouragement at the end. (Timestamps available in episode notes.)
https://podcasts.apple.com/gb/podcast/podcast-episode-11-2-23/id1635012649?i=1000633464679
Last Call For Registrations!
In 2 weeks we will be meeting in Vienna for a deep dive into #SocialEngineering & #OSINT!
You can still join the 2-day training class "Practical Social Engineering & Open-source Intelligence for Security Teams" I will be delivering at this year's #DeepSec conference, in which you will...
🌐 Learn how attackers leverage OSINT to identify organizational vulnerabilities.
🎯 Understand the psychology and methodology behind social engineering attacks.
🔍 Acquire necessary skills & knowledge that will help you prevent and better simulate social engineering attack scenarios.
💼 Examine real-life case studies and attack methodologies.
📚 Build better protective measures, inform your security strategy, and learn to provide realistic insights to clients.
Date: 14 & 15 November 2023
Location: Vienna, Austria
⬇️ Course Content & Registration Details: https://deepsec.net/speaker.html#WSLOT626
I look forward to seeing you there!
#socialengineeringtraining #cybersecurity #opensourceintelligence #osinttraining #infosectraining #infosec #deepsec2023
@trunkfriends@mastodon.social nice so is it pulling all users on the serve or just people you follow specifically?
ie. can I enter a popular person on fediverses username as my own and pull the user list of all the people they follow? as a security concern mostly.
#OSINT #security
Ein sehr interessantes Whitepaper zu #VPN hat das Fazit: "Of the 16 VPNs we analyzed, Mullvad, PIA, IVPN, and Mozilla VPN (which runs on Mullvad’s servers)—in that order—were among the highest ranked in both privacy and security. However, PIA has never had a public third-party security audit. #OPSEC #OSINT 1/x
https://innovation.consumerreports.org/wp-content/uploads/2021/12/VPN-White-Paper.pdf
🚨 New video: My name is Robert, Baptiste Robert
This week, I found the location of James Bond in the opening scene of Spectre
#osint #geoint #Geography #JamesBond #Spectre
https://www.tiktok.com/@baptisterobertoff/video/7294680418580827425
Interesting bit of OSINT. Some numpty used my phone number on their Temu orders. I presume this is accidental. She orders quite a bit of stuff and the text messages as orders are dispatched and delivered are starting to get quite annoying.
However these SMS have links to track the order. Here comes the OSINT bit.
If I follow the tracking link in the SMS it takes me to a partially redacted version of her address. Counting characters I can figure out the county is Lincolnshire.
Google a list of towns in Lincolnshire and there are two starting with "sp". One has 7 characters, the other has 8. There are 8 characters in the partially redacted town name.
I then have the number and first 4 letters of the street address. Going into Google Maps I type in the town name and the partial street address. This gives me four possible hits including postcodes.
Now back to the Temu site, there is a link to the Evri parcel tracker. I have the tracking number but Evri just needs the postcode. Trying one post code after another I get it on the third try. Evri then gives me the full name and address. Bingo!
Typing the person's name and town in to Google, the first hit is her Facebook profile. Facebook gives me her photo, her husband's photo and photos of her two young kids. It also tells me where she works, her job title, which schools she went to, when she graduated and a list of nearly 20 family members. I wouldn't be surprised if the name of her first pet is in there too.
There is more about you on the internet than you might be aware of! Don't make all your personal information public folks.
#Introduction Post
(There might be some editing to this post as time comes along.)
Hi, I'm V'ger. If you want to know my real name, just ask. You might also be successful doing some #OSINT 😉
First things first: I have been suffering from #depression for more than a decade. This dark thing comes and goes as it sees fit. So I might be posting stuff regarding my personal monster.
Now the fun stuff; I am an #InfoSec professional from Germany and run this account on my own Mastodon instance.
1/2
I’ve asked KIU a few times to create an active account on Mastodon. Unfortunately every response has been “no”. I’m really not sure what KIU has against Mastodon. #OSINT
Just hear me out: if you're doing #OSINT and don't know what Finite Element Methods are, maybe you shouldn't be trusted by journalists to brainworm your way to conclusions about bombings. If you're a reader, perhaps you should even be concerned about why journalists are eager to outsource investigations to those with no accountability.
Amazing what you'll find in the wild on Discord servers.
Just over a year ago, #Russia literally bombed and destroyed a crowded shopping mall in mid-day in an urban area of east-central #Ukraine.
Where 20 people died. The footage was available nearly instantly. Photos everywhere.
So far, I have not seen images or video of a hospital destroyed with such power that 500 civilians died in #Gaza, as is being constantly circulated online today. I’ve seen a parking lot and burned cars. No smoking craters where the hospital was. #osint folks help?
Calling the explosion on the Ahli hospital's car park (next to a lawn where upwards of a thousand Palestinians were seeking refuge) an "attack" — referring to an intentional act — was a little hasty and unhelpful by a #Unicef director no less. The territory of the incident (Gaza) and *claimed* "intent" can only implicate the #IDF.
The Palestinian jihadists, naturally, instantly blamed Israel for the "attack" and within hours the usual networks along with much of the media (including presumably *all* of the regional islamic media) had apportioned guilt and lynching parties were being formed on the "Arab street".
Yet #OSINT accounts — with visual and geolocating evidence trickling in — found no evidence of Israeli involvement. The netanyahu regime and even the IDF have in the past committed criminal acts which, after denials, the OSINT analysts have proven to have been their responsibility.
In this tragic case of mass casualties *all* the evidence really points at one in a volley of PIJ (Hamas allies Palestinian Islamic Jihad) unguided rockets failing soon after launch and landing on that hospital car park, still carrying and spilling most of its unspent propellant fuel, with the rocket's explosion also leading to secondary explosions of the surrounding cars.
Parroting science-illiterate jihadist propaganda only fuels those jihadists' agenda and does nothing to help the Palestinian cause. If anything positive comes from this tragedy it's given us a way to distinguish malignant propagandists from genuine seekers of solutions.
On the sad state of #osint on the bird site:
“But what the current war in Israel and Gaza has made clear in recent days is that there are many verified, popular accounts on Twitter that use the OSINT term to give legitimacy to shoddy work that only creates more confusion. What exists now is a profit and engagement driven ecosystem of non-experts who in some cases may be spreading videos for the clout and cash, rather than to inform readers about what is actually true.”